diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index dc43961c6..68a8b0819 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -1694,6 +1694,49 @@ } } }, + "v1.Condition": { + "required": [ + "type", + "status", + "lastHeartbeatTime", + "lastTransitionTime" + ], + "properties": { + "lastHeartbeatTime": { + "description": "last time we got an update on a given condition", + "type": "string" + }, + "lastProbeTime": { + "type": [ + "string", + "null" + ] + }, + "lastTransitionTime": { + "description": "last time the condition transit from one status to another", + "type": [ + "string", + "null" + ] + }, + "message": { + "description": "human-readable message indicating details about last transition", + "type": "string" + }, + "reason": { + "description": "one-word CamelCase reason for the condition's last transition", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown", + "type": "string" + }, + "type": { + "description": "type of condition ie. Available|Progressing|Degraded.", + "type": "string" + } + } + }, "v1.DeleteOptions": { "description": "DeleteOptions may be provided when deleting an API object.", "properties": { @@ -2215,39 +2258,6 @@ } } }, - "v1alpha1.CDICondition": { - "description": "CDICondition represents a condition of a CDI deployment", - "required": [ - "type", - "status" - ], - "properties": { - "lastProbeTime": { - "type": [ - "string", - "null" - ] - }, - "lastTransitionTime": { - "type": [ - "string", - "null" - ] - }, - "message": { - "type": "string" - }, - "reason": { - "type": "string" - }, - "status": { - "type": "string" - }, - "type": { - "type": "string" - } - } - }, "v1alpha1.CDIList": { "description": "CDIList provides the needed parameters to do request a list of CDIs from the system\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object", "required": [ @@ -2295,7 +2305,7 @@ "conditions": { "type": "array", "items": { - "$ref": "#/definitions/v1alpha1.CDICondition" + "$ref": "#/definitions/v1.Condition" } }, "observedVersion": { diff --git a/cluster-sync/install.sh b/cluster-sync/install.sh index 1b2bdf30e..7b563e9ec 100644 --- a/cluster-sync/install.sh +++ b/cluster-sync/install.sh @@ -46,11 +46,11 @@ function wait_cdi_crd_installed { while [ $crd_defined -eq 0 ] && [ $timeout > 0 ]; do crd_defined=$(_kubectl get customresourcedefinition| grep cdis.cdi.kubevirt.io | wc -l) sleep 1 - timeout=timeout-1 + timeout=$(($timeout-1)) done #In case CDI crd is not defined after 120s - throw error - if [ $timeout \< 1 ]; then + if [ $crd_defined -eq 0 ]; then echo "ERROR - CDI CRD is not defined after timeout" exit 1 fi diff --git a/cluster-sync/sync.sh b/cluster-sync/sync.sh index acc1c8ba0..a2991b1fb 100755 --- a/cluster-sync/sync.sh +++ b/cluster-sync/sync.sh @@ -16,6 +16,7 @@ CDI_INSTALL_OLM="install-olm" CDI_INSTALL=${CDI_INSTALL:-${CDI_INSTALL_OPERATOR}} CDI_INSTALL_TIMEOUT=${CDI_INSTALL_TIMEOUT:-120} CDI_NAMESPACE=${CDI_NAMESPACE:-cdi} +CDI_INSTALL_TIMEOUT=${CDI_INSTALL_TIMEOUT:-120} # Set controller verbosity to 3 for functional tests. export VERBOSITY=3 @@ -50,7 +51,7 @@ install_cdi wait_cdi_crd_installed $CDI_INSTALL_TIMEOUT _kubectl apply -f "./_out/manifests/release/cdi-cr.yaml" -_kubectl wait cdis.cdi.kubevirt.io/cdi --for=condition=running --timeout=120s +_kubectl wait cdis.cdi.kubevirt.io/cdi --for=condition=Available --timeout=120s # Start functional test HTTP server. diff --git a/glide.lock b/glide.lock index c27113e11..50b623521 100644 --- a/glide.lock +++ b/glide.lock @@ -1,8 +1,8 @@ -hash: 3b7f147f88ea81ed85e278d641744b9540e6a601f9872e5151f488299bbaa167 -updated: 2019-06-27T09:01:47.768925038Z +hash: 6d9aa23aeb785737d22d17f3836b7e46f6d3cd439d2b873712a606f79bfb2643 +updated: 2019-08-27T17:27:30.454287513Z imports: - name: github.com/appscode/jsonpatch - version: e8422f09d27ee2c8cfb2c7f8089eb9eeb0764849 + version: 7c0e3b262f30165a8ec3d0b4c6059fd92703bfb2 - name: github.com/asaskevich/govalidator version: f9ffefc3facfbe0caee3fea233cbb6e8208f4541 - name: github.com/beorn7/perks @@ -35,11 +35,11 @@ imports: - bson - internal/json - name: github.com/go-ini/ini - version: 3be5ad479f69d4e08d7fe25edf79bf3346bd658e + version: 8fe474341f7eedd6804eda75896c8f3e4b5dc36a - name: github.com/go-logr/logr - version: 9fb12b3b21c5415d16ac18dc5cd42c1cfdd40c4e + version: d63354a31b29a1af26833a7648428060001b5049 - name: github.com/go-logr/zapr - version: 03f06a783fbb7dfaf3f629c7825480e43a7105e6 + version: 2e515ec1daf7eefda8c24da3185e3967b306f957 - name: github.com/go-openapi/analysis version: c701774f4e604d952e4e8c56dee260be696e33c3 subpackages: @@ -80,7 +80,7 @@ imports: subpackages: - lru - name: github.com/golang/mock - version: 140ae90f29eaaadc229f8d4b78f074b7f0611c1e + version: dd8d2a22370e4c8a334e80ca8477f71356c8e4bb subpackages: - gomock - name: github.com/golang/protobuf @@ -102,7 +102,7 @@ imports: - compiler - extensions - name: github.com/gorilla/mux - version: ed099d42384823742bba0bf9a72b53b55c9e2e38 + version: 00bdffe0f3c77e27d2cf6f5c70232a2d3e4d9c15 - name: github.com/gregjones/httpcache version: 787624de3eb7bd915c329cba748687a3b22666a6 subpackages: @@ -178,7 +178,7 @@ imports: - reporters/stenographer/support/go-isatty - types - name: github.com/onsi/gomega - version: efe19c39ca106ee4ed42a1b25e1a80a53be4831a + version: beea7276191eede26d9cd14df7ab50f0a5c9f25f subpackages: - format - gbytes @@ -214,6 +214,10 @@ imports: - security/clientset/versioned - security/clientset/versioned/scheme - security/clientset/versioned/typed/security/v1 +- name: github.com/openshift/custom-resource-status + version: e62f2f3b79f33792b153e767811f420c1d457b31 + subpackages: + - conditions/v1 - name: github.com/operator-framework/go-appr version: f2aef88446f2a736fcb18db8ae57d708c52fdad0 subpackages: @@ -350,7 +354,7 @@ imports: subpackages: - rate - name: google.golang.org/appengine - version: b2f4a3cf3c67576a2ee09e1fe62656a5086ce880 + version: fb139bde60fa77cede04f226b4d5a3cf68dcce27 subpackages: - internal - internal/base @@ -368,6 +372,7 @@ imports: subpackages: - cipher - json + - jwt - name: gopkg.in/tomb.v1 version: c131134a1947e9afd9cecfe11f4c6dff0732ae58 - name: gopkg.in/yaml.v2 @@ -457,6 +462,7 @@ imports: - pkg/util/httpstream/spdy - pkg/util/intstr - pkg/util/json + - pkg/util/jsonmergepatch - pkg/util/mergepatch - pkg/util/naming - pkg/util/net @@ -662,7 +668,7 @@ imports: - name: k8s.io/code-generator version: c2090bec4d9b1fb25de3812f868accc2bc9ecbae - name: k8s.io/gengo - version: e17681d19d3ac4837a019ece36c2a0ec31ffe985 + version: a874a240740c2ae854082ec73d46c5efcedd2149 - name: k8s.io/klog version: 8139d8cb77af419532b33dfa7dd09fbc5f1d344f - name: k8s.io/kube-aggregator @@ -725,7 +731,7 @@ imports: - pkg/webhook/internal/metrics - pkg/webhook/types - name: sigs.k8s.io/testing_frameworks - version: 57f07443c2d47d9c7f932a9a4fc87fbf3408215d + version: b6c33f574b5885e28314cb115cec0d3888e78ef1 subpackages: - integration - integration/addr diff --git a/glide.yaml b/glide.yaml index b6d9a8d84..045d5f282 100644 --- a/glide.yaml +++ b/glide.yaml @@ -64,3 +64,7 @@ import: version: rebase-1.13.4 - package: github.com/kubernetes-csi/external-snapshotter/pkg/apis version: e49856eb417cbafa51e5a3fb3bd0ac9e31ab1873 +- package: github.com/openshift/custom-resource-status + version: e62f2f3b79f33792b153e767811f420c1d457b31 +- package: github.com/appscode/jsonpatch + version: release-1.0 diff --git a/pkg/apis/core/v1alpha1/deepcopy_generated.go b/pkg/apis/core/v1alpha1/deepcopy_generated.go index 5bb118660..83abb799c 100644 --- a/pkg/apis/core/v1alpha1/deepcopy_generated.go +++ b/pkg/apis/core/v1alpha1/deepcopy_generated.go @@ -21,7 +21,8 @@ limitations under the License. package v1alpha1 import ( - v1 "k8s.io/api/core/v1" + v1 "github.com/openshift/custom-resource-status/conditions/v1" + corev1 "k8s.io/api/core/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -53,24 +54,6 @@ func (in *CDI) DeepCopyObject() runtime.Object { return nil } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CDICondition) DeepCopyInto(out *CDICondition) { - *out = *in - in.LastProbeTime.DeepCopyInto(&out.LastProbeTime) - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDICondition. -func (in *CDICondition) DeepCopy() *CDICondition { - if in == nil { - return nil - } - out := new(CDICondition) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CDIConfig) DeepCopyInto(out *CDIConfig) { *out = *in @@ -233,7 +216,7 @@ func (in *CDIStatus) DeepCopyInto(out *CDIStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]CDICondition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -460,7 +443,7 @@ func (in *DataVolumeSpec) DeepCopyInto(out *DataVolumeSpec) { in.Source.DeepCopyInto(&out.Source) if in.PVC != nil { in, out := &in.PVC, &out.PVC - *out = new(v1.PersistentVolumeClaimSpec) + *out = new(corev1.PersistentVolumeClaimSpec) (*in).DeepCopyInto(*out) } return diff --git a/pkg/apis/core/v1alpha1/openapi_generated.go b/pkg/apis/core/v1alpha1/openapi_generated.go index ceecea8bb..9e069161f 100644 --- a/pkg/apis/core/v1alpha1/openapi_generated.go +++ b/pkg/apis/core/v1alpha1/openapi_generated.go @@ -30,7 +30,6 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1.CDI": schema_pkg_apis_core_v1alpha1_CDI(ref), - "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1.CDICondition": schema_pkg_apis_core_v1alpha1_CDICondition(ref), "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1.CDIConfig": schema_pkg_apis_core_v1alpha1_CDIConfig(ref), "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1.CDIConfigList": schema_pkg_apis_core_v1alpha1_CDIConfigList(ref), "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1.CDIConfigSpec": schema_pkg_apis_core_v1alpha1_CDIConfigSpec(ref), @@ -97,56 +96,6 @@ func schema_pkg_apis_core_v1alpha1_CDI(ref common.ReferenceCallback) common.Open } } -func schema_pkg_apis_core_v1alpha1_CDICondition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CDICondition represents a condition of a CDI deployment", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "lastProbeTime": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - func schema_pkg_apis_core_v1alpha1_CDIConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -388,7 +337,7 @@ func schema_pkg_apis_core_v1alpha1_CDIStatus(ref common.ReferenceCallback) commo Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1.CDICondition"), + Ref: ref("github.com/openshift/custom-resource-status/conditions/v1.Condition"), }, }, }, @@ -416,7 +365,7 @@ func schema_pkg_apis_core_v1alpha1_CDIStatus(ref common.ReferenceCallback) commo }, }, Dependencies: []string{ - "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1.CDICondition"}, + "github.com/openshift/custom-resource-status/conditions/v1.Condition"}, } } diff --git a/pkg/apis/core/v1alpha1/types.go b/pkg/apis/core/v1alpha1/types.go index 0f0a593f9..be42732dd 100644 --- a/pkg/apis/core/v1alpha1/types.go +++ b/pkg/apis/core/v1alpha1/types.go @@ -23,6 +23,8 @@ package v1alpha1 import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + conditions "github.com/openshift/custom-resource-status/conditions/v1" ) // DataVolume provides a representation of our data volume @@ -204,11 +206,11 @@ type CDIPhase string // CDIStatus defines the status of the CDI installation type CDIStatus struct { - Phase CDIPhase `json:"phase,omitempty"` - Conditions []CDICondition `json:"conditions,omitempty" optional:"true"` - OperatorVersion string `json:"operatorVersion,omitempty" optional:"true"` - TargetVersion string `json:"targetVersion,omitempty" optional:"true"` - ObservedVersion string `json:"observedVersion,omitempty" optional:"true"` + Phase CDIPhase `json:"phase,omitempty"` + Conditions []conditions.Condition `json:"conditions,omitempty" optional:"true"` + OperatorVersion string `json:"operatorVersion,omitempty" optional:"true"` + TargetVersion string `json:"targetVersion,omitempty" optional:"true"` + ObservedVersion string `json:"observedVersion,omitempty" optional:"true"` } const ( @@ -226,24 +228,9 @@ const ( // CDIPhaseError signals that the CDI deployment is in an error state CDIPhaseError CDIPhase = "Error" -) -// CDICondition represents a condition of a CDI deployment -type CDICondition struct { - Type CDIConditionType `json:"type"` - Status corev1.ConditionStatus `json:"status"` - LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"` - LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"` - Reason string `json:"reason,omitempty"` - Message string `json:"message,omitempty"` -} - -// CDIConditionType is the type of CDI condition -type CDIConditionType string - -const ( - // CDIConditionRunning means the CDI deployment is up/ready/healthy - CDIConditionRunning CDIConditionType = "Running" + // CDIPhaseUpgrading signals that the CDI resources are being deployed + CDIPhaseUpgrading CDIPhase = "Upgrading" ) //CDIList provides the needed parameters to do request a list of CDIs from the system diff --git a/pkg/apis/core/v1alpha1/types_swagger_generated.go b/pkg/apis/core/v1alpha1/types_swagger_generated.go index 4d500da9a..bd8b5f543 100644 --- a/pkg/apis/core/v1alpha1/types_swagger_generated.go +++ b/pkg/apis/core/v1alpha1/types_swagger_generated.go @@ -99,12 +99,6 @@ func (CDIStatus) SwaggerDoc() map[string]string { } } -func (CDICondition) SwaggerDoc() map[string]string { - return map[string]string{ - "": "CDICondition represents a condition of a CDI deployment", - } -} - func (CDIList) SwaggerDoc() map[string]string { return map[string]string{ "": "CDIList provides the needed parameters to do request a list of CDIs from the system\n+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object", diff --git a/pkg/operator/controller/controller.go b/pkg/operator/controller/controller.go index 7062d60f1..cd7824f8d 100644 --- a/pkg/operator/controller/controller.go +++ b/pkg/operator/controller/controller.go @@ -46,6 +46,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/source" "github.com/kelseyhightower/envconfig" + conditions "github.com/openshift/custom-resource-status/conditions/v1" cdiv1alpha1 "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1" "kubevirt.io/containerized-data-importer/pkg/operator" @@ -159,11 +160,16 @@ func (r *ReconcileCDI) Reconcile(request reconcile.Request) (reconcile.Result, e // let's try to create stuff if cr.Status.Phase == "" { reqLogger.Info("Doing reconcile create") - return r.reconcileCreate(reqLogger, cr) + res, createErr := r.reconcileCreate(reqLogger, cr) + // Always update conditions after a create. + err = r.client.Update(context.TODO(), cr) + if err != nil { + return reconcile.Result{}, err + } + return res, createErr } reqLogger.Info("Reconciling to error state, no configmap") - // we are in a weird state return r.reconcileError(reqLogger, cr) } @@ -171,14 +177,27 @@ func (r *ReconcileCDI) Reconcile(request reconcile.Request) (reconcile.Result, e // do we even care about this CR? if !metav1.IsControlledBy(configMap, cr) { reqLogger.Info("Reconciling to error state, unwanted CDI object") - return r.reconcileError(reqLogger, cr) } + currentConditionValues := GetConditionValues(cr.Status.Conditions) reqLogger.Info("Doing reconcile update") - // should be the usual case - return r.reconcileUpdate(reqLogger, cr) + existingAvailableCondition := conditions.FindStatusCondition(cr.Status.Conditions, conditions.ConditionAvailable) + if existingAvailableCondition != nil { + // should be the usual case + MarkCrHealthyMessage(cr, existingAvailableCondition.Reason, existingAvailableCondition.Message) + } else { + MarkCrHealthyMessage(cr, "", "") + } + + res, err := r.reconcileUpdate(reqLogger, cr) + if conditionsChanged(currentConditionValues, GetConditionValues(cr.Status.Conditions)) { + if err := r.crUpdate(cr.Status.Phase, cr); err != nil { + return reconcile.Result{}, err + } + } + return res, err } func shouldTakeUpdatePath(logger logr.Logger, targetVersion, currentVersion string) (bool, error) { @@ -219,14 +238,17 @@ func shouldTakeUpdatePath(logger logr.Logger, targetVersion, currentVersion stri } func (r *ReconcileCDI) reconcileCreate(logger logr.Logger, cr *cdiv1alpha1.CDI) (reconcile.Result, error) { + MarkCrDeploying(cr, "DeployStarted", "Started Deployment") // claim the configmap if err := r.createConfigMap(cr); err != nil { + MarkCrFailed(cr, "ConfigError", "Unable to claim ConfigMap") return reconcile.Result{}, err } logger.Info("ConfigMap created successfully") if err := r.crInit(cr); err != nil { + MarkCrFailed(cr, "CrInitError", "Unable to Initialize CR") return reconcile.Result{}, err } @@ -251,9 +273,9 @@ func (r *ReconcileCDI) checkUpgrade(logger logr.Logger, cr *cdiv1alpha1.CDI) err if isUpgrade && !r.isUpgrading(cr) { logger.Info("Observed version is not target version. Begin upgrade", "Observed version ", cr.Status.ObservedVersion, "TargetVersion", r.namespacedArgs.DockerTag) + MarkCrUpgradeHealingDegraded(cr, "UpgradeStarted", fmt.Sprintf("Started upgrade to version %s", r.namespacedArgs.DockerTag)) cr.Status.TargetVersion = r.namespacedArgs.DockerTag - //Here phase has to be upgrading - this is to be handled in dedicated pr - if err := r.crUpdate(cdiv1alpha1.CDIPhaseDeploying, cr); err != nil { + if err := r.crUpdate(cdiv1alpha1.CDIPhaseUpgrading, cr); err != nil { return err } } @@ -371,6 +393,7 @@ func (r *ReconcileCDI) reconcileUpdate(logger logr.Logger, cr *cdiv1alpha1.CDI) if cr.Status.Phase != cdiv1alpha1.CDIPhaseDeployed && !r.isUpgrading(cr) { //We are not moving to Deployed phase until new operator deployment is ready in case of Upgrade cr.Status.ObservedVersion = r.namespacedArgs.DockerTag + MarkCrHealthyMessage(cr, "DeployCompleted", "Deployment Completed") if err = r.crUpdate(cdiv1alpha1.CDIPhaseDeployed, cr); err != nil { return reconcile.Result{}, err } @@ -378,20 +401,16 @@ func (r *ReconcileCDI) reconcileUpdate(logger logr.Logger, cr *cdiv1alpha1.CDI) logger.Info("Successfully entered Deployed state") } - ready, err := r.checkReady(logger, cr) + degraded, err := r.checkDegraded(logger, cr) if err != nil { return reconcile.Result{}, err } - if ready { - logger.Info("Operator is ready!!") + if !degraded && r.isUpgrading(cr) { + logger.Info("Completing upgrade process...") - if r.isUpgrading(cr) { - logger.Info("Completing upgrade process...") - - if err = r.completeUpgrade(logger, cr); err != nil { - return reconcile.Result{}, err - } + if err = r.completeUpgrade(logger, cr); err != nil { + return reconcile.Result{}, err } } @@ -406,6 +425,7 @@ func (r *ReconcileCDI) completeUpgrade(logger logr.Logger, cr *cdiv1alpha1.CDI) previousVersion := cr.Status.ObservedVersion cr.Status.ObservedVersion = r.namespacedArgs.DockerTag + MarkCrHealthyMessage(cr, "DeployCompleted", "Deployment Completed") if err := r.crUpdate(cdiv1alpha1.CDIPhaseDeployed, cr); err != nil { return err } @@ -530,6 +550,10 @@ func (r *ReconcileCDI) reconcileDelete(logger logr.Logger, cr *cdiv1alpha1.CDI) } func (r *ReconcileCDI) reconcileError(logger logr.Logger, cr *cdiv1alpha1.CDI) (reconcile.Result, error) { + MarkCrFailed(cr, "ConfigError", "ConfigMap not owned by cr") + if err := r.crUpdate(cr.Status.Phase, cr); err != nil { + return reconcile.Result{}, err + } if err := r.crError(cr); err != nil { return reconcile.Result{}, err } @@ -537,34 +561,43 @@ func (r *ReconcileCDI) reconcileError(logger logr.Logger, cr *cdiv1alpha1.CDI) ( return reconcile.Result{}, nil } -func (r *ReconcileCDI) checkReady(logger logr.Logger, cr *cdiv1alpha1.CDI) (bool, error) { - readyCond := conditionReady +func (r *ReconcileCDI) checkDegraded(logger logr.Logger, cr *cdiv1alpha1.CDI) (bool, error) { + degraded := false deployments, err := r.getAllDeployments(cr) if err != nil { - return false, err + return true, err } for _, deployment := range deployments { key := client.ObjectKey{Namespace: deployment.Namespace, Name: deployment.Name} if err = r.client.Get(context.TODO(), key, deployment); err != nil { - return false, err + return true, err } if !checkDeploymentReady(deployment) { - readyCond = conditionNotReady + degraded = true break } } - logger.Info("CDI Ready check", "Status", readyCond.Status) + logger.Info("CDI degraded check", "Degraded", degraded) - if err = r.conditionUpdate(readyCond, cr); err != nil { - return false, err + if degraded { + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionDegraded, + Status: corev1.ConditionTrue, + }) + } else { + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionDegraded, + Status: corev1.ConditionFalse, + }) } - return readyCond == conditionReady, nil + logger.Info("Finished degraded check", "conditions", cr.Status.Conditions) + return degraded, nil } func (r *ReconcileCDI) add(mgr manager.Manager) error { @@ -679,6 +712,7 @@ func (r *ReconcileCDI) getAllResources(cr *cdiv1alpha1.CDI) ([]runtime.Object, e if deployClusterResources() { crs, err := cdicluster.CreateAllResources(r.clusterArgs) if err != nil { + MarkCrFailedHealing(cr, "CreateResources", "Unable to create all resources") return nil, err } @@ -687,6 +721,7 @@ func (r *ReconcileCDI) getAllResources(cr *cdiv1alpha1.CDI) ([]runtime.Object, e nsrs, err := cdinamespaced.CreateAllResources(r.getNamespacedArgs(cr)) if err != nil { + MarkCrFailedHealing(cr, "CreateNamespaceResources", "Unable to create all namespaced resources") return nil, err } diff --git a/pkg/operator/controller/controller_test.go b/pkg/operator/controller/controller_test.go index 596460642..49c9b6005 100644 --- a/pkg/operator/controller/controller_test.go +++ b/pkg/operator/controller/controller_test.go @@ -44,6 +44,8 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" + conditions "github.com/openshift/custom-resource-status/conditions/v1" + extv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" "k8s.io/client-go/kubernetes/scheme" @@ -159,8 +161,11 @@ var _ = Describe("Controller", func() { Expect(args.cdi.Status.TargetVersion).Should(Equal(version)) Expect(args.cdi.Status.ObservedVersion).Should(Equal(version)) - Expect(args.cdi.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseDeployed)) - Expect(args.cdi.Status.Conditions).Should(BeEmpty()) + Expect(args.cdi.Status.Conditions).Should(HaveLen(3)) + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionAvailable)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionProgressing)).To(BeTrue()) + // We will expect degraded status, because in the test the deployment.status.replicas will not be 1, when the desired is 1. + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionDegraded)).To(BeTrue()) Expect(args.cdi.Finalizers).Should(HaveLen(1)) }) @@ -211,6 +216,7 @@ var _ = Describe("Controller", func() { }) It("should become ready", func() { + one := int32(1) args := createArgs() doReconcile(args) @@ -225,6 +231,7 @@ var _ = Describe("Controller", func() { numReplicas := d.Spec.Replicas Expect(numReplicas).ToNot(BeNil()) + Expect(numReplicas).To(Equal(&one)) d, err := getDeployment(args.client, d) Expect(err).ToNot(HaveOccurred()) @@ -234,7 +241,11 @@ var _ = Describe("Controller", func() { doReconcile(args) - Expect(args.cdi.Status.Conditions).Should(BeEmpty()) + Expect(args.cdi.Status.Conditions).Should(HaveLen(3)) + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionAvailable)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionProgressing)).To(BeTrue()) + // We will expect degraded status, because in the test the deployment.status.replicas will not be 1, when the desired is 1. + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionDegraded)).To(BeTrue()) } resources, err = getAllResources(args.reconciler) @@ -259,9 +270,10 @@ var _ = Describe("Controller", func() { doReconcile(args) - if len(args.cdi.Status.Conditions) == 1 && - args.cdi.Status.Conditions[0].Type == cdiviaplha1.CDIConditionRunning && - args.cdi.Status.Conditions[0].Status == corev1.ConditionTrue { + if len(args.cdi.Status.Conditions) == 3 && + conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionAvailable) && + conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionProgressing) && + conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionDegraded) { running = true } } @@ -313,9 +325,10 @@ var _ = Describe("Controller", func() { doReconcile(args) - Expect(args.cdi.Status.Conditions).Should(HaveLen(1)) - Expect(args.cdi.Status.Conditions[0].Type).Should(Equal(cdiviaplha1.CDIConditionRunning)) - Expect(args.cdi.Status.Conditions[0].Status).Should(Equal(corev1.ConditionTrue)) + Expect(args.cdi.Status.Conditions).Should(HaveLen(3)) + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionAvailable)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionProgressing)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionDegraded)).To(BeTrue()) for _, r := range resources { var ok bool @@ -333,9 +346,11 @@ var _ = Describe("Controller", func() { doReconcile(args) - Expect(args.cdi.Status.Conditions).Should(HaveLen(1)) - Expect(args.cdi.Status.Conditions[0].Type).Should(Equal(cdiviaplha1.CDIConditionRunning)) - Expect(args.cdi.Status.Conditions[0].Status).Should(Equal(corev1.ConditionFalse)) + Expect(args.cdi.Status.Conditions).Should(HaveLen(3)) + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionAvailable)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionProgressing)).To(BeTrue()) + // Application should be degraded due to missing deployment pods (set to 0) + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionDegraded)).To(BeTrue()) deployment, err = getDeployment(args.client, deployment) Expect(err).ToNot(HaveOccurred()) @@ -345,9 +360,10 @@ var _ = Describe("Controller", func() { doReconcile(args) - Expect(args.cdi.Status.Conditions).Should(HaveLen(1)) - Expect(args.cdi.Status.Conditions[0].Type).Should(Equal(cdiviaplha1.CDIConditionRunning)) - Expect(args.cdi.Status.Conditions[0].Status).Should(Equal(corev1.ConditionTrue)) + Expect(args.cdi.Status.Conditions).Should(HaveLen(3)) + Expect(conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionAvailable)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionProgressing)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionDegraded)).To(BeTrue()) }) It("does not modify insecure registry configmap", func() { @@ -399,7 +415,10 @@ var _ = Describe("Controller", func() { Expect(err).ToNot(HaveOccurred()) Expect(newInstance.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseError)) - Expect(newInstance.Status.Conditions).Should(BeEmpty()) + Expect(newInstance.Status.Conditions).Should(HaveLen(3)) + Expect(conditions.IsStatusConditionFalse(newInstance.Status.Conditions, conditions.ConditionAvailable)).To(BeTrue()) + Expect(conditions.IsStatusConditionFalse(newInstance.Status.Conditions, conditions.ConditionProgressing)).To(BeTrue()) + Expect(conditions.IsStatusConditionTrue(newInstance.Status.Conditions, conditions.ConditionDegraded)).To(BeTrue()) }) It("should succeed when we delete CDI", func() { @@ -494,7 +513,7 @@ var _ = Describe("Controller", func() { Expect(args.cdi.Status.OperatorVersion).Should(Equal(newVersion)) Expect(args.cdi.Status.ObservedVersion).Should(Equal(prevVersion)) Expect(args.cdi.Status.TargetVersion).Should(Equal(newVersion)) - Expect(args.cdi.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseDeploying)) + Expect(args.cdi.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseUpgrading)) } else { //verify upgraded hasn't started Expect(args.cdi.Status.OperatorVersion).Should(Equal(prevVersion)) @@ -646,7 +665,7 @@ var _ = Describe("Controller", func() { doReconcile(args) //verify upgraded has started - Expect(args.cdi.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseDeploying)) + Expect(args.cdi.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseUpgrading)) //change deployment to ready isReady := setDeploymentsReady(args) @@ -1072,7 +1091,7 @@ var _ = Describe("Controller", func() { doReconcile(args) //verify upgraded has started - Expect(args.cdi.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseDeploying)) + Expect(args.cdi.Status.Phase).Should(Equal(cdiviaplha1.CDIPhaseUpgrading)) //verify unused exists before upgrade is done _, err = getObject(args.client, unusedObj) @@ -1284,9 +1303,10 @@ func setDeploymentsReady(args *args) bool { doReconcile(args) - if len(args.cdi.Status.Conditions) == 1 && - args.cdi.Status.Conditions[0].Type == cdiviaplha1.CDIConditionRunning && - args.cdi.Status.Conditions[0].Status == corev1.ConditionTrue { + if len(args.cdi.Status.Conditions) == 3 && + conditions.IsStatusConditionTrue(args.cdi.Status.Conditions, conditions.ConditionAvailable) && + conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionProgressing) && + conditions.IsStatusConditionFalse(args.cdi.Status.Conditions, conditions.ConditionDegraded) { running = true } } diff --git a/pkg/operator/controller/cr.go b/pkg/operator/controller/cr.go index 8cf7db0dc..b3905768d 100644 --- a/pkg/operator/controller/cr.go +++ b/pkg/operator/controller/cr.go @@ -18,40 +18,15 @@ package controller import ( "context" - "time" corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + conditions "github.com/openshift/custom-resource-status/conditions/v1" cdiv1alpha1 "kubevirt.io/containerized-data-importer/pkg/apis/core/v1alpha1" ) -var ( - conditionReady = cdiv1alpha1.CDICondition{ - Type: cdiv1alpha1.CDIConditionRunning, - Status: corev1.ConditionTrue, - Reason: "All deployments running and ready", - Message: "Have fun!", - } - - conditionNotReady = cdiv1alpha1.CDICondition{ - Type: cdiv1alpha1.CDIConditionRunning, - Status: corev1.ConditionFalse, - Reason: "CDI deployment state inconsistent", - Message: "Hang in there!", - } -) - func (r *ReconcileCDI) isUpgrading(cr *cdiv1alpha1.CDI) bool { - if cr.Status.ObservedVersion == "" { - return false - } - - if cr.Status.ObservedVersion != cr.Status.TargetVersion { - return true - } - - return false + return cr.Status.ObservedVersion != "" && cr.Status.ObservedVersion != cr.Status.TargetVersion } // this is used for testing. wish this a helper function in test file instead of member @@ -87,37 +62,135 @@ func (r *ReconcileCDI) crUpdate(phase cdiv1alpha1.CDIPhase, cr *cdiv1alpha1.CDI) return r.client.Update(context.TODO(), cr) } -func (r *ReconcileCDI) conditionUpdate(condition cdiv1alpha1.CDICondition, cr *cdiv1alpha1.CDI) error { - condition.LastProbeTime = metav1.Time{Time: time.Now()} - condition.LastTransitionTime = condition.LastProbeTime - - i := -1 - for j, c := range cr.Status.Conditions { - if c.Type == condition.Type { - i = j - break - } +// GetConditionValues gets the conditions and put them into a map for easy comparison +func GetConditionValues(conditionList []conditions.Condition) map[conditions.ConditionType]corev1.ConditionStatus { + result := make(map[conditions.ConditionType]corev1.ConditionStatus) + for _, cond := range conditionList { + result[cond.Type] = cond.Status } - - if i >= 0 { - c := cr.Status.Conditions[i] - c.LastProbeTime = condition.LastProbeTime - c.LastTransitionTime = condition.LastTransitionTime - - if c == condition { - return nil - } - - cr.Status.Conditions[i] = condition - - } else { - if condition.Status == corev1.ConditionFalse { - // condition starts off as true - return nil - } - - cr.Status.Conditions = append(cr.Status.Conditions, condition) - } - - return r.crUpdate(cr.Status.Phase, cr) + return result +} + +// Compare condition maps and return true if any of the conditions changed, false otherwise. +func conditionsChanged(originalValues, newValues map[conditions.ConditionType]corev1.ConditionStatus) bool { + if len(originalValues) != len(newValues) { + return true + } + for k, v := range newValues { + oldV, ok := originalValues[k] + if !ok || oldV != v { + return true + } + } + return false +} + +// MarkCrHealthyMessage marks the passed in CR as healthy. The CR object needs to be updated by the caller afterwards. +// Healthy means the following status conditions are set: +// ApplicationAvailable: true +// Progressing: false +// Degraded: false +func MarkCrHealthyMessage(cr *cdiv1alpha1.CDI, reason, message string) { + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionAvailable, + Status: corev1.ConditionTrue, + Reason: reason, + Message: message, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionProgressing, + Status: corev1.ConditionFalse, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionDegraded, + Status: corev1.ConditionFalse, + }) +} + +// MarkCrUpgradeHealingDegraded marks the passed CR as upgrading and degraded. The CR object needs to be updated by the caller afterwards. +// Failed means the following status conditions are set: +// ApplicationAvailable: true +// Progressing: true +// Degraded: true +func MarkCrUpgradeHealingDegraded(cr *cdiv1alpha1.CDI, reason, message string) { + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionAvailable, + Status: corev1.ConditionTrue, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionProgressing, + Status: corev1.ConditionTrue, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionDegraded, + Status: corev1.ConditionTrue, + Reason: reason, + Message: message, + }) +} + +// MarkCrFailed marks the passed CR as failed and requiring human intervention. The CR object needs to be updated by the caller afterwards. +// Failed means the following status conditions are set: +// ApplicationAvailable: false +// Progressing: false +// Degraded: true +func MarkCrFailed(cr *cdiv1alpha1.CDI, reason, message string) { + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionAvailable, + Status: corev1.ConditionFalse, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionProgressing, + Status: corev1.ConditionFalse, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionDegraded, + Status: corev1.ConditionTrue, + Reason: reason, + Message: message, + }) +} + +// MarkCrFailedHealing marks the passed CR as failed and healing. The CR object needs to be updated by the caller afterwards. +// FailedAndHealing means the following status conditions are set: +// ApplicationAvailable: false +// Progressing: true +// Degraded: true +func MarkCrFailedHealing(cr *cdiv1alpha1.CDI, reason, message string) { + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionAvailable, + Status: corev1.ConditionFalse, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionProgressing, + Status: corev1.ConditionTrue, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionDegraded, + Status: corev1.ConditionTrue, + Reason: reason, + Message: message, + }) +} + +// MarkCrDeploying marks the passed CR as currently deploying. The CR object needs to be updated by the caller afterwards. +// Deploying means the following status conditions are set: +// ApplicationAvailable: false +// Progressing: true +// Degraded: false +func MarkCrDeploying(cr *cdiv1alpha1.CDI, reason, message string) { + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionAvailable, + Status: corev1.ConditionFalse, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionProgressing, + Status: corev1.ConditionTrue, + Reason: reason, + Message: message, + }) + conditions.SetStatusCondition(&cr.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionDegraded, + Status: corev1.ConditionFalse, + }) } diff --git a/tests/operator_test.go b/tests/operator_test.go index e0ed2782b..df0af9554 100644 --- a/tests/operator_test.go +++ b/tests/operator_test.go @@ -9,10 +9,14 @@ import ( routev1 "github.com/openshift/api/route/v1" routeclient "github.com/openshift/client-go/route/clientset/versioned" secclient "github.com/openshift/client-go/security/clientset/versioned" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "kubevirt.io/containerized-data-importer/pkg/controller" + operatorcontroller "kubevirt.io/containerized-data-importer/pkg/operator/controller" "kubevirt.io/containerized-data-importer/tests/framework" + + conditions "github.com/openshift/custom-resource-status/conditions/v1" ) var _ = Describe("Operator tests", func() { @@ -46,4 +50,15 @@ var _ = Describe("Operator tests", func() { cdiSA := fmt.Sprintf("system:serviceaccount:%s:cdi-sa", f.CdiInstallNs) Expect(scc.Users).Should(ContainElement(cdiSA)) }) + + // Condition flags can be found here with their meaning https://github.com/kubevirt/hyperconverged-cluster-operator/blob/master/docs/conditions.md + It("Condition flags on CR should be healthy and operating", func() { + cdiObject, err := f.CdiClient.CdiV1alpha1().CDIs().Get("cdi", metav1.GetOptions{}) + Expect(err).ToNot(HaveOccurred()) + conditionMap := operatorcontroller.GetConditionValues(cdiObject.Status.Conditions) + // Application should be fully operational and healthy. + Expect(conditionMap[conditions.ConditionAvailable]).To(Equal(corev1.ConditionTrue)) + Expect(conditionMap[conditions.ConditionProgressing]).To(Equal(corev1.ConditionFalse)) + Expect(conditionMap[conditions.ConditionDegraded]).To(Equal(corev1.ConditionFalse)) + }) }) diff --git a/vendor/github.com/appscode/jsonpatch/.gitignore b/vendor/github.com/appscode/jsonpatch/.gitignore index 5f90593a0..0e9448e05 100644 --- a/vendor/github.com/appscode/jsonpatch/.gitignore +++ b/vendor/github.com/appscode/jsonpatch/.gitignore @@ -23,5 +23,4 @@ _testmain.go *.test *.prof -/.idea -/vendor +.idea/ diff --git a/vendor/github.com/appscode/jsonpatch/.travis.yml b/vendor/github.com/appscode/jsonpatch/.travis.yml index 0066aaafd..92f2439d7 100644 --- a/vendor/github.com/appscode/jsonpatch/.travis.yml +++ b/vendor/github.com/appscode/jsonpatch/.travis.yml @@ -3,16 +3,8 @@ go: - 1.x - tip -go_import_path: gomodules.xyz/jsonpatch - -cache: - directories: - - $HOME/.cache/go-build - - $GOPATH/pkg/mod - env: - GO111MODULE=on script: - - cd v2 - - go test -v + - go test -v diff --git a/vendor/github.com/appscode/jsonpatch/CHANGELOG.md b/vendor/github.com/appscode/jsonpatch/CHANGELOG.md deleted file mode 100644 index ae70e4fee..000000000 --- a/vendor/github.com/appscode/jsonpatch/CHANGELOG.md +++ /dev/null @@ -1,39 +0,0 @@ -# Change Log - -## [v2.0.0](https://github.com/gomodules/jsonpatch/tree/v2.0.0) (2019-06-26) -[Full Changelog](https://github.com/gomodules/jsonpatch/compare/1.0.0...v2.0.0) - -**Merged pull requests:** - -- Use Major subdirectory structure to maintain dep compatiability [\#20](https://github.com/gomodules/jsonpatch/pull/20) ([tamalsaha](https://github.com/tamalsaha)) -- Prepare v2 release [\#19](https://github.com/gomodules/jsonpatch/pull/19) ([tamalsaha](https://github.com/tamalsaha)) -- Update go.mod and remove vendor folder [\#18](https://github.com/gomodules/jsonpatch/pull/18) ([tamalsaha](https://github.com/tamalsaha)) -- Change package path to gomodules.xyz/jsonpath [\#17](https://github.com/gomodules/jsonpatch/pull/17) ([tamalsaha](https://github.com/tamalsaha)) -- \[Emergency\] correct array index in backtrace [\#16](https://github.com/gomodules/jsonpatch/pull/16) ([kdada](https://github.com/kdada)) -- Added support for arrays at the root [\#15](https://github.com/gomodules/jsonpatch/pull/15) ([e-nikolov](https://github.com/e-nikolov)) -- Fix the example code in readme [\#14](https://github.com/gomodules/jsonpatch/pull/14) ([pytimer](https://github.com/pytimer)) - -## [1.0.0](https://github.com/gomodules/jsonpatch/tree/1.0.0) (2019-01-08) -**Fixed bugs:** - -- Correctly generate patch for nested object [\#8](https://github.com/gomodules/jsonpatch/issues/8) - -**Closed issues:** - -- Do releases and in SemVer [\#12](https://github.com/gomodules/jsonpatch/issues/12) -- Generated patch incorrect for Array replacement [\#1](https://github.com/gomodules/jsonpatch/issues/1) - -**Merged pull requests:** - -- Add JsonPatchOperation as type alias for Operation [\#13](https://github.com/gomodules/jsonpatch/pull/13) ([tamalsaha](https://github.com/tamalsaha)) -- Migrate to go mod [\#10](https://github.com/gomodules/jsonpatch/pull/10) ([tamalsaha](https://github.com/tamalsaha)) -- Add test for nested object [\#9](https://github.com/gomodules/jsonpatch/pull/9) ([tamalsaha](https://github.com/tamalsaha)) -- Add test for edit distance computation [\#7](https://github.com/gomodules/jsonpatch/pull/7) ([tamalsaha](https://github.com/tamalsaha)) -- Append edit distance operations from end to start [\#6](https://github.com/gomodules/jsonpatch/pull/6) ([tamalsaha](https://github.com/tamalsaha)) -- Add travis file [\#4](https://github.com/gomodules/jsonpatch/pull/4) ([tamalsaha](https://github.com/tamalsaha)) -- Run go fmt [\#3](https://github.com/gomodules/jsonpatch/pull/3) ([tamalsaha](https://github.com/tamalsaha)) -- Fix array comparison [\#2](https://github.com/gomodules/jsonpatch/pull/2) ([tamalsaha](https://github.com/tamalsaha)) - - - -\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* \ No newline at end of file diff --git a/vendor/github.com/appscode/jsonpatch/README.md b/vendor/github.com/appscode/jsonpatch/README.md index 302a53b30..bbbf72921 100644 --- a/vendor/github.com/appscode/jsonpatch/README.md +++ b/vendor/github.com/appscode/jsonpatch/README.md @@ -1,20 +1,19 @@ # jsonpatch -[![Build Status](https://travis-ci.org/gomodules/jsonpatch.svg?branch=master)](https://travis-ci.org/gomodules/jsonpatch) -[![Go Report Card](https://goreportcard.com/badge/gomodules.xyz/jsonpatch "Go Report Card")](https://goreportcard.com/report/gomodules.xyz/jsonpatch) -[![GoDoc](https://godoc.org/gomodules.xyz/jsonpatch/v2?status.svg "GoDoc")](https://godoc.org/gomodules.xyz/jsonpatch/v2) +[![Build Status](https://travis-ci.org/appscode/jsonpatch.svg?branch=master)](https://travis-ci.org/appscode/jsonpatch) +[![Go Report Card](https://goreportcard.com/badge/appscode/jsonpatch "Go Report Card")](https://goreportcard.com/report/appscode/jsonpatch) +[![GoDoc](https://godoc.org/github.com/appscode/jsonpatch?status.svg "GoDoc")](https://godoc.org/github.com/appscode/jsonpatch) As per http://jsonpatch.com JSON Patch is specified in RFC 6902 from the IETF. JSON Patch allows you to generate JSON that describes changes you want to make to a document, so you don't have to send the whole doc. JSON Patch format is supported by HTTP PATCH method, allowing for standards based partial updates via REST APIs. -## Usage ## - -```go -import "gomodules.xyz/jsonpatch/v2" +```console +go get github.com/appscode/jsonpatch ``` -I tried some of the other "jsonpatch" go implementations, but none of them could diff two json documents and generate format like jsonpatch.com specifies. Here's an example of the patch format: +I tried some of the other "jsonpatch" go implementations, but none of them could diff two json documents and +generate format like jsonpatch.com specifies. Here's an example of the patch format: ```json [ @@ -33,14 +32,14 @@ package main import ( "fmt" - "gomodules.xyz/jsonpatch/v2" + "github.com/appscode/jsonpatch" ) var simpleA = `{"a":100, "b":200, "c":"hello"}` var simpleB = `{"a":100, "b":200, "c":"goodbye"}` func main() { - patch, e := jsonpatch.CreatePatch([]byte(simpleA), []byte(simpleB)) + patch, e := jsonpatch.CreatePatch([]byte(simpleA), []byte(simpleA)) if e != nil { fmt.Printf("Error creating JSON patch:%v", e) return diff --git a/vendor/github.com/appscode/jsonpatch/go.mod b/vendor/github.com/appscode/jsonpatch/go.mod index b5eaf830e..458d129ec 100644 --- a/vendor/github.com/appscode/jsonpatch/go.mod +++ b/vendor/github.com/appscode/jsonpatch/go.mod @@ -1,9 +1,8 @@ -module gomodules.xyz/jsonpatch/v2 - -go 1.12 +module github.com/appscode/jsonpatch require ( - github.com/evanphx/json-patch v4.5.0+incompatible - github.com/pkg/errors v0.8.1 // indirect - github.com/stretchr/testify v1.3.0 + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/evanphx/json-patch v4.0.0+incompatible + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/stretchr/testify v1.2.2 ) diff --git a/vendor/github.com/appscode/jsonpatch/go.sum b/vendor/github.com/appscode/jsonpatch/go.sum index d8f9ffe1c..0972e0e1a 100644 --- a/vendor/github.com/appscode/jsonpatch/go.sum +++ b/vendor/github.com/appscode/jsonpatch/go.sum @@ -1,11 +1,8 @@ -github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/evanphx/json-patch v4.5.0+incompatible h1:ouOWdg56aJriqS0huScTkVXPC5IcNrDCXZ6OoTAWu7M= -github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/evanphx/json-patch v4.0.0+incompatible h1:xregGRMLBeuRcwiOTHRCsPPuzCQlqhxUPbqdw+zNkLc= +github.com/evanphx/json-patch v4.0.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= diff --git a/vendor/github.com/appscode/jsonpatch/jsonpatch.go b/vendor/github.com/appscode/jsonpatch/jsonpatch.go index e7cb7d6da..3e698949e 100644 --- a/vendor/github.com/appscode/jsonpatch/jsonpatch.go +++ b/vendor/github.com/appscode/jsonpatch/jsonpatch.go @@ -58,8 +58,8 @@ func NewPatch(operation, path string, value interface{}) Operation { // // An error will be returned if any of the two documents are invalid. func CreatePatch(a, b []byte) ([]Operation, error) { - var aI interface{} - var bI interface{} + aI := map[string]interface{}{} + bI := map[string]interface{}{} err := json.Unmarshal(a, &aI) if err != nil { return nil, errBadJSONDoc @@ -68,7 +68,7 @@ func CreatePatch(a, b []byte) ([]Operation, error) { if err != nil { return nil, errBadJSONDoc } - return handleValues(aI, bI, "", []Operation{}) + return diff(aI, bI, "", []Operation{}) } // Returns true if the values matches (must be json types) @@ -326,7 +326,7 @@ func backtrace(s, t []interface{}, p string, i int, j int, matrix [][]int) []Ope return append([]Operation{op}, backtrace(s, t, p, i-1, j-1, matrix)...) } - p2, _ := handleValues(s[i-1], t[j-1], makePath(p, i-1), []Operation{}) + p2, _ := handleValues(s[j-1], t[j-1], makePath(p, i-1), []Operation{}) return append(p2, backtrace(s, t, p, i-1, j-1, matrix)...) } if i > 0 && j > 0 && matrix[i-1][j-1] == matrix[i][j] { diff --git a/vendor/github.com/appscode/jsonpatch/jsonpatch_json_test.go b/vendor/github.com/appscode/jsonpatch/jsonpatch_json_test.go index 76ccffc88..38743627f 100644 --- a/vendor/github.com/appscode/jsonpatch/jsonpatch_json_test.go +++ b/vendor/github.com/appscode/jsonpatch/jsonpatch_json_test.go @@ -3,8 +3,8 @@ package jsonpatch_test import ( "testing" + "github.com/appscode/jsonpatch" "github.com/stretchr/testify/assert" - "gomodules.xyz/jsonpatch/v2" ) func TestMarshalNullableValue(t *testing.T) { diff --git a/vendor/github.com/appscode/jsonpatch/jsonpatch_test.go b/vendor/github.com/appscode/jsonpatch/jsonpatch_test.go index ff2f711d9..9ce910152 100644 --- a/vendor/github.com/appscode/jsonpatch/jsonpatch_test.go +++ b/vendor/github.com/appscode/jsonpatch/jsonpatch_test.go @@ -4,9 +4,9 @@ import ( "encoding/json" "testing" + "github.com/appscode/jsonpatch" jp "github.com/evanphx/json-patch" "github.com/stretchr/testify/assert" - "gomodules.xyz/jsonpatch/v2" ) var simpleA = `{"a":100, "b":200, "c":"hello"}` @@ -737,70 +737,6 @@ var ( }` ) -var ( - oldArray = `{ - "apiVersion": "kubedb.com/v1alpha1", - "kind": "Elasticsearch", - "metadata": { - "name": "quick-elasticsearch", - "namespace": "demo" - }, - "spec": { - "tolerations": [ - { - "key": "node.kubernetes.io/key1", - "operator": "Equal", - "value": "value1", - "effect": "NoSchedule" - }, - { - "key": "node.kubernetes.io/key2", - "operator": "Equal", - "value": "value2", - "effect": "NoSchedule" - }, - { - "key": "node.kubernetes.io/not-ready", - "operator": "Exists", - "effect": "NoExecute", - "tolerationSeconds": 300 - }, - { - "key": "node.kubernetes.io/unreachable", - "operator": "Exists", - "effect": "NoExecute", - "tolerationSeconds": 300 - } - ] - } -}` - - newArray = `{ - "apiVersion": "kubedb.com/v1alpha1", - "kind": "Elasticsearch", - "metadata": { - "name": "quick-elasticsearch", - "namespace": "demo" - }, - "spec": { - "tolerations": [ - { - "key": "node.kubernetes.io/key2", - "operator": "Equal", - "value": "value2", - "effect": "NoSchedule" - }, - { - "key": "node.kubernetes.io/key1", - "operator": "Equal", - "value": "value1", - "effect": "NoSchedule" - } - ] - } -}` -) - func TestCreatePatch(t *testing.T) { cases := []struct { name string @@ -841,12 +777,7 @@ func TestCreatePatch(t *testing.T) { {"Kubernetes:Annotations", oldDeployment, newDeployment}, // crd with nested object {"Nested Member Object", oldNestedObj, newNestedObj}, - // array with different order - {"Different Array", oldArray, newArray}, - {"Array at root", `[{"asdf":"qwerty"}]`, `[{"asdf":"bla"},{"asdf":"zzz"}]`}, - {"Empty array at root", `[]`, `[{"asdf":"bla"},{"asdf":"zzz"}]`}, } - for _, c := range cases { t.Run(c.name+"[src->dst]", func(t *testing.T) { check(t, c.src, c.dst) diff --git a/vendor/github.com/appscode/jsonpatch/v2/go.mod b/vendor/github.com/appscode/jsonpatch/v2/go.mod deleted file mode 100644 index b5eaf830e..000000000 --- a/vendor/github.com/appscode/jsonpatch/v2/go.mod +++ /dev/null @@ -1,9 +0,0 @@ -module gomodules.xyz/jsonpatch/v2 - -go 1.12 - -require ( - github.com/evanphx/json-patch v4.5.0+incompatible - github.com/pkg/errors v0.8.1 // indirect - github.com/stretchr/testify v1.3.0 -) diff --git a/vendor/github.com/appscode/jsonpatch/v2/go.sum b/vendor/github.com/appscode/jsonpatch/v2/go.sum deleted file mode 100644 index d8f9ffe1c..000000000 --- a/vendor/github.com/appscode/jsonpatch/v2/go.sum +++ /dev/null @@ -1,11 +0,0 @@ -github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/evanphx/json-patch v4.5.0+incompatible h1:ouOWdg56aJriqS0huScTkVXPC5IcNrDCXZ6OoTAWu7M= -github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= diff --git a/vendor/github.com/appscode/jsonpatch/v2/jsonpatch.go b/vendor/github.com/appscode/jsonpatch/v2/jsonpatch.go deleted file mode 100644 index e7cb7d6da..000000000 --- a/vendor/github.com/appscode/jsonpatch/v2/jsonpatch.go +++ /dev/null @@ -1,336 +0,0 @@ -package jsonpatch - -import ( - "bytes" - "encoding/json" - "fmt" - "reflect" - "strings" -) - -var errBadJSONDoc = fmt.Errorf("invalid JSON Document") - -type JsonPatchOperation = Operation - -type Operation struct { - Operation string `json:"op"` - Path string `json:"path"` - Value interface{} `json:"value,omitempty"` -} - -func (j *Operation) Json() string { - b, _ := json.Marshal(j) - return string(b) -} - -func (j *Operation) MarshalJSON() ([]byte, error) { - var b bytes.Buffer - b.WriteString("{") - b.WriteString(fmt.Sprintf(`"op":"%s"`, j.Operation)) - b.WriteString(fmt.Sprintf(`,"path":"%s"`, j.Path)) - // Consider omitting Value for non-nullable operations. - if j.Value != nil || j.Operation == "replace" || j.Operation == "add" { - v, err := json.Marshal(j.Value) - if err != nil { - return nil, err - } - b.WriteString(`,"value":`) - b.Write(v) - } - b.WriteString("}") - return b.Bytes(), nil -} - -type ByPath []Operation - -func (a ByPath) Len() int { return len(a) } -func (a ByPath) Swap(i, j int) { a[i], a[j] = a[j], a[i] } -func (a ByPath) Less(i, j int) bool { return a[i].Path < a[j].Path } - -func NewPatch(operation, path string, value interface{}) Operation { - return Operation{Operation: operation, Path: path, Value: value} -} - -// CreatePatch creates a patch as specified in http://jsonpatch.com/ -// -// 'a' is original, 'b' is the modified document. Both are to be given as json encoded content. -// The function will return an array of JsonPatchOperations -// -// An error will be returned if any of the two documents are invalid. -func CreatePatch(a, b []byte) ([]Operation, error) { - var aI interface{} - var bI interface{} - err := json.Unmarshal(a, &aI) - if err != nil { - return nil, errBadJSONDoc - } - err = json.Unmarshal(b, &bI) - if err != nil { - return nil, errBadJSONDoc - } - return handleValues(aI, bI, "", []Operation{}) -} - -// Returns true if the values matches (must be json types) -// The types of the values must match, otherwise it will always return false -// If two map[string]interface{} are given, all elements must match. -func matchesValue(av, bv interface{}) bool { - if reflect.TypeOf(av) != reflect.TypeOf(bv) { - return false - } - switch at := av.(type) { - case string: - bt, ok := bv.(string) - if ok && bt == at { - return true - } - case float64: - bt, ok := bv.(float64) - if ok && bt == at { - return true - } - case bool: - bt, ok := bv.(bool) - if ok && bt == at { - return true - } - case map[string]interface{}: - bt, ok := bv.(map[string]interface{}) - if !ok { - return false - } - for key := range at { - if !matchesValue(at[key], bt[key]) { - return false - } - } - for key := range bt { - if !matchesValue(at[key], bt[key]) { - return false - } - } - return true - case []interface{}: - bt, ok := bv.([]interface{}) - if !ok { - return false - } - if len(bt) != len(at) { - return false - } - for key := range at { - if !matchesValue(at[key], bt[key]) { - return false - } - } - for key := range bt { - if !matchesValue(at[key], bt[key]) { - return false - } - } - return true - } - return false -} - -// From http://tools.ietf.org/html/rfc6901#section-4 : -// -// Evaluation of each reference token begins by decoding any escaped -// character sequence. This is performed by first transforming any -// occurrence of the sequence '~1' to '/', and then transforming any -// occurrence of the sequence '~0' to '~'. -// TODO decode support: -// var rfc6901Decoder = strings.NewReplacer("~1", "/", "~0", "~") - -var rfc6901Encoder = strings.NewReplacer("~", "~0", "/", "~1") - -func makePath(path string, newPart interface{}) string { - key := rfc6901Encoder.Replace(fmt.Sprintf("%v", newPart)) - if path == "" { - return "/" + key - } - if strings.HasSuffix(path, "/") { - return path + key - } - return path + "/" + key -} - -// diff returns the (recursive) difference between a and b as an array of JsonPatchOperations. -func diff(a, b map[string]interface{}, path string, patch []Operation) ([]Operation, error) { - for key, bv := range b { - p := makePath(path, key) - av, ok := a[key] - // value was added - if !ok { - patch = append(patch, NewPatch("add", p, bv)) - continue - } - // Types are the same, compare values - var err error - patch, err = handleValues(av, bv, p, patch) - if err != nil { - return nil, err - } - } - // Now add all deleted values as nil - for key := range a { - _, found := b[key] - if !found { - p := makePath(path, key) - - patch = append(patch, NewPatch("remove", p, nil)) - } - } - return patch, nil -} - -func handleValues(av, bv interface{}, p string, patch []Operation) ([]Operation, error) { - { - at := reflect.TypeOf(av) - bt := reflect.TypeOf(bv) - if at == nil && bt == nil { - // do nothing - return patch, nil - } else if at == nil && bt != nil { - return append(patch, NewPatch("add", p, bv)), nil - } else if at != bt { - // If types have changed, replace completely (preserves null in destination) - return append(patch, NewPatch("replace", p, bv)), nil - } - } - - var err error - switch at := av.(type) { - case map[string]interface{}: - bt := bv.(map[string]interface{}) - patch, err = diff(at, bt, p, patch) - if err != nil { - return nil, err - } - case string, float64, bool: - if !matchesValue(av, bv) { - patch = append(patch, NewPatch("replace", p, bv)) - } - case []interface{}: - bt := bv.([]interface{}) - if isSimpleArray(at) && isSimpleArray(bt) { - patch = append(patch, compareEditDistance(at, bt, p)...) - } else { - n := min(len(at), len(bt)) - for i := len(at) - 1; i >= n; i-- { - patch = append(patch, NewPatch("remove", makePath(p, i), nil)) - } - for i := n; i < len(bt); i++ { - patch = append(patch, NewPatch("add", makePath(p, i), bt[i])) - } - for i := 0; i < n; i++ { - var err error - patch, err = handleValues(at[i], bt[i], makePath(p, i), patch) - if err != nil { - return nil, err - } - } - } - default: - panic(fmt.Sprintf("Unknown type:%T ", av)) - } - return patch, nil -} - -func isBasicType(a interface{}) bool { - switch a.(type) { - case string, float64, bool: - default: - return false - } - return true -} - -func isSimpleArray(a []interface{}) bool { - for i := range a { - switch a[i].(type) { - case string, float64, bool: - default: - val := reflect.ValueOf(a[i]) - if val.Kind() == reflect.Map { - for _, k := range val.MapKeys() { - av := val.MapIndex(k) - if av.Kind() == reflect.Ptr || av.Kind() == reflect.Interface { - if av.IsNil() { - continue - } - av = av.Elem() - } - if av.Kind() != reflect.String && av.Kind() != reflect.Float64 && av.Kind() != reflect.Bool { - return false - } - } - return true - } - return false - } - } - return true -} - -// https://en.wikipedia.org/wiki/Wagner%E2%80%93Fischer_algorithm -// Adapted from https://github.com/texttheater/golang-levenshtein -func compareEditDistance(s, t []interface{}, p string) []Operation { - m := len(s) - n := len(t) - - d := make([][]int, m+1) - for i := 0; i <= m; i++ { - d[i] = make([]int, n+1) - d[i][0] = i - } - for j := 0; j <= n; j++ { - d[0][j] = j - } - - for j := 1; j <= n; j++ { - for i := 1; i <= m; i++ { - if reflect.DeepEqual(s[i-1], t[j-1]) { - d[i][j] = d[i-1][j-1] // no op required - } else { - del := d[i-1][j] + 1 - add := d[i][j-1] + 1 - rep := d[i-1][j-1] + 1 - d[i][j] = min(rep, min(add, del)) - } - } - } - - return backtrace(s, t, p, m, n, d) -} - -func min(x int, y int) int { - if y < x { - return y - } - return x -} - -func backtrace(s, t []interface{}, p string, i int, j int, matrix [][]int) []Operation { - if i > 0 && matrix[i-1][j]+1 == matrix[i][j] { - op := NewPatch("remove", makePath(p, i-1), nil) - return append([]Operation{op}, backtrace(s, t, p, i-1, j, matrix)...) - } - if j > 0 && matrix[i][j-1]+1 == matrix[i][j] { - op := NewPatch("add", makePath(p, i), t[j-1]) - return append([]Operation{op}, backtrace(s, t, p, i, j-1, matrix)...) - } - if i > 0 && j > 0 && matrix[i-1][j-1]+1 == matrix[i][j] { - if isBasicType(s[0]) { - op := NewPatch("replace", makePath(p, i-1), t[j-1]) - return append([]Operation{op}, backtrace(s, t, p, i-1, j-1, matrix)...) - } - - p2, _ := handleValues(s[i-1], t[j-1], makePath(p, i-1), []Operation{}) - return append(p2, backtrace(s, t, p, i-1, j-1, matrix)...) - } - if i > 0 && j > 0 && matrix[i-1][j-1] == matrix[i][j] { - return backtrace(s, t, p, i-1, j-1, matrix) - } - return []Operation{} -} diff --git a/vendor/github.com/appscode/jsonpatch/v2/jsonpatch_json_test.go b/vendor/github.com/appscode/jsonpatch/v2/jsonpatch_json_test.go deleted file mode 100644 index 76ccffc88..000000000 --- a/vendor/github.com/appscode/jsonpatch/v2/jsonpatch_json_test.go +++ /dev/null @@ -1,33 +0,0 @@ -package jsonpatch_test - -import ( - "testing" - - "github.com/stretchr/testify/assert" - "gomodules.xyz/jsonpatch/v2" -) - -func TestMarshalNullableValue(t *testing.T) { - p1 := jsonpatch.Operation{ - Operation: "replace", - Path: "/a1", - Value: nil, - } - assert.JSONEq(t, `{"op":"replace", "path":"/a1","value":null}`, p1.Json()) - - p2 := jsonpatch.Operation{ - Operation: "replace", - Path: "/a2", - Value: "v2", - } - assert.JSONEq(t, `{"op":"replace", "path":"/a2", "value":"v2"}`, p2.Json()) -} - -func TestMarshalNonNullableValue(t *testing.T) { - p1 := jsonpatch.Operation{ - Operation: "remove", - Path: "/a1", - } - assert.JSONEq(t, `{"op":"remove", "path":"/a1"}`, p1.Json()) - -} diff --git a/vendor/github.com/appscode/jsonpatch/v2/jsonpatch_test.go b/vendor/github.com/appscode/jsonpatch/v2/jsonpatch_test.go deleted file mode 100644 index ff2f711d9..000000000 --- a/vendor/github.com/appscode/jsonpatch/v2/jsonpatch_test.go +++ /dev/null @@ -1,874 +0,0 @@ -package jsonpatch_test - -import ( - "encoding/json" - "testing" - - jp "github.com/evanphx/json-patch" - "github.com/stretchr/testify/assert" - "gomodules.xyz/jsonpatch/v2" -) - -var simpleA = `{"a":100, "b":200, "c":"hello"}` -var simpleB = `{"a":100, "b":200, "c":"goodbye"}` -var simpleC = `{"a":100, "b":100, "c":"hello"}` -var simpleD = `{"a":100, "b":200, "c":"hello", "d":"foo"}` -var simpleE = `{"a":100, "b":200}` -var simplef = `{"a":100, "b":100, "d":"foo"}` -var simpleG = `{"a":100, "b":null, "d":"foo"}` -var empty = `{}` - -var arraySrc = ` -{ - "spec": { - "loadBalancerSourceRanges": [ - "192.101.0.0/16", - "192.0.0.0/24" - ] - } -} -` - -var arrayDst = ` -{ - "spec": { - "loadBalancerSourceRanges": [ - "192.101.0.0/24" - ] - } -} -` - -var complexBase = `{"a":100, "b":[{"c1":"hello", "d1":"foo"},{"c2":"hello2", "d2":"foo2"} ], "e":{"f":200, "g":"h", "i":"j"}}` -var complexA = `{"a":100, "b":[{"c1":"goodbye", "d1":"foo"},{"c2":"hello2", "d2":"foo2"} ], "e":{"f":200, "g":"h", "i":"j"}}` -var complexB = `{"a":100, "b":[{"c1":"hello", "d1":"foo"},{"c2":"hello2", "d2":"foo2"} ], "e":{"f":100, "g":"h", "i":"j"}}` -var complexC = `{"a":100, "b":[{"c1":"hello", "d1":"foo"},{"c2":"hello2", "d2":"foo2"} ], "e":{"f":200, "g":"h", "i":"j"}, "k":[{"l":"m"}, {"l":"o"}]}` -var complexD = `{"a":100, "b":[{"c1":"hello", "d1":"foo"},{"c2":"hello2", "d2":"foo2"}, {"c3":"hello3", "d3":"foo3"} ], "e":{"f":200, "g":"h", "i":"j"}}` -var complexE = `{"a":100, "b":[{"c1":"hello", "d1":"foo"},{"c2":"hello2", "d2":"foo2"} ], "e":{"f":200, "g":"h", "i":"j"}}` - -var point = `{"type":"Point", "coordinates":[0.0, 1.0]}` -var lineString = `{"type":"LineString", "coordinates":[[0.0, 1.0], [2.0, 3.0]]}` - -var hyperComplexBase = ` -{ - "goods": [ - { - "id": "0001", - "type": "donut", - "name": "Cake", - "ppu": 0.55, - "batters": - { - "batter": - [ - { "id": "1001", "type": "Regular" }, - { "id": "1002", "type": "Chocolate" }, - { "id": "1003", "type": "Blueberry" }, - { "id": "1004", "type": "Devil's Food" } - ] - }, - "topping": - [ - { "id": "5001", "type": "None" }, - { "id": "5002", "type": "Glazed" }, - { "id": "5005", "type": "Sugar" }, - { "id": "5007", "type": "Powdered Sugar" }, - { "id": "5006", "type": "Chocolate with Sprinkles" }, - { "id": "5003", "type": "Chocolate" }, - { "id": "5004", "type": "Maple" } - ] - }, - { - "id": "0002", - "type": "donut", - "name": "Raised", - "ppu": 0.55, - "batters": - { - "batter": - [ - { "id": "1001", "type": "Regular" } - ] - }, - "topping": - [ - { "id": "5001", "type": "None" }, - { "id": "5002", "type": "Glazed" }, - { "id": "5005", "type": "Sugar" }, - { "id": "5003", "type": "Chocolate" }, - { "id": "5004", "type": "Maple" } - ] - }, - { - "id": "0003", - "type": "donut", - "name": "Old Fashioned", - "ppu": 0.55, - "batters": - { - "batter": - [ - { "id": "1001", "type": "Regular" }, - { "id": "1002", "type": "Chocolate" } - ] - }, - "topping": - [ - { "id": "5001", "type": "None" }, - { "id": "5002", "type": "Glazed" }, - { "id": "5003", "type": "Chocolate" }, - { "id": "5004", "type": "Maple" } - ] - } -] -}` - -var hyperComplexA = ` -{ - "goods": [ - { - "id": "0001", - "type": "donut", - "name": "Cake", - "ppu": 0.55, - "batters": - { - "batter": - [ - { "id": "1001", "type": "Regular" }, - { "id": "1002", "type": "Chocolate" }, - { "id": "1003", "type": "Strawberry" }, - { "id": "1004", "type": "Devil's Food" } - ] - }, - "topping": - [ - { "id": "5001", "type": "None" }, - { "id": "5002", "type": "Glazed" }, - { "id": "5005", "type": "Sugar" }, - { "id": "5007", "type": "Powdered Sugar" }, - { "id": "5006", "type": "Chocolate with Sprinkles" }, - { "id": "5003", "type": "Chocolate" }, - { "id": "5004", "type": "Maple" } - ] - }, - { - "id": "0002", - "type": "donut", - "name": "Raised", - "ppu": 0.55, - "batters": - { - "batter": - [ - { "id": "1001", "type": "Regular" } - ] - }, - "topping": - [ - { "id": "5001", "type": "None" }, - { "id": "5002", "type": "Glazed" }, - { "id": "5005", "type": "Sugar" }, - { "id": "5003", "type": "Chocolate" }, - { "id": "5004", "type": "Maple" } - ] - }, - { - "id": "0003", - "type": "donut", - "name": "Old Fashioned", - "ppu": 0.55, - "batters": - { - "batter": - [ - { "id": "1001", "type": "Regular" }, - { "id": "1002", "type": "Chocolate" }, - { "id": "1003", "type": "Vanilla" } - ] - }, - "topping": - [ - { "id": "5001", "type": "None" }, - { "id": "5002", "type": "Glazed" }, - { "id": "5004", "type": "Maple" } - ] - } -] -}` - -var superComplexBase = ` -{ - "annotations": { - "annotation": [ - { - "name": "version", - "value": "8" - }, - { - "name": "versionTag", - "value": "Published on May 13, 2015 at 8:48pm (MST)" - } - ] - }, - "attributes": { - "attribute-key": [ - { - "id": "3b05c943-d81a-436f-b242-8b519e7a6f30", - "properties": { - "visible": true - } - }, - { - "id": "d794c7ee-2a4b-4da4-bba7-e8b973d50c4b", - "properties": { - "visible": true - } - }, - { - "id": "a0259458-517c-480f-9f04-9b54b1b2af1f", - "properties": { - "visible": true - } - }, - { - "id": "9415f39d-c396-4458-9019-fc076c847964", - "properties": { - "visible": true - } - }, - { - "id": "0a2e49a9-8989-42fb-97da-cc66334f828b", - "properties": { - "visible": true - } - }, - { - "id": "27f5f14a-ea97-4feb-b22a-6ff754a31212", - "properties": { - "visible": true - } - }, - { - "id": "6f810508-4615-4fd0-9e87-80f9c94f9ad8", - "properties": { - "visible": true - } - }, - { - "id": "3451b1b2-7365-455c-8bb1-0b464d4d3ba1", - "properties": { - "visible": true - } - }, - { - "id": "a82ec957-8c26-41ea-8af6-6dd75c384801", - "properties": { - "visible": true - } - }, - { - "id": "736c5496-9a6e-4a82-aa00-456725796432", - "properties": { - "visible": true - } - }, - { - "id": "2d428b3c-9d3b-4ec1-bf98-e00673599d60", - "properties": { - "visible": true - } - }, - { - "id": "68566ebb-811d-4337-aba9-a8a8baf90e4b", - "properties": { - "visible": true - } - }, - { - "id": "ca88bab1-a1ea-40cc-8f96-96d1e9f1217d", - "properties": { - "visible": true - } - }, - { - "id": "c63a12c8-542d-47f3-bee1-30b5fe2b0690", - "properties": { - "visible": true - } - }, - { - "id": "cbd9e3bc-6a49-432a-a906-b1674c1de24c", - "properties": { - "visible": true - } - }, - { - "id": "03262f07-8a15-416d-a3f5-e2bf561c78f9", - "properties": { - "visible": true - } - }, - { - "id": "e5c93b87-83fc-45b6-b4d5-bf1e3f523075", - "properties": { - "visible": true - } - }, - { - "id": "72260ac5-3d51-49d7-bb31-f794dd129f1c", - "properties": { - "visible": true - } - }, - { - "id": "d856bde1-1b42-4935-9bee-c37e886c9ecf", - "properties": { - "visible": true - } - }, - { - "id": "62380509-bedf-4134-95c3-77ff377a4a6a", - "properties": { - "visible": true - } - }, - { - "id": "f4ed5ac9-b386-49a6-a0a0-6f3341ce9021", - "properties": { - "visible": true - } - }, - { - "id": "528d2bd2-87fe-4a49-954a-c93a03256929", - "properties": { - "visible": true - } - }, - { - "id": "ff8951f1-61a7-416b-9223-fac4bb6dac50", - "properties": { - "visible": true - } - }, - { - "id": "95c2b011-d782-4042-8a07-6aa4a5765c2e", - "properties": { - "visible": true - } - }, - { - "id": "dbe5837b-0624-4a05-91f3-67b5bd9b812a", - "properties": { - "visible": true - } - }, - { - "id": "13f198ed-82ab-4e51-8144-bfaa5bf77fd5", - "properties": { - "visible": true - } - }, - { - "id": "025312eb-12b6-47e6-9750-0fb31ddc2111", - "properties": { - "visible": true - } - }, - { - "id": "24292d58-db66-4ef3-8f4f-005d7b719433", - "properties": { - "visible": true - } - }, - { - "id": "22e5b5c4-821c-413a-a5b1-ab866d9a03bb", - "properties": { - "visible": true - } - }, - { - "id": "2fde0aac-df89-403d-998e-854b949c7b57", - "properties": { - "visible": true - } - }, - { - "id": "8b576876-5c16-4178-805e-24984c24fac3", - "properties": { - "visible": true - } - }, - { - "id": "415b7d2a-b362-4f1e-b83a-927802328ecb", - "properties": { - "visible": true - } - }, - { - "id": "8ef24fc2-ab25-4f22-9d9f-61902b49dc01", - "properties": { - "visible": true - } - }, - { - "id": "2299b09e-9f8e-4b79-a55c-a7edacde2c85", - "properties": { - "visible": true - } - }, - { - "id": "bf506538-f438-425c-be85-5aa2f9b075b8", - "properties": { - "visible": true - } - }, - { - "id": "2b501dc6-799d-4675-9144-fac77c50c57c", - "properties": { - "visible": true - } - }, - { - "id": "c0446da1-e069-417e-bd5a-34edcd028edc", - "properties": { - "visible": true - } - } - ] - } -}` - -var superComplexA = ` -{ - "annotations": { - "annotation": [ - { - "name": "version", - "value": "8" - }, - { - "name": "versionTag", - "value": "Published on May 13, 2015 at 8:48pm (MST)" - } - ] - }, - "attributes": { - "attribute-key": [ - { - "id": "3b05c943-d81a-436f-b242-8b519e7a6f30", - "properties": { - "visible": true - } - }, - { - "id": "d794c7ee-2a4b-4da4-bba7-e8b973d50c4b", - "properties": { - "visible": true - } - }, - { - "id": "a0259458-517c-480f-9f04-9b54b1b2af1f", - "properties": { - "visible": true - } - }, - { - "id": "9415f39d-c396-4458-9019-fc076c847964", - "properties": { - "visible": true - } - }, - { - "id": "0a2e49a9-8989-42fb-97da-cc66334f828b", - "properties": { - "visible": true - } - }, - { - "id": "27f5f14a-ea97-4feb-b22a-6ff754a31212", - "properties": { - "visible": true - } - }, - { - "id": "6f810508-4615-4fd0-9e87-80f9c94f9ad8", - "properties": { - "visible": true - } - }, - { - "id": "3451b1b2-7365-455c-8bb1-0b464d4d3ba1", - "properties": { - "visible": true - } - }, - { - "id": "a82ec957-8c26-41ea-8af6-6dd75c384801", - "properties": { - "visible": true - } - }, - { - "id": "736c5496-9a6e-4a82-aa00-456725796432", - "properties": { - "visible": true - } - }, - { - "id": "2d428b3c-9d3b-4ec1-bf98-e00673599d60", - "properties": { - "visible": true - } - }, - { - "id": "68566ebb-811d-4337-aba9-a8a8baf90e4b", - "properties": { - "visible": true - } - }, - { - "id": "ca88bab1-a1ea-40cc-8f96-96d1e9f1217d", - "properties": { - "visible": true - } - }, - { - "id": "c63a12c8-542d-47f3-bee1-30b5fe2b0690", - "properties": { - "visible": true - } - }, - { - "id": "cbd9e3bc-6a49-432a-a906-b1674c1de24c", - "properties": { - "visible": true - } - }, - { - "id": "03262f07-8a15-416d-a3f5-e2bf561c78f9", - "properties": { - "visible": true - } - }, - { - "id": "e5c93b87-83fc-45b6-b4d5-bf1e3f523075", - "properties": { - "visible": true - } - }, - { - "id": "72260ac5-3d51-49d7-bb31-f794dd129f1c", - "properties": { - "visible": true - } - }, - { - "id": "d856bde1-1b42-4935-9bee-c37e886c9ecf", - "properties": { - "visible": true - } - }, - { - "id": "62380509-bedf-4134-95c3-77ff377a4a6a", - "properties": { - "visible": true - } - }, - { - "id": "f4ed5ac9-b386-49a6-a0a0-6f3341ce9021", - "properties": { - "visible": true - } - }, - { - "id": "528d2bd2-87fe-4a49-954a-c93a03256929", - "properties": { - "visible": true - } - }, - { - "id": "ff8951f1-61a7-416b-9223-fac4bb6dac50", - "properties": { - "visible": true - } - }, - { - "id": "95c2b011-d782-4042-8a07-6aa4a5765c2e", - "properties": { - "visible": true - } - }, - { - "id": "dbe5837b-0624-4a05-91f3-67b5bd9b812a", - "properties": { - "visible": true - } - }, - { - "id": "13f198ed-82ab-4e51-8144-bfaa5bf77fd5", - "properties": { - "visible": true - } - }, - { - "id": "025312eb-12b6-47e6-9750-0fb31ddc2111", - "properties": { - "visible": true - } - }, - { - "id": "24292d58-db66-4ef3-8f4f-005d7b719433", - "properties": { - "visible": true - } - }, - { - "id": "22e5b5c4-821c-413a-a5b1-ab866d9a03bb", - "properties": { - "visible": true - } - }, - { - "id": "2fde0aac-df89-403d-998e-854b949c7b57", - "properties": { - "visible": true - } - }, - { - "id": "8b576876-5c16-4178-805e-24984c24fac3", - "properties": { - "visible": true - } - }, - { - "id": "415b7d2a-b362-4f1e-b83a-927802328ecb", - "properties": { - "visible": true - } - }, - { - "id": "8ef24fc2-ab25-4f22-9d9f-61902b49dc01", - "properties": { - "visible": true - } - }, - { - "id": "2299b09e-9f8e-4b79-a55c-a7edacde2c85", - "properties": { - "visible": true - } - }, - { - "id": "bf506538-f438-425c-be85-5aa2f9b075b8", - "properties": { - "visible": true - } - }, - { - "id": "2b501dc6-799d-4675-9144-fac77c50c57c", - "properties": { - "visible": true - } - }, - { - "id": "c0446da1-e069-417e-bd5a-34edcd028edc", - "properties": { - "visible": false - } - } - ] - } -}` - -var ( - oldDeployment = `{ - "apiVersion": "apps/v1beta1", - "kind": "Deployment", - "metadata": { - "annotations": { - "k8s.io/app": "busy-dep" - } - } -}` - - newDeployment = `{ - "apiVersion": "apps/v1beta1", - "kind": "Deployment", - "metadata": { - "annotations": { - "k8s.io/app": "busy-dep", - "docker.com/commit": "github.com/myrepo#xyz" - } - } -}` -) - -var ( - oldNestedObj = `{ - "apiVersion": "kubedb.com/v1alpha1", - "kind": "Elasticsearch", - "metadata": { - "name": "quick-elasticsearch", - "namespace": "demo" - }, - "spec": { - "doNotPause": true, - "version": "5.6" - } -}` - - newNestedObj = `{ - "apiVersion": "kubedb.com/v1alpha1", - "kind": "Elasticsearch", - "metadata": { - "name": "quick-elasticsearch", - "namespace": "demo" - }, - "spec": { - "doNotPause": true, - "version": "5.6", - "storageType": "Durable", - "updateStrategy": { - "type": "RollingUpdate" - }, - "terminationPolicy": "Pause" - } -}` -) - -var ( - oldArray = `{ - "apiVersion": "kubedb.com/v1alpha1", - "kind": "Elasticsearch", - "metadata": { - "name": "quick-elasticsearch", - "namespace": "demo" - }, - "spec": { - "tolerations": [ - { - "key": "node.kubernetes.io/key1", - "operator": "Equal", - "value": "value1", - "effect": "NoSchedule" - }, - { - "key": "node.kubernetes.io/key2", - "operator": "Equal", - "value": "value2", - "effect": "NoSchedule" - }, - { - "key": "node.kubernetes.io/not-ready", - "operator": "Exists", - "effect": "NoExecute", - "tolerationSeconds": 300 - }, - { - "key": "node.kubernetes.io/unreachable", - "operator": "Exists", - "effect": "NoExecute", - "tolerationSeconds": 300 - } - ] - } -}` - - newArray = `{ - "apiVersion": "kubedb.com/v1alpha1", - "kind": "Elasticsearch", - "metadata": { - "name": "quick-elasticsearch", - "namespace": "demo" - }, - "spec": { - "tolerations": [ - { - "key": "node.kubernetes.io/key2", - "operator": "Equal", - "value": "value2", - "effect": "NoSchedule" - }, - { - "key": "node.kubernetes.io/key1", - "operator": "Equal", - "value": "value1", - "effect": "NoSchedule" - } - ] - } -}` -) - -func TestCreatePatch(t *testing.T) { - cases := []struct { - name string - src string - dst string - }{ - // simple - {"Simple:OneNullReplace", simplef, simpleG}, - {"Simple:Same", simpleA, simpleA}, - {"Simple:OneStringReplace", simpleA, simpleB}, - {"Simple:OneIntReplace", simpleA, simpleC}, - {"Simple:OneAdd", simpleA, simpleD}, - {"Simple:OneRemove", simpleA, simpleE}, - {"Simple:VsEmpty", simpleA, empty}, - // array types - {"Array:Same", arraySrc, arraySrc}, - {"Array:BoolReplace", arraySrc, arrayDst}, - {"Array:AlmostSame", `{"Lines":[1,2,3,4,5,6,7,8,9,10]}`, `{"Lines":[2,3,4,5,6,7,8,9,10,11]}`}, - {"Array:Remove", `{"x":["A", "B", "C"]}`, `{"x":["D"]}`}, - {"Array:EditDistance", `{"letters":["A","B","C","D","E","F","G","H","I","J","K"]}`, `{"letters":["L","M","N"]}`}, - // complex types - {"Complex:Same", complexBase, complexBase}, - {"Complex:OneStringReplaceInArray", complexBase, complexA}, - {"Complex:OneIntReplace", complexBase, complexB}, - {"Complex:OneAdd", complexBase, complexC}, - {"Complex:OneAddToArray", complexBase, complexC}, - {"Complex:VsEmpty", complexBase, empty}, - // geojson - {"GeoJson:PointLineStringReplace", point, lineString}, - {"GeoJson:LineStringPointReplace", lineString, point}, - // HyperComplex - {"HyperComplex:Same", hyperComplexBase, hyperComplexBase}, - {"HyperComplex:BoolReplace", hyperComplexBase, hyperComplexA}, - // SuperComplex - {"SuperComplex:Same", superComplexBase, superComplexBase}, - {"SuperComplex:BoolReplace", superComplexBase, superComplexA}, - // map - {"Kubernetes:Annotations", oldDeployment, newDeployment}, - // crd with nested object - {"Nested Member Object", oldNestedObj, newNestedObj}, - // array with different order - {"Different Array", oldArray, newArray}, - {"Array at root", `[{"asdf":"qwerty"}]`, `[{"asdf":"bla"},{"asdf":"zzz"}]`}, - {"Empty array at root", `[]`, `[{"asdf":"bla"},{"asdf":"zzz"}]`}, - } - - for _, c := range cases { - t.Run(c.name+"[src->dst]", func(t *testing.T) { - check(t, c.src, c.dst) - }) - t.Run(c.name+"[dst->src]", func(t *testing.T) { - check(t, c.dst, c.src) - }) - } -} - -func check(t *testing.T, src, dst string) { - patch, err := jsonpatch.CreatePatch([]byte(src), []byte(dst)) - assert.Nil(t, err) - - data, err := json.Marshal(patch) - assert.Nil(t, err) - - p2, err := jp.DecodePatch(data) - assert.Nil(t, err) - - d2, err := p2.Apply([]byte(src)) - assert.Nil(t, err) - - assert.JSONEq(t, dst, string(d2)) -} diff --git a/vendor/github.com/go-ini/ini/.travis.yml b/vendor/github.com/go-ini/ini/.travis.yml index 17d3dc5a9..08682ef84 100644 --- a/vendor/github.com/go-ini/ini/.travis.yml +++ b/vendor/github.com/go-ini/ini/.travis.yml @@ -9,6 +9,7 @@ go: - 1.11.x - 1.12.x +install: skip script: - go get golang.org/x/tools/cmd/cover - go get github.com/smartystreets/goconvey diff --git a/vendor/github.com/go-ini/ini/README.md b/vendor/github.com/go-ini/ini/README.md index ae4dfc3a5..44e1fcddd 100644 --- a/vendor/github.com/go-ini/ini/README.md +++ b/vendor/github.com/go-ini/ini/README.md @@ -22,18 +22,10 @@ Package ini provides INI file read and write functionality in Go. The minimum requirement of Go is **1.6**. -To use a tagged revision: - ```sh $ go get gopkg.in/ini.v1 ``` -To use with latest changes: - -```sh -$ go get github.com/go-ini/ini -``` - Please add `-u` flag to update in the future. ## Getting Help diff --git a/vendor/github.com/go-ini/ini/data_source.go b/vendor/github.com/go-ini/ini/data_source.go new file mode 100644 index 000000000..dc0277ec6 --- /dev/null +++ b/vendor/github.com/go-ini/ini/data_source.go @@ -0,0 +1,74 @@ +// Copyright 2019 Unknwon +// +// Licensed under the Apache License, Version 2.0 (the "License"): you may +// not use this file except in compliance with the License. You may obtain +// a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations +// under the License. + +package ini + +import ( + "bytes" + "fmt" + "io" + "io/ioutil" + "os" +) + +var ( + _ dataSource = (*sourceFile)(nil) + _ dataSource = (*sourceData)(nil) + _ dataSource = (*sourceReadCloser)(nil) +) + +// dataSource is an interface that returns object which can be read and closed. +type dataSource interface { + ReadCloser() (io.ReadCloser, error) +} + +// sourceFile represents an object that contains content on the local file system. +type sourceFile struct { + name string +} + +func (s sourceFile) ReadCloser() (_ io.ReadCloser, err error) { + return os.Open(s.name) +} + +// sourceData represents an object that contains content in memory. +type sourceData struct { + data []byte +} + +func (s *sourceData) ReadCloser() (io.ReadCloser, error) { + return ioutil.NopCloser(bytes.NewReader(s.data)), nil +} + +// sourceReadCloser represents an input stream with Close method. +type sourceReadCloser struct { + reader io.ReadCloser +} + +func (s *sourceReadCloser) ReadCloser() (io.ReadCloser, error) { + return s.reader, nil +} + +func parseDataSource(source interface{}) (dataSource, error) { + switch s := source.(type) { + case string: + return sourceFile{s}, nil + case []byte: + return &sourceData{s}, nil + case io.ReadCloser: + return &sourceReadCloser{s}, nil + default: + return nil, fmt.Errorf("error parsing data source: unknown type %q", s) + } +} diff --git a/vendor/github.com/go-ini/ini/deprecated.go b/vendor/github.com/go-ini/ini/deprecated.go new file mode 100644 index 000000000..e8bda06e6 --- /dev/null +++ b/vendor/github.com/go-ini/ini/deprecated.go @@ -0,0 +1,25 @@ +// Copyright 2019 Unknwon +// +// Licensed under the Apache License, Version 2.0 (the "License"): you may +// not use this file except in compliance with the License. You may obtain +// a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations +// under the License. + +package ini + +const ( + // Deprecated: Use "DefaultSection" instead. + DEFAULT_SECTION = DefaultSection +) + +var ( + // Deprecated: AllCapsUnderscore converts to format ALL_CAPS_UNDERSCORE. + AllCapsUnderscore = SnackCase +) diff --git a/vendor/github.com/go-ini/ini/file.go b/vendor/github.com/go-ini/ini/file.go index b38aadd1f..017b77c8b 100644 --- a/vendor/github.com/go-ini/ini/file.go +++ b/vendor/github.com/go-ini/ini/file.go @@ -302,7 +302,7 @@ func (f *File) writeToBuffer(indent string) (*bytes.Buffer, error) { } alignSpaces := bytes.Repeat([]byte(" "), alignLength) - KEY_LIST: + KeyList: for _, kname := range sec.keyList { key := sec.Key(kname) if len(key.Comment) > 0 { @@ -347,7 +347,7 @@ func (f *File) writeToBuffer(indent string) (*bytes.Buffer, error) { if kname != sec.keyList[len(sec.keyList)-1] { buf.WriteString(LineBreak) } - continue KEY_LIST + continue KeyList } // Write out alignment spaces before "=" sign diff --git a/vendor/github.com/go-ini/ini/helper.go b/vendor/github.com/go-ini/ini/helper.go new file mode 100644 index 000000000..f9d80a682 --- /dev/null +++ b/vendor/github.com/go-ini/ini/helper.go @@ -0,0 +1,24 @@ +// Copyright 2019 Unknwon +// +// Licensed under the Apache License, Version 2.0 (the "License"): you may +// not use this file except in compliance with the License. You may obtain +// a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations +// under the License. + +package ini + +func inSlice(str string, s []string) bool { + for _, v := range s { + if str == v { + return true + } + } + return false +} diff --git a/vendor/github.com/go-ini/ini/helper_test.go b/vendor/github.com/go-ini/ini/helper_test.go new file mode 100644 index 000000000..18664793f --- /dev/null +++ b/vendor/github.com/go-ini/ini/helper_test.go @@ -0,0 +1,29 @@ +// Copyright 2019 Unknwon +// +// Licensed under the Apache License, Version 2.0 (the "License"): you may +// not use this file except in compliance with the License. You may obtain +// a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations +// under the License. + +package ini + +import ( + "testing" + + . "github.com/smartystreets/goconvey/convey" +) + +func Test_isSlice(t *testing.T) { + Convey("Check if a string is in the slice", t, func() { + ss := []string{"a", "b", "c"} + So(inSlice("a", ss), ShouldBeTrue) + So(inSlice("d", ss), ShouldBeFalse) + }) +} diff --git a/vendor/github.com/go-ini/ini/ini.go b/vendor/github.com/go-ini/ini/ini.go index 781f2d3b0..420f3dbd0 100644 --- a/vendor/github.com/go-ini/ini/ini.go +++ b/vendor/github.com/go-ini/ini/ini.go @@ -18,11 +18,6 @@ package ini import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "os" "regexp" "runtime" ) @@ -31,12 +26,10 @@ const ( // DefaultSection is the name of default section. You can use this constant or the string literal. // In most of cases, an empty string is all you need to access the section. DefaultSection = "DEFAULT" - // Deprecated: Use "DefaultSection" instead. - DEFAULT_SECTION = DefaultSection // Maximum allowed depth when recursively substituing variable names. depthValues = 99 - version = "1.42.1" + version = "1.46.0" ) // Version returns current package version literal. @@ -49,26 +42,23 @@ var ( // This variable will be changed to "\r\n" automatically on Windows at package init time. LineBreak = "\n" - // DefaultFormatLeft places custom spaces on the left when PrettyFormat and PrettyEqual are both disabled. - DefaultFormatLeft = "" - // DefaultFormatRight places custom spaces on the right when PrettyFormat and PrettyEqual are both disabled. - DefaultFormatRight = "" - // Variable regexp pattern: %(variable)s - varPattern = regexp.MustCompile(`%\(([^\)]+)\)s`) - - // PrettyFormat indicates whether to align "=" sign with spaces to produce pretty output - // or reduce all possible spaces for compact format. - PrettyFormat = true - - // PrettyEqual places spaces around "=" sign even when PrettyFormat is false. - PrettyEqual = false + varPattern = regexp.MustCompile(`%\(([^)]+)\)s`) // DefaultHeader explicitly writes default section header. DefaultHeader = false // PrettySection indicates whether to put a line between sections. PrettySection = true + // PrettyFormat indicates whether to align "=" sign with spaces to produce pretty output + // or reduce all possible spaces for compact format. + PrettyFormat = true + // PrettyEqual places spaces around "=" sign even when PrettyFormat is false. + PrettyEqual = false + // DefaultFormatLeft places custom spaces on the left when PrettyFormat and PrettyEqual are both disabled. + DefaultFormatLeft = "" + // DefaultFormatRight places custom spaces on the right when PrettyFormat and PrettyEqual are both disabled. + DefaultFormatRight = "" ) func init() { @@ -77,60 +67,6 @@ func init() { } } -func inSlice(str string, s []string) bool { - for _, v := range s { - if str == v { - return true - } - } - return false -} - -// dataSource is an interface that returns object which can be read and closed. -type dataSource interface { - ReadCloser() (io.ReadCloser, error) -} - -// sourceFile represents an object that contains content on the local file system. -type sourceFile struct { - name string -} - -func (s sourceFile) ReadCloser() (_ io.ReadCloser, err error) { - return os.Open(s.name) -} - -// sourceData represents an object that contains content in memory. -type sourceData struct { - data []byte -} - -func (s *sourceData) ReadCloser() (io.ReadCloser, error) { - return ioutil.NopCloser(bytes.NewReader(s.data)), nil -} - -// sourceReadCloser represents an input stream with Close method. -type sourceReadCloser struct { - reader io.ReadCloser -} - -func (s *sourceReadCloser) ReadCloser() (io.ReadCloser, error) { - return s.reader, nil -} - -func parseDataSource(source interface{}) (dataSource, error) { - switch s := source.(type) { - case string: - return sourceFile{s}, nil - case []byte: - return &sourceData{s}, nil - case io.ReadCloser: - return &sourceReadCloser{s}, nil - default: - return nil, fmt.Errorf("error parsing data source: unknown type '%s'", s) - } -} - // LoadOptions contains all customized options used for load data source(s). type LoadOptions struct { // Loose indicates whether the parser should ignore nonexistent files or return error. diff --git a/vendor/github.com/go-ini/ini/ini_internal_test.go b/vendor/github.com/go-ini/ini/ini_internal_test.go index b5c9aa85b..7df371f20 100644 --- a/vendor/github.com/go-ini/ini/ini_internal_test.go +++ b/vendor/github.com/go-ini/ini/ini_internal_test.go @@ -25,11 +25,3 @@ func Test_Version(t *testing.T) { So(Version(), ShouldEqual, version) }) } - -func Test_isSlice(t *testing.T) { - Convey("Check if a string is in the slice", t, func() { - ss := []string{"a", "b", "c"} - So(inSlice("a", ss), ShouldBeTrue) - So(inSlice("d", ss), ShouldBeFalse) - }) -} diff --git a/vendor/github.com/go-ini/ini/ini_test.go b/vendor/github.com/go-ini/ini/ini_test.go index 767b4614f..e133a1963 100644 --- a/vendor/github.com/go-ini/ini/ini_test.go +++ b/vendor/github.com/go-ini/ini/ini_test.go @@ -266,6 +266,19 @@ e-mail = u@gogs.io So(f.Section("Author").Key("e-mail").String(), ShouldBeEmpty) }) }) + + // Ref: https://github.com/go-ini/ini/issues/198 + Convey("Insensitive load with default section", t, func() { + f, err := ini.InsensitiveLoad([]byte(` +user = unknwon +[profile] +email = unknwon@local +`)) + So(err, ShouldBeNil) + So(f, ShouldNotBeNil) + + So(f.Section(ini.DefaultSection).Key("user").String(), ShouldEqual, "unknwon") + }) } func TestLoadSources(t *testing.T) { @@ -507,11 +520,16 @@ long_rsa_private_key = -----BEGIN RSA PRIVATE KEY----- foobar barfoo -----END RSA PRIVATE KEY----- +multiline_list = + first + second + third `)) So(err, ShouldBeNil) So(f, ShouldNotBeNil) So(f.Section("long").Key("long_rsa_private_key").String(), ShouldEqual, "-----BEGIN RSA PRIVATE KEY-----\nfoo\nbar\nfoobar\nbarfoo\n-----END RSA PRIVATE KEY-----") + So(f.Section("long").Key("multiline_list").String(), ShouldEqual, "\nfirst\nsecond\nthird") }) Convey("Can parse big python-compatible INI files", func() { @@ -817,18 +835,26 @@ GITHUB = U;n;k;n;w;o;n Convey("with false `AllowPythonMultilineValues`", func() { Convey("Ignore nonexistent files", func() { - f, err := ini.LoadSources(ini.LoadOptions{AllowPythonMultilineValues: false, Loose: true}, notFoundConf, minimalConf) + f, err := ini.LoadSources(ini.LoadOptions{ + AllowPythonMultilineValues: false, + Loose: true, + }, notFoundConf, minimalConf) So(err, ShouldBeNil) So(f, ShouldNotBeNil) Convey("Inverse case", func() { - _, err = ini.LoadSources(ini.LoadOptions{AllowPythonMultilineValues: false}, notFoundConf) + _, err = ini.LoadSources(ini.LoadOptions{ + AllowPythonMultilineValues: false, + }, notFoundConf) So(err, ShouldNotBeNil) }) }) Convey("Insensitive to section and key names", func() { - f, err := ini.LoadSources(ini.LoadOptions{AllowPythonMultilineValues: false, Insensitive: true}, minimalConf) + f, err := ini.LoadSources(ini.LoadOptions{ + AllowPythonMultilineValues: false, + Insensitive: true, + }, minimalConf) So(err, ShouldBeNil) So(f, ShouldNotBeNil) @@ -845,7 +871,9 @@ e-mail = u@gogs.io }) Convey("Inverse case", func() { - f, err := ini.LoadSources(ini.LoadOptions{AllowPythonMultilineValues: false}, minimalConf) + f, err := ini.LoadSources(ini.LoadOptions{ + AllowPythonMultilineValues: false, + }, minimalConf) So(err, ShouldBeNil) So(f, ShouldNotBeNil) diff --git a/vendor/github.com/go-ini/ini/parser.go b/vendor/github.com/go-ini/ini/parser.go index a8696515c..7c22a25c1 100644 --- a/vendor/github.com/go-ini/ini/parser.go +++ b/vendor/github.com/go-ini/ini/parser.go @@ -204,6 +204,9 @@ func (p *parser) readValue(in []byte, bufferSize int) (string, error) { line := strings.TrimLeftFunc(string(in), unicode.IsSpace) if len(line) == 0 { + if p.options.AllowPythonMultilineValues && len(in) > 0 && in[len(in)-1] == '\n' { + return p.readPythonMultilines(line, bufferSize) + } return "", nil } @@ -272,44 +275,46 @@ func (p *parser) readValue(in []byte, bufferSize int) (string, error) { line = strings.Replace(line, `\#`, "#", -1) } } else if p.options.AllowPythonMultilineValues && lastChar == '\n' { - parserBufferPeekResult, _ := p.buf.Peek(bufferSize) - peekBuffer := bytes.NewBuffer(parserBufferPeekResult) - - val := line - - for { - peekData, peekErr := peekBuffer.ReadBytes('\n') - if peekErr != nil { - if peekErr == io.EOF { - return val, nil - } - return "", peekErr - } - - peekMatches := pythonMultiline.FindStringSubmatch(string(peekData)) - if len(peekMatches) != 3 { - return val, nil - } - - // NOTE: Return if not a python-ini multi-line value. - currentIdentSize := len(peekMatches[1]) - if currentIdentSize <= 0 { - return val, nil - } - - // NOTE: Just advance the parser reader (buffer) in-sync with the peek buffer. - _, err := p.readUntil('\n') - if err != nil { - return "", err - } - - val += fmt.Sprintf("\n%s", peekMatches[2]) - } + return p.readPythonMultilines(line, bufferSize) } return line, nil } +func (p *parser) readPythonMultilines(line string, bufferSize int) (string, error) { + parserBufferPeekResult, _ := p.buf.Peek(bufferSize) + peekBuffer := bytes.NewBuffer(parserBufferPeekResult) + + for { + peekData, peekErr := peekBuffer.ReadBytes('\n') + if peekErr != nil { + if peekErr == io.EOF { + return line, nil + } + return "", peekErr + } + + peekMatches := pythonMultiline.FindStringSubmatch(string(peekData)) + if len(peekMatches) != 3 { + return line, nil + } + + // NOTE: Return if not a python-ini multi-line value. + currentIdentSize := len(peekMatches[1]) + if currentIdentSize <= 0 { + return line, nil + } + + // NOTE: Just advance the parser reader (buffer) in-sync with the peek buffer. + _, err := p.readUntil('\n') + if err != nil { + return "", err + } + + line += fmt.Sprintf("\n%s", peekMatches[2]) + } +} + // parse parses data through an io.Reader. func (f *File) parse(reader io.Reader) (err error) { p := newParser(reader, parserOptions{ diff --git a/vendor/github.com/go-ini/ini/struct.go b/vendor/github.com/go-ini/ini/struct.go index aa8d21de1..5e57f2ec0 100644 --- a/vendor/github.com/go-ini/ini/struct.go +++ b/vendor/github.com/go-ini/ini/struct.go @@ -29,8 +29,8 @@ type NameMapper func(string) string // Built-in name getters. var ( - // AllCapsUnderscore converts to format ALL_CAPS_UNDERSCORE. - AllCapsUnderscore NameMapper = func(raw string) string { + // SnackCase converts to format SNACK_CASE. + SnackCase NameMapper = func(raw string) string { newstr := make([]rune, 0, len(raw)) for i, chr := range raw { if isUpper := 'A' <= chr && chr <= 'Z'; isUpper { @@ -50,7 +50,7 @@ var ( if i > 0 { newstr = append(newstr, '_') } - chr -= ('A' - 'a') + chr -= 'A' - 'a' } newstr = append(newstr, chr) } @@ -149,7 +149,7 @@ func wrapStrictError(err error, isStrict bool) error { // setWithProperType sets proper value to field based on its type, // but it does not return error for failing parsing, -// because we want to use default value that is already assigned to strcut. +// because we want to use default value that is already assigned to struct. func setWithProperType(t reflect.Type, key *Key, field reflect.Value, delim string, allowShadow, isStrict bool) error { switch t.Kind() { case reflect.String: @@ -205,6 +205,17 @@ func setWithProperType(t reflect.Type, key *Key, field reflect.Value, delim stri field.Set(reflect.ValueOf(timeVal)) case reflect.Slice: return setSliceWithProperType(key, field, delim, allowShadow, isStrict) + case reflect.Ptr: + switch t.Elem().Kind() { + case reflect.Bool: + boolVal, err := key.Bool() + if err != nil { + return wrapStrictError(err, isStrict) + } + field.Set(reflect.ValueOf(&boolVal)) + default: + return fmt.Errorf("unsupported type '%s'", t) + } default: return fmt.Errorf("unsupported type '%s'", t) } @@ -244,14 +255,21 @@ func (s *Section) mapTo(val reflect.Value, isStrict bool) error { continue } - isAnonymous := tpField.Type.Kind() == reflect.Ptr && tpField.Anonymous isStruct := tpField.Type.Kind() == reflect.Struct + isStructPtr := tpField.Type.Kind() == reflect.Ptr && tpField.Type.Elem().Kind() == reflect.Struct + isAnonymous := tpField.Type.Kind() == reflect.Ptr && tpField.Anonymous if isAnonymous { field.Set(reflect.New(tpField.Type.Elem())) } - if isAnonymous || isStruct { + if isAnonymous || isStruct || isStructPtr { if sec, err := s.f.GetSection(fieldName); err == nil { + // Only set the field to non-nil struct value if we have + // a section for it. Otherwise, we end up with a non-nil + // struct ptr even though there is no data. + if isStructPtr && field.IsNil() { + field.Set(reflect.New(tpField.Type.Elem())) + } if err = sec.mapTo(field, isStrict); err != nil { return fmt.Errorf("error mapping field(%s): %v", fieldName, err) } @@ -342,14 +360,43 @@ func StrictMapTo(v, source interface{}, others ...interface{}) error { } // reflectSliceWithProperType does the opposite thing as setSliceWithProperType. -func reflectSliceWithProperType(key *Key, field reflect.Value, delim string) error { +func reflectSliceWithProperType(key *Key, field reflect.Value, delim string, allowShadow bool) error { slice := field.Slice(0, field.Len()) if field.Len() == 0 { return nil } + sliceOf := field.Type().Elem().Kind() + + if allowShadow { + var keyWithShadows *Key + for i := 0; i < field.Len(); i++ { + var val string + switch sliceOf { + case reflect.String: + val = slice.Index(i).String() + case reflect.Int, reflect.Int64: + val = fmt.Sprint(slice.Index(i).Int()) + case reflect.Uint, reflect.Uint64: + val = fmt.Sprint(slice.Index(i).Uint()) + case reflect.Float64: + val = fmt.Sprint(slice.Index(i).Float()) + case reflectTime: + val = slice.Index(i).Interface().(time.Time).Format(time.RFC3339) + default: + return fmt.Errorf("unsupported type '[]%s'", sliceOf) + } + + if i == 0 { + keyWithShadows = newKey(key.s, key.name, val) + } else { + keyWithShadows.AddShadow(val) + } + } + key = keyWithShadows + return nil + } var buf bytes.Buffer - sliceOf := field.Type().Elem().Kind() for i := 0; i < field.Len(); i++ { switch sliceOf { case reflect.String: @@ -367,12 +414,12 @@ func reflectSliceWithProperType(key *Key, field reflect.Value, delim string) err } buf.WriteString(delim) } - key.SetValue(buf.String()[:buf.Len()-1]) + key.SetValue(buf.String()[:buf.Len()-len(delim)]) return nil } // reflectWithProperType does the opposite thing as setWithProperType. -func reflectWithProperType(t reflect.Type, key *Key, field reflect.Value, delim string) error { +func reflectWithProperType(t reflect.Type, key *Key, field reflect.Value, delim string, allowShadow bool) error { switch t.Kind() { case reflect.String: key.SetValue(field.String()) @@ -387,7 +434,11 @@ func reflectWithProperType(t reflect.Type, key *Key, field reflect.Value, delim case reflectTime: key.SetValue(fmt.Sprint(field.Interface().(time.Time).Format(time.RFC3339))) case reflect.Slice: - return reflectSliceWithProperType(key, field, delim) + return reflectSliceWithProperType(key, field, delim, allowShadow) + case reflect.Ptr: + if !field.IsNil() { + return reflectWithProperType(t.Elem(), key, field.Elem(), delim, allowShadow) + } default: return fmt.Errorf("unsupported type '%s'", t) } @@ -432,12 +483,12 @@ func (s *Section) reflectFrom(val reflect.Value) error { continue } - opts := strings.SplitN(tag, ",", 2) - if len(opts) == 2 && opts[1] == "omitempty" && isEmptyValue(field) { + rawName, omitEmpty, allowShadow := parseTagOptions(tag) + if omitEmpty && isEmptyValue(field) { continue } - fieldName := s.parseFieldName(tpField.Name, opts[0]) + fieldName := s.parseFieldName(tpField.Name, rawName) if len(fieldName) == 0 || !field.CanSet() { continue } @@ -473,7 +524,7 @@ func (s *Section) reflectFrom(val reflect.Value) error { key.Comment = tpField.Tag.Get("comment") } - if err = reflectWithProperType(tpField.Type, key, field, parseDelim(tpField.Tag.Get("delim"))); err != nil { + if err = reflectWithProperType(tpField.Type, key, field, parseDelim(tpField.Tag.Get("delim")), allowShadow); err != nil { return fmt.Errorf("error reflecting field (%s): %v", fieldName, err) } diff --git a/vendor/github.com/go-ini/ini/struct_test.go b/vendor/github.com/go-ini/ini/struct_test.go index 0dbbef22d..8d74cf93b 100644 --- a/vendor/github.com/go-ini/ini/struct_test.go +++ b/vendor/github.com/go-ini/ini/struct_test.go @@ -45,10 +45,13 @@ type testStruct struct { Name string `ini:"NAME"` Age int Male bool + Optional *bool Money float64 Born time.Time Time time.Duration `ini:"Duration"` Others testNested + OthersPtr *testNested + NilPtr *testNested *TestEmbeded `ini:"grade"` Unused int `ini:"-"` Unsigned uint @@ -61,6 +64,7 @@ const _CONF_DATA_STRUCT = ` NAME = Unknwon Age = 21 Male = true +Optional = true Money = 1.25 Born = 1993-10-07T20:17:05Z Duration = 2h45m @@ -79,6 +83,16 @@ Populations = 12345678,98765432 Coordinates = 192.168,10.11 Note = Hello world! +[OthersPtr] +Cities = HangZhou|Boston +Visits = 1993-10-07T20:17:05Z, 1993-10-07T20:17:05Z +Years = 1993,1994 +Numbers = 10010,10086 +Ages = 18,19 +Populations = 12345678,98765432 +Coordinates = 192.168,10.11 +Note = Hello world! + [grade] GPA = 2.8 @@ -106,12 +120,13 @@ type unsupport4 struct { } type defaultValue struct { - Name string - Age int - Male bool - Money float64 - Born time.Time - Cities []string + Name string + Age int + Male bool + Optional *bool + Money float64 + Born time.Time + Cities []string } type fooBar struct { @@ -136,6 +151,7 @@ func Test_MapToStruct(t *testing.T) { So(ts.Name, ShouldEqual, "Unknwon") So(ts.Age, ShouldEqual, 21) So(ts.Male, ShouldBeTrue) + So(*ts.Optional, ShouldBeTrue) So(ts.Money, ShouldEqual, 1.25) So(ts.Unsigned, ShouldEqual, 3) @@ -156,6 +172,17 @@ func Test_MapToStruct(t *testing.T) { So(fmt.Sprint(ts.Others.Coordinates), ShouldEqual, "[192.168 10.11]") So(ts.Others.Note, ShouldEqual, "Hello world!") So(ts.TestEmbeded.GPA, ShouldEqual, 2.8) + + So(strings.Join(ts.OthersPtr.Cities, ","), ShouldEqual, "HangZhou,Boston") + So(ts.OthersPtr.Visits[0].String(), ShouldEqual, t.String()) + So(fmt.Sprint(ts.OthersPtr.Years), ShouldEqual, "[1993 1994]") + So(fmt.Sprint(ts.OthersPtr.Numbers), ShouldEqual, "[10010 10086]") + So(fmt.Sprint(ts.OthersPtr.Ages), ShouldEqual, "[18 19]") + So(fmt.Sprint(ts.OthersPtr.Populations), ShouldEqual, "[12345678 98765432]") + So(fmt.Sprint(ts.OthersPtr.Coordinates), ShouldEqual, "[192.168 10.11]") + So(ts.OthersPtr.Note, ShouldEqual, "Hello world!") + + So(ts.NilPtr, ShouldBeNil) }) Convey("Map section to struct", func() { @@ -219,7 +246,7 @@ func Test_MapToStruct(t *testing.T) { t, err := time.Parse(time.RFC3339, "1993-10-07T20:17:05Z") So(err, ShouldBeNil) - dv := &defaultValue{"Joe", 10, true, 1.25, t, []string{"HangZhou", "Boston"}} + dv := &defaultValue{"Joe", 10, true, nil, 1.25, t, []string{"HangZhou", "Boston"}} So(f.MapTo(dv), ShouldBeNil) So(dv.Name, ShouldEqual, "Joe") So(dv.Age, ShouldEqual, 10) @@ -275,6 +302,7 @@ func Test_ReflectFromStruct(t *testing.T) { type Author struct { Name string `ini:"NAME"` Male bool + Optional *bool Age int `comment:"Author's age"` Height uint GPA float64 @@ -285,7 +313,7 @@ func Test_ReflectFromStruct(t *testing.T) { t, err := time.Parse(time.RFC3339, "1993-10-07T20:17:05Z") So(err, ShouldBeNil) - a := &Author{"Unknwon", true, 21, 100, 2.8, t, "", + a := &Author{"Unknwon", true, nil, 21, 100, 2.8, t, "", &Embeded{ []time.Time{t, t}, []string{"HangZhou", "Boston"}, @@ -302,13 +330,14 @@ func Test_ReflectFromStruct(t *testing.T) { var buf bytes.Buffer _, err = cfg.WriteTo(&buf) So(err, ShouldBeNil) - So(buf.String(), ShouldEqual, `NAME = Unknwon -Male = true + So(buf.String(), ShouldEqual, `NAME = Unknwon +Male = true +Optional = ; Author's age -Age = 21 -Height = 100 -GPA = 2.8 -Date = 1993-10-07T20:17:05Z +Age = 21 +Height = 100 +GPA = 2.8 +Date = 1993-10-07T20:17:05Z ; Embeded section [infos] @@ -352,6 +381,40 @@ omitempty = 9 }) } +// Inspired by https://github.com/go-ini/ini/issues/196 +func TestMapToAndReflectFromStructWithShadows(t *testing.T) { + Convey("Map to struct and then reflect with shadows should generate original config content", t, func() { + type include struct { + Paths []string `ini:"path,omitempty,allowshadow"` + } + + cfg, err := ini.LoadSources(ini.LoadOptions{ + AllowShadows: true, + }, []byte(` +[include] +path = /tmp/gpm-profiles/test5.profile +path = /tmp/gpm-profiles/test1.profile`)) + So(err, ShouldBeNil) + + sec := cfg.Section("include") + inc := new(include) + err = sec.MapTo(inc) + So(err, ShouldBeNil) + + err = sec.ReflectFrom(inc) + So(err, ShouldBeNil) + + var buf bytes.Buffer + _, err = cfg.WriteTo(&buf) + So(err, ShouldBeNil) + So(buf.String(), ShouldEqual, `[include] +path = /tmp/gpm-profiles/test5.profile +path = /tmp/gpm-profiles/test1.profile + +`) + }) +} + type testMapper struct { PackageName string } diff --git a/vendor/github.com/go-logr/logr/README.md b/vendor/github.com/go-logr/logr/README.md index 26296d024..eaa122032 100644 --- a/vendor/github.com/go-logr/logr/README.md +++ b/vendor/github.com/go-logr/logr/README.md @@ -1,9 +1,9 @@ # A more minimal logging API for Go -Before you consider this package, please read [this blog post by the inimitable -Dave Cheney](http://dave.cheney.net/2015/11/05/lets-talk-about-logging). I -really appreciate what he has to say, and it largely aligns with my own -experiences. Too many choices of levels means inconsistent logs. +Before you consider this package, please read [this blog post by the +inimitable Dave Cheney][warning-makes-no-sense]. I really appreciate what +he has to say, and it largely aligns with my own experiences. Too many +choices of levels means inconsistent logs. This package offers a purely abstract interface, based on these ideas but with a few twists. Code can depend on just this interface and have the actual @@ -31,6 +31,150 @@ may feel very similar, but the primary difference is the lack of semantics. Because verbosity is a numerical value, it's safe to assume that an app running with higher verbosity means more (and less important) logs will be generated. -This is a BETA grade API. I have implemented it for -[glog](https://godoc.org/github.com/golang/glog). Until there is a significant -2nd implementation, I don't really know how it will change. +This is a BETA grade API. + +There are implementations for the following logging libraries: + +- **github.com/google/glog**: [glogr](https://github.com/go-logr/glogr) +- **k8s.io/klog**: [klogr](https://git.k8s.io/klog/klogr) +- **go.uber.org/zap**: [zapr](https://github.com/go-logr/zapr) +- **log** (the Go standard library logger): + [stdr](https://github.com/go-logr/stdr) + +# FAQ + +## Conceptual + +## Why structured logging? + +- **Structured logs are more easily queriable**: Since you've got + key-value pairs, it's much easier to query your structured logs for + particular values by filtering on the contents of a particular key -- + think searching request logs for error codes, Kubernetes reconcilers for + the name and namespace of the reconciled object, etc + +- **Structured logging makes it easier to have cross-referencable logs**: + Similarly to searchability, if you maintain conventions around your + keys, it becomes easy to gather all log lines related to a particular + concept. + +- **Structured logs allow better dimensions of filtering**: if you have + structure to your logs, you've got more precise control over how much + information is logged -- you might choose in a particular configuration + to log certain keys but not others, only log lines where a certain key + matches a certain value, etc, instead of just having v-levels and names + to key off of. + +- **Structured logs better represent structured data**: sometimes, the + data that you want to log is inherently structured (think tuple-link + objects). Structured logs allow you to preserve that structure when + outputting. + +## Why V-levels? + +**V-levels give operators an easy way to control the chattiness of log +operations**. V-levels provide a way for a given package to distinguish +the relative importance or verbosity of a given log message. Then, if +a particular logger or package is is logging too many messages, the user +of the package can simply chang the v-levels for that library. + +## Why not more named levels, like Warning? + +Read [Dave Cheney's post][warning-makes-no-sense]. Then read [Differences +from Dave's ideas](#differences-from-daves-ideas). + +## Why not allow format strings, too? + +**Format strings negate many of the benefits of structured logs**: + +- They're not easily searchable without resorting to fuzzy searching, + regular expressions, etc + +- They don't store structured data well, since contents are flattened into + a string + +- They're not cross-referencable + +- They don't compress easily, since the message is not constant + +(unless you turn positional parameters into key-value pairs with numerical +keys, at which point you've gotten key-value logging with meaningless +keys) + +## Practical + +## Why key-value pairs, and not a map? + +Key-value pairs are *much* easier to optimize, especially around +allocations. Zap (a structured logger that inspired logr's interface) has +[performance measurements](https://github.com/uber-go/zap#performance) +that show this quite nicely. + +While the interface ends up being a little less obvious, you get +potentially better performance, plus avoid making users type +`map[string]string{}` every time they want to log. + +## What if my V-levels differ between libraries? + +That's fine. Control your V-levels on a per-logger basis, and use the +`WithName` function to pass different loggers to different libraries. + +Generally, you should take care to ensure that you have relatively +consistent V-levels within a given logger, however, as this makes deciding +on what verbosity of logs to request easier. + +## But I *really* want to use a format string! + +That's not actually a question. Assuming your question is "how do +I convert my mental model of logging with format strings to logging with +constant messages": + +1. figure out what the error actually is, as you'd write in a TL;DR style, + and use that as a message + +2. For every place you'd write a format specifier, look to the word before + it, and add that as a key value pair + +For instance, consider the following examples (all taken from spots in the +Kubernetes codebase): + +- `klog.V(4).Infof("Client is returning errors: code %v, error %v", + responseCode, err)` becomes `logger.V(4).Error(error, "client returned an + error", "code", responseCode) + +- `klog.V(4).Infof("Got a Retry-After %ds response for attempt %d to %v", + seconds, retries, url)` becomes `logger.V(4).Info("got a retry-after + response when requesting url", "attempt", retries, "after + seconds", seconds, "url", url)` + +If you *really* must use a format string, place it as a key value, and +call `fmt.Sprintf` yourself -- for instance, `log.Printf("unable to +reflect over type %T")` becomes `logger.Info("unable to reflect over +type", "type", fmt.Sprintf("%T"))`. In general though, the cases where +this is necessary should be few and far between. + +## How do I choose my V-levels? + +This is basically the only hard constraint: increase V-levels to denote +more verbose or more debug-y logs. + +Otherwise, you can start out with `0` as "you always want to see this", +`1` as "common logging that you might *possibly* want to turn off", and +`10` as "I would like to performance-test your log collection stack". + +Then gradually choose levels in between as you need them, working your way +down from 10 (for debug and trace style logs) and up from 1 (for chattier +info-type logs). + +## How do I choose my keys + +- make your keys human-readable +- constant keys are generally a good idea +- be consistent across your codebase +- keys should naturally match parts of the message string + +While key names are mostly unrestricted (and spaces are acceptable), +it's generally a good idea to stick to printable ascii characters, or at +least match the general character set of your log lines. + +[warning-makes-no-sense]: http://dave.cheney.net/2015/11/05/lets-talk-about-logging diff --git a/vendor/github.com/go-logr/logr/logr.go b/vendor/github.com/go-logr/logr/logr.go index ad72e7886..09b833de7 100644 --- a/vendor/github.com/go-logr/logr/logr.go +++ b/vendor/github.com/go-logr/logr/logr.go @@ -13,22 +13,22 @@ // // Usage // -// Logging is done using a Logger. Loggers can have name prefixes and named values -// attached, so that all log messages logged with that Logger have some base context -// associated. +// Logging is done using a Logger. Loggers can have name prefixes and named +// values attached, so that all log messages logged with that Logger have some +// base context associated. // -// The term "key" is used to refer to the name associated with a particular value, to -// disambiguate it from the general Logger name. +// The term "key" is used to refer to the name associated with a particular +// value, to disambiguate it from the general Logger name. // -// For instance, suppose we're trying to reconcile the state of an object, and we want -// to log that we've made some decision. +// For instance, suppose we're trying to reconcile the state of an object, and +// we want to log that we've made some decision. // -// With the traditional log package, we might write +// With the traditional log package, we might write: // log.Printf( // "decided to set field foo to value %q for object %s/%s", // targetValue, object.Namespace, object.Name) // -// With logr's structured logging, we'd write +// With logr's structured logging, we'd write: // // elsewhere in the file, set up the logger to log with the prefix of "reconcilers", // // and the named value target-type=Foo, for extra context. // log := mainLogger.WithName("reconcilers").WithValues("target-type", "Foo") @@ -36,64 +36,83 @@ // // later on... // log.Info("setting field foo on object", "value", targetValue, "object", object) // -// Depending on our logging implementation, we could then make logging decisions based on field values -// (like only logging such events for objects in a certain namespace), or copy the structured -// information into a structured log store. +// Depending on our logging implementation, we could then make logging decisions +// based on field values (like only logging such events for objects in a certain +// namespace), or copy the structured information into a structured log store. // -// For logging errors, Logger has a method called Error. Suppose we wanted to log an -// error while reconciling. With the traditional log package, we might write +// For logging errors, Logger has a method called Error. Suppose we wanted to +// log an error while reconciling. With the traditional log package, we might +// write: // log.Errorf("unable to reconcile object %s/%s: %v", object.Namespace, object.Name, err) // -// With logr, we'd instead write +// With logr, we'd instead write: // // assuming the above setup for log // log.Error(err, "unable to reconcile object", "object", object) // // This functions similarly to: // log.Info("unable to reconcile object", "error", err, "object", object) // -// However, it ensures that a standard key for the error value ("error") is used across all -// error logging. Furthermore, certain implementations may choose to attach additional -// information (such as stack traces) on calls to Error, so it's preferred to use Error -// to log errors. +// However, it ensures that a standard key for the error value ("error") is used +// across all error logging. Furthermore, certain implementations may choose to +// attach additional information (such as stack traces) on calls to Error, so +// it's preferred to use Error to log errors. // // Parts of a log line // // Each log message from a Logger has four types of context: // logger name, log verbosity, log message, and the named values. // -// The Logger name constists of a series of name "segments" added by successive calls to WithName. -// These name segments will be joined in some way by the underlying implementation. It is strongly -// reccomended that name segements contain simple identifiers (letters, digits, and hyphen), and do -// not contain characters that could muddle the log output or confuse the joining operation (e.g. -// whitespace, commas, periods, slashes, brackets, quotes, etc). +// The Logger name constists of a series of name "segments" added by successive +// calls to WithName. These name segments will be joined in some way by the +// underlying implementation. It is strongly reccomended that name segements +// contain simple identifiers (letters, digits, and hyphen), and do not contain +// characters that could muddle the log output or confuse the joining operation +// (e.g. whitespace, commas, periods, slashes, brackets, quotes, etc). // -// Log verbosity represents how little a log matters. Level zero, the default, matters most. -// Increasing levels matter less and less. Try to avoid lots of different verbosity levels, -// and instead provide useful keys, logger names, and log messages for users to filter on. -// It's illegal to pass a log level below zero. +// Log verbosity represents how little a log matters. Level zero, the default, +// matters most. Increasing levels matter less and less. Try to avoid lots of +// different verbosity levels, and instead provide useful keys, logger names, +// and log messages for users to filter on. It's illegal to pass a log level +// below zero. // -// The log message consists of a constant message attached to the the log line. This -// should generally be a simple description of what's occuring, and should never be a format string. +// The log message consists of a constant message attached to the the log line. +// This should generally be a simple description of what's occuring, and should +// never be a format string. // -// Variable information can then be attached using named values (key/value pairs). Keys are arbitrary -// strings, while values may be any Go value. +// Variable information can then be attached using named values (key/value +// pairs). Keys are arbitrary strings, while values may be any Go value. // // Key Naming Conventions // -// While users are generally free to use key names of their choice, it's generally best to avoid -// using the following keys, as they're frequently used by implementations: +// Keys are not strictly required to conform to any specification or regex, but +// it is recommended that they: +// * be human-readable and meaningful (not auto-generated or simple ordinals) +// * be constant (not dependent on input data) +// * contain only printable characters +// * not contain whitespace or punctuation +// +// These guidelines help ensure that log data is processed properly regardless +// of the log implementation. For example, log implementations will try to +// output JSON data or will store data for later database (e.g. SQL) queries. +// +// While users are generally free to use key names of their choice, it's +// generally best to avoid using the following keys, as they're frequently used +// by implementations: // -// - `"error"`: the underlying error value in the `Error` method. -// - `"stacktrace"`: the stack trace associated with a particular log line or error -// (often from the `Error` message). // - `"caller"`: the calling information (file/line) of a particular log line. -// - `"msg"`: the log message. +// - `"error"`: the underlying error value in the `Error` method. // - `"level"`: the log level. +// - `"logger"`: the name of the associated logger. +// - `"msg"`: the log message. +// - `"stacktrace"`: the stack trace associated with a particular log line or +// error (often from the `Error` message). // - `"ts"`: the timestamp for a log line. // -// Implementations are encouraged to make use of these keys to represent the above -// concepts, when neccessary (for example, in a pure-JSON output form, it would be -// necessary to represent at least message and timestamp as ordinary named values). +// Implementations are encouraged to make use of these keys to represent the +// above concepts, when neccessary (for example, in a pure-JSON output form, it +// would be necessary to represent at least message and timestamp as ordinary +// named values). +// package logr // TODO: consider adding back in format strings if they're really needed diff --git a/vendor/github.com/go-logr/zapr/example/main.go b/vendor/github.com/go-logr/zapr/example/main.go new file mode 100644 index 000000000..7bd6e6859 --- /dev/null +++ b/vendor/github.com/go-logr/zapr/example/main.go @@ -0,0 +1,22 @@ +package main + +import "github.com/go-logr/zapr" +import "go.uber.org/zap" + +type E struct { + str string +} + +func (e E) Error() string { + return e.str +} + +func main() { + log := zapr.NewLogger(zap.NewExample()) + log = log.WithName("MyName").WithValues("user", "you") + log.Info("hello", "val1", 1, "val2", map[string]int{"k": 1}) + log.V(1).Info("you should see this") + log.V(3).Info("you should NOT see this") + log.Error(nil, "uh oh", "trouble", true, "reasons", []float64{0.1, 0.11, 3.14}) + log.Error(E{"an error occurred"}, "goodbye", "code", -1) +} diff --git a/vendor/github.com/golang/mock/gomock/call.go b/vendor/github.com/golang/mock/gomock/call.go index 3d54d9f5d..d3d195c5d 100644 --- a/vendor/github.com/golang/mock/gomock/call.go +++ b/vendor/github.com/golang/mock/gomock/call.go @@ -276,7 +276,7 @@ func (c *Call) satisfied() bool { return c.numCalls >= c.minCalls } -// Returns true iff the maximum number of calls have been made. +// Returns true if the maximum number of calls have been made. func (c *Call) exhausted() bool { return c.numCalls >= c.maxCalls } diff --git a/vendor/github.com/gorilla/mux/.circleci/config.yml b/vendor/github.com/gorilla/mux/.circleci/config.yml new file mode 100644 index 000000000..d7d96d14d --- /dev/null +++ b/vendor/github.com/gorilla/mux/.circleci/config.yml @@ -0,0 +1,75 @@ +version: 2.0 + +jobs: + # Base test configuration for Go library tests Each distinct version should + # inherit this base, and override (at least) the container image used. + "test": &test + docker: + - image: circleci/golang:latest + working_directory: /go/src/github.com/gorilla/mux + steps: &steps + - checkout + - run: go version + - run: go get -t -v ./... + # Only run gofmt, vet & lint against the latest Go version + - run: > + if [[ "$LATEST" = true ]]; then + go get -u golang.org/x/lint/golint + golint ./... + fi + - run: > + if [[ "$LATEST" = true ]]; then + diff -u <(echo -n) <(gofmt -d .) + fi + - run: > + if [[ "$LATEST" = true ]]; then + go vet -v . + fi + - run: go test -v -race ./... + + "latest": + <<: *test + environment: + LATEST: true + + "1.12": + <<: *test + docker: + - image: circleci/golang:1.12 + + "1.11": + <<: *test + docker: + - image: circleci/golang:1.11 + + "1.10": + <<: *test + docker: + - image: circleci/golang:1.10 + + "1.9": + <<: *test + docker: + - image: circleci/golang:1.9 + + "1.8": + <<: *test + docker: + - image: circleci/golang:1.8 + + "1.7": + <<: *test + docker: + - image: circleci/golang:1.7 + +workflows: + version: 2 + build: + jobs: + - "latest" + - "1.12" + - "1.11" + - "1.10" + - "1.9" + - "1.8" + - "1.7" diff --git a/vendor/github.com/gorilla/mux/.github/stale.yml b/vendor/github.com/gorilla/mux/.github/stale.yml index de8a67804..f4b12d30b 100644 --- a/vendor/github.com/gorilla/mux/.github/stale.yml +++ b/vendor/github.com/gorilla/mux/.github/stale.yml @@ -1,10 +1,10 @@ -daysUntilStale: 60 -daysUntilClose: 7 +daysUntilStale: 75 +daysUntilClose: 14 # Issues with these labels will never be considered stale exemptLabels: - - v2 - - needs-review - - work-required + - proposal + - needs review + - build system staleLabel: stale markComment: > This issue has been automatically marked as stale because it hasn't seen diff --git a/vendor/github.com/gorilla/mux/.travis.yml b/vendor/github.com/gorilla/mux/.travis.yml deleted file mode 100644 index d003ad922..000000000 --- a/vendor/github.com/gorilla/mux/.travis.yml +++ /dev/null @@ -1,24 +0,0 @@ -language: go - - -matrix: - include: - - go: 1.7.x - - go: 1.8.x - - go: 1.9.x - - go: 1.10.x - - go: 1.11.x - - go: 1.x - env: LATEST=true - - go: tip - allow_failures: - - go: tip - -install: - - # Skip - -script: - - go get -t -v ./... - - diff -u <(echo -n) <(gofmt -d .) - - if [[ "$LATEST" = true ]]; then go vet .; fi - - go test -v -race ./... diff --git a/vendor/github.com/gorilla/mux/ISSUE_TEMPLATE.md b/vendor/github.com/gorilla/mux/ISSUE_TEMPLATE.md deleted file mode 100644 index 232be82e4..000000000 --- a/vendor/github.com/gorilla/mux/ISSUE_TEMPLATE.md +++ /dev/null @@ -1,11 +0,0 @@ -**What version of Go are you running?** (Paste the output of `go version`) - - -**What version of gorilla/mux are you at?** (Paste the output of `git rev-parse HEAD` inside `$GOPATH/src/github.com/gorilla/mux`) - - -**Describe your problem** (and what you have tried so far) - - -**Paste a minimal, runnable, reproduction of your issue below** (use backticks to format it) - diff --git a/vendor/github.com/gorilla/mux/README.md b/vendor/github.com/gorilla/mux/README.md index c661599ab..92e422eed 100644 --- a/vendor/github.com/gorilla/mux/README.md +++ b/vendor/github.com/gorilla/mux/README.md @@ -2,6 +2,7 @@ [![GoDoc](https://godoc.org/github.com/gorilla/mux?status.svg)](https://godoc.org/github.com/gorilla/mux) [![Build Status](https://travis-ci.org/gorilla/mux.svg?branch=master)](https://travis-ci.org/gorilla/mux) +[![CircleCI](https://circleci.com/gh/gorilla/mux.svg?style=svg)](https://circleci.com/gh/gorilla/mux) [![Sourcegraph](https://sourcegraph.com/github.com/gorilla/mux/-/badge.svg)](https://sourcegraph.com/github.com/gorilla/mux?badge) ![Gorilla Logo](http://www.gorillatoolkit.org/static/images/gorilla-icon-64.png) @@ -29,6 +30,7 @@ The name mux stands for "HTTP request multiplexer". Like the standard `http.Serv * [Walking Routes](#walking-routes) * [Graceful Shutdown](#graceful-shutdown) * [Middleware](#middleware) +* [Handling CORS Requests](#handling-cors-requests) * [Testing Handlers](#testing-handlers) * [Full Example](#full-example) @@ -491,6 +493,73 @@ r.Use(amw.Middleware) Note: The handler chain will be stopped if your middleware doesn't call `next.ServeHTTP()` with the corresponding parameters. This can be used to abort a request if the middleware writer wants to. Middlewares _should_ write to `ResponseWriter` if they _are_ going to terminate the request, and they _should not_ write to `ResponseWriter` if they _are not_ going to terminate it. +### Handling CORS Requests + +[CORSMethodMiddleware](https://godoc.org/github.com/gorilla/mux#CORSMethodMiddleware) intends to make it easier to strictly set the `Access-Control-Allow-Methods` response header. + +* You will still need to use your own CORS handler to set the other CORS headers such as `Access-Control-Allow-Origin` +* The middleware will set the `Access-Control-Allow-Methods` header to all the method matchers (e.g. `r.Methods(http.MethodGet, http.MethodPut, http.MethodOptions)` -> `Access-Control-Allow-Methods: GET,PUT,OPTIONS`) on a route +* If you do not specify any methods, then: +> _Important_: there must be an `OPTIONS` method matcher for the middleware to set the headers. + +Here is an example of using `CORSMethodMiddleware` along with a custom `OPTIONS` handler to set all the required CORS headers: + +```go +package main + +import ( + "net/http" + "github.com/gorilla/mux" +) + +func main() { + r := mux.NewRouter() + + // IMPORTANT: you must specify an OPTIONS method matcher for the middleware to set CORS headers + r.HandleFunc("/foo", fooHandler).Methods(http.MethodGet, http.MethodPut, http.MethodPatch, http.MethodOptions) + r.Use(mux.CORSMethodMiddleware(r)) + + http.ListenAndServe(":8080", r) +} + +func fooHandler(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Access-Control-Allow-Origin", "*") + if r.Method == http.MethodOptions { + return + } + + w.Write([]byte("foo")) +} +``` + +And an request to `/foo` using something like: + +```bash +curl localhost:8080/foo -v +``` + +Would look like: + +```bash +* Trying ::1... +* TCP_NODELAY set +* Connected to localhost (::1) port 8080 (#0) +> GET /foo HTTP/1.1 +> Host: localhost:8080 +> User-Agent: curl/7.59.0 +> Accept: */* +> +< HTTP/1.1 200 OK +< Access-Control-Allow-Methods: GET,PUT,PATCH,OPTIONS +< Access-Control-Allow-Origin: * +< Date: Fri, 28 Jun 2019 20:13:30 GMT +< Content-Length: 3 +< Content-Type: text/plain; charset=utf-8 +< +* Connection #0 to host localhost left intact +foo +``` + ### Testing Handlers Testing handlers in a Go web application is straightforward, and _mux_ doesn't complicate this any further. Given two files: `endpoints.go` and `endpoints_test.go`, here's how we'd test an application using _mux_. diff --git a/vendor/github.com/gorilla/mux/doc.go b/vendor/github.com/gorilla/mux/doc.go index 38957deea..bd5a38b55 100644 --- a/vendor/github.com/gorilla/mux/doc.go +++ b/vendor/github.com/gorilla/mux/doc.go @@ -295,7 +295,7 @@ A more complex authentication middleware, which maps session token to users, cou r := mux.NewRouter() r.HandleFunc("/", handler) - amw := authenticationMiddleware{} + amw := authenticationMiddleware{tokenUsers: make(map[string]string)} amw.Populate() r.Use(amw.Middleware) diff --git a/vendor/github.com/gorilla/mux/example_cors_method_middleware_test.go b/vendor/github.com/gorilla/mux/example_cors_method_middleware_test.go new file mode 100644 index 000000000..00929fcee --- /dev/null +++ b/vendor/github.com/gorilla/mux/example_cors_method_middleware_test.go @@ -0,0 +1,37 @@ +package mux_test + +import ( + "fmt" + "net/http" + "net/http/httptest" + + "github.com/gorilla/mux" +) + +func ExampleCORSMethodMiddleware() { + r := mux.NewRouter() + + r.HandleFunc("/foo", func(w http.ResponseWriter, r *http.Request) { + // Handle the request + }).Methods(http.MethodGet, http.MethodPut, http.MethodPatch) + r.HandleFunc("/foo", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Access-Control-Allow-Origin", "http://example.com") + w.Header().Set("Access-Control-Max-Age", "86400") + }).Methods(http.MethodOptions) + + r.Use(mux.CORSMethodMiddleware(r)) + + rw := httptest.NewRecorder() + req, _ := http.NewRequest("OPTIONS", "/foo", nil) // needs to be OPTIONS + req.Header.Set("Access-Control-Request-Method", "POST") // needs to be non-empty + req.Header.Set("Access-Control-Request-Headers", "Authorization") // needs to be non-empty + req.Header.Set("Origin", "http://example.com") // needs to be non-empty + + r.ServeHTTP(rw, req) + + fmt.Println(rw.Header().Get("Access-Control-Allow-Methods")) + fmt.Println(rw.Header().Get("Access-Control-Allow-Origin")) + // Output: + // GET,PUT,PATCH,OPTIONS + // http://example.com +} diff --git a/vendor/github.com/gorilla/mux/middleware.go b/vendor/github.com/gorilla/mux/middleware.go index ceb812cee..cf2b26dc0 100644 --- a/vendor/github.com/gorilla/mux/middleware.go +++ b/vendor/github.com/gorilla/mux/middleware.go @@ -32,37 +32,19 @@ func (r *Router) useInterface(mw middleware) { r.middlewares = append(r.middlewares, mw) } -// CORSMethodMiddleware sets the Access-Control-Allow-Methods response header -// on a request, by matching routes based only on paths. It also handles -// OPTIONS requests, by settings Access-Control-Allow-Methods, and then -// returning without calling the next http handler. +// CORSMethodMiddleware automatically sets the Access-Control-Allow-Methods response header +// on requests for routes that have an OPTIONS method matcher to all the method matchers on +// the route. Routes that do not explicitly handle OPTIONS requests will not be processed +// by the middleware. See examples for usage. func CORSMethodMiddleware(r *Router) MiddlewareFunc { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - var allMethods []string - - err := r.Walk(func(route *Route, _ *Router, _ []*Route) error { - for _, m := range route.matchers { - if _, ok := m.(*routeRegexp); ok { - if m.Match(req, &RouteMatch{}) { - methods, err := route.GetMethods() - if err != nil { - return err - } - - allMethods = append(allMethods, methods...) - } - break - } - } - return nil - }) - + allMethods, err := getAllMethodsForRoute(r, req) if err == nil { - w.Header().Set("Access-Control-Allow-Methods", strings.Join(append(allMethods, "OPTIONS"), ",")) - - if req.Method == "OPTIONS" { - return + for _, v := range allMethods { + if v == http.MethodOptions { + w.Header().Set("Access-Control-Allow-Methods", strings.Join(allMethods, ",")) + } } } @@ -70,3 +52,28 @@ func CORSMethodMiddleware(r *Router) MiddlewareFunc { }) } } + +// getAllMethodsForRoute returns all the methods from method matchers matching a given +// request. +func getAllMethodsForRoute(r *Router, req *http.Request) ([]string, error) { + var allMethods []string + + err := r.Walk(func(route *Route, _ *Router, _ []*Route) error { + for _, m := range route.matchers { + if _, ok := m.(*routeRegexp); ok { + if m.Match(req, &RouteMatch{}) { + methods, err := route.GetMethods() + if err != nil { + return err + } + + allMethods = append(allMethods, methods...) + } + break + } + } + return nil + }) + + return allMethods, err +} diff --git a/vendor/github.com/gorilla/mux/middleware_test.go b/vendor/github.com/gorilla/mux/middleware_test.go index 24016cbb7..7f5d86277 100644 --- a/vendor/github.com/gorilla/mux/middleware_test.go +++ b/vendor/github.com/gorilla/mux/middleware_test.go @@ -3,7 +3,6 @@ package mux import ( "bytes" "net/http" - "net/http/httptest" "testing" ) @@ -28,12 +27,12 @@ func TestMiddlewareAdd(t *testing.T) { router.useInterface(mw) if len(router.middlewares) != 1 || router.middlewares[0] != mw { - t.Fatal("Middleware was not added correctly") + t.Fatal("Middleware interface was not added correctly") } router.Use(mw.Middleware) if len(router.middlewares) != 2 { - t.Fatal("MiddlewareFunc method was not added correctly") + t.Fatal("Middleware method was not added correctly") } banalMw := func(handler http.Handler) http.Handler { @@ -41,7 +40,7 @@ func TestMiddlewareAdd(t *testing.T) { } router.Use(banalMw) if len(router.middlewares) != 3 { - t.Fatal("MiddlewareFunc method was not added correctly") + t.Fatal("Middleware function was not added correctly") } } @@ -55,34 +54,37 @@ func TestMiddleware(t *testing.T) { rw := NewRecorder() req := newRequest("GET", "/") - // Test regular middleware call - router.ServeHTTP(rw, req) - if mw.timesCalled != 1 { - t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) - } + t.Run("regular middleware call", func(t *testing.T) { + router.ServeHTTP(rw, req) + if mw.timesCalled != 1 { + t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) + } + }) - // Middleware should not be called for 404 - req = newRequest("GET", "/not/found") - router.ServeHTTP(rw, req) - if mw.timesCalled != 1 { - t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) - } + t.Run("not called for 404", func(t *testing.T) { + req = newRequest("GET", "/not/found") + router.ServeHTTP(rw, req) + if mw.timesCalled != 1 { + t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) + } + }) - // Middleware should not be called if there is a method mismatch - req = newRequest("POST", "/") - router.ServeHTTP(rw, req) - if mw.timesCalled != 1 { - t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) - } - - // Add the middleware again as function - router.Use(mw.Middleware) - req = newRequest("GET", "/") - router.ServeHTTP(rw, req) - if mw.timesCalled != 3 { - t.Fatalf("Expected %d calls, but got only %d", 3, mw.timesCalled) - } + t.Run("not called for method mismatch", func(t *testing.T) { + req = newRequest("POST", "/") + router.ServeHTTP(rw, req) + if mw.timesCalled != 1 { + t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) + } + }) + t.Run("regular call using function middleware", func(t *testing.T) { + router.Use(mw.Middleware) + req = newRequest("GET", "/") + router.ServeHTTP(rw, req) + if mw.timesCalled != 3 { + t.Fatalf("Expected %d calls, but got only %d", 3, mw.timesCalled) + } + }) } func TestMiddlewareSubrouter(t *testing.T) { @@ -98,42 +100,56 @@ func TestMiddlewareSubrouter(t *testing.T) { rw := NewRecorder() req := newRequest("GET", "/") - router.ServeHTTP(rw, req) - if mw.timesCalled != 0 { - t.Fatalf("Expected %d calls, but got only %d", 0, mw.timesCalled) - } + t.Run("not called for route outside subrouter", func(t *testing.T) { + router.ServeHTTP(rw, req) + if mw.timesCalled != 0 { + t.Fatalf("Expected %d calls, but got only %d", 0, mw.timesCalled) + } + }) - req = newRequest("GET", "/sub/") - router.ServeHTTP(rw, req) - if mw.timesCalled != 0 { - t.Fatalf("Expected %d calls, but got only %d", 0, mw.timesCalled) - } + t.Run("not called for subrouter root 404", func(t *testing.T) { + req = newRequest("GET", "/sub/") + router.ServeHTTP(rw, req) + if mw.timesCalled != 0 { + t.Fatalf("Expected %d calls, but got only %d", 0, mw.timesCalled) + } + }) - req = newRequest("GET", "/sub/x") - router.ServeHTTP(rw, req) - if mw.timesCalled != 1 { - t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) - } + t.Run("called once for route inside subrouter", func(t *testing.T) { + req = newRequest("GET", "/sub/x") + router.ServeHTTP(rw, req) + if mw.timesCalled != 1 { + t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) + } + }) - req = newRequest("GET", "/sub/not/found") - router.ServeHTTP(rw, req) - if mw.timesCalled != 1 { - t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) - } + t.Run("not called for 404 inside subrouter", func(t *testing.T) { + req = newRequest("GET", "/sub/not/found") + router.ServeHTTP(rw, req) + if mw.timesCalled != 1 { + t.Fatalf("Expected %d calls, but got only %d", 1, mw.timesCalled) + } + }) - router.useInterface(mw) + t.Run("middleware added to router", func(t *testing.T) { + router.useInterface(mw) - req = newRequest("GET", "/") - router.ServeHTTP(rw, req) - if mw.timesCalled != 2 { - t.Fatalf("Expected %d calls, but got only %d", 2, mw.timesCalled) - } + t.Run("called once for route outside subrouter", func(t *testing.T) { + req = newRequest("GET", "/") + router.ServeHTTP(rw, req) + if mw.timesCalled != 2 { + t.Fatalf("Expected %d calls, but got only %d", 2, mw.timesCalled) + } + }) - req = newRequest("GET", "/sub/x") - router.ServeHTTP(rw, req) - if mw.timesCalled != 4 { - t.Fatalf("Expected %d calls, but got only %d", 4, mw.timesCalled) - } + t.Run("called twice for route inside subrouter", func(t *testing.T) { + req = newRequest("GET", "/sub/x") + router.ServeHTTP(rw, req) + if mw.timesCalled != 4 { + t.Fatalf("Expected %d calls, but got only %d", 4, mw.timesCalled) + } + }) + }) } func TestMiddlewareExecution(t *testing.T) { @@ -145,30 +161,33 @@ func TestMiddlewareExecution(t *testing.T) { w.Write(handlerStr) }) - rw := NewRecorder() - req := newRequest("GET", "/") + t.Run("responds normally without middleware", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/") - // Test handler-only call - router.ServeHTTP(rw, req) + router.ServeHTTP(rw, req) - if !bytes.Equal(rw.Body.Bytes(), handlerStr) { - t.Fatal("Handler response is not what it should be") - } - - // Test middleware call - rw = NewRecorder() - - router.Use(func(h http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write(mwStr) - h.ServeHTTP(w, r) - }) + if !bytes.Equal(rw.Body.Bytes(), handlerStr) { + t.Fatal("Handler response is not what it should be") + } }) - router.ServeHTTP(rw, req) - if !bytes.Equal(rw.Body.Bytes(), append(mwStr, handlerStr...)) { - t.Fatal("Middleware + handler response is not what it should be") - } + t.Run("responds with handler and middleware response", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/") + + router.Use(func(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.Write(mwStr) + h.ServeHTTP(w, r) + }) + }) + + router.ServeHTTP(rw, req) + if !bytes.Equal(rw.Body.Bytes(), append(mwStr, handlerStr...)) { + t.Fatal("Middleware + handler response is not what it should be") + } + }) } func TestMiddlewareNotFound(t *testing.T) { @@ -187,26 +206,29 @@ func TestMiddlewareNotFound(t *testing.T) { }) // Test not found call with default handler - rw := NewRecorder() - req := newRequest("GET", "/notfound") + t.Run("not called", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/notfound") - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a 404") - } - - // Test not found call with custom handler - rw = NewRecorder() - req = newRequest("GET", "/notfound") - - router.NotFoundHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { - rw.Write([]byte("Custom 404 handler")) + router.ServeHTTP(rw, req) + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a 404") + } }) - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a custom 404") - } + t.Run("not called with custom not found handler", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/notfound") + + router.NotFoundHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { + rw.Write([]byte("Custom 404 handler")) + }) + router.ServeHTTP(rw, req) + + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a custom 404") + } + }) } func TestMiddlewareMethodMismatch(t *testing.T) { @@ -225,27 +247,29 @@ func TestMiddlewareMethodMismatch(t *testing.T) { }) }) - // Test method mismatch - rw := NewRecorder() - req := newRequest("POST", "/") + t.Run("not called", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("POST", "/") - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a method mismatch") - } - - // Test not found call - rw = NewRecorder() - req = newRequest("POST", "/") - - router.MethodNotAllowedHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { - rw.Write([]byte("Method not allowed")) + router.ServeHTTP(rw, req) + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a method mismatch") + } }) - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a method mismatch") - } + t.Run("not called with custom method not allowed handler", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("POST", "/") + + router.MethodNotAllowedHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { + rw.Write([]byte("Method not allowed")) + }) + router.ServeHTTP(rw, req) + + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a method mismatch") + } + }) } func TestMiddlewareNotFoundSubrouter(t *testing.T) { @@ -269,27 +293,29 @@ func TestMiddlewareNotFoundSubrouter(t *testing.T) { }) }) - // Test not found call for default handler - rw := NewRecorder() - req := newRequest("GET", "/sub/notfound") + t.Run("not called", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/sub/notfound") - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a 404") - } - - // Test not found call with custom handler - rw = NewRecorder() - req = newRequest("GET", "/sub/notfound") - - subrouter.NotFoundHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { - rw.Write([]byte("Custom 404 handler")) + router.ServeHTTP(rw, req) + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a 404") + } }) - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a custom 404") - } + t.Run("not called with custom not found handler", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/sub/notfound") + + subrouter.NotFoundHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { + rw.Write([]byte("Custom 404 handler")) + }) + router.ServeHTTP(rw, req) + + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a custom 404") + } + }) } func TestMiddlewareMethodMismatchSubrouter(t *testing.T) { @@ -313,66 +339,142 @@ func TestMiddlewareMethodMismatchSubrouter(t *testing.T) { }) }) - // Test method mismatch without custom handler - rw := NewRecorder() - req := newRequest("POST", "/sub/") + t.Run("not called", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("POST", "/sub/") - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a method mismatch") - } - - // Test method mismatch with custom handler - rw = NewRecorder() - req = newRequest("POST", "/sub/") - - router.MethodNotAllowedHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { - rw.Write([]byte("Method not allowed")) + router.ServeHTTP(rw, req) + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a method mismatch") + } }) - router.ServeHTTP(rw, req) - if bytes.Contains(rw.Body.Bytes(), mwStr) { - t.Fatal("Middleware was called for a method mismatch") - } + t.Run("not called with custom method not allowed handler", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("POST", "/sub/") + + router.MethodNotAllowedHandler = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { + rw.Write([]byte("Method not allowed")) + }) + router.ServeHTTP(rw, req) + + if bytes.Contains(rw.Body.Bytes(), mwStr) { + t.Fatal("Middleware was called for a method mismatch") + } + }) } func TestCORSMethodMiddleware(t *testing.T) { - router := NewRouter() - - cases := []struct { - path string - response string - method string - testURL string - expectedAllowedMethods string + testCases := []struct { + name string + registerRoutes func(r *Router) + requestHeader http.Header + requestMethod string + requestPath string + expectedAccessControlAllowMethodsHeader string + expectedResponse string }{ - {"/g/{o}", "a", "POST", "/g/asdf", "POST,PUT,GET,OPTIONS"}, - {"/g/{o}", "b", "PUT", "/g/bla", "POST,PUT,GET,OPTIONS"}, - {"/g/{o}", "c", "GET", "/g/orilla", "POST,PUT,GET,OPTIONS"}, - {"/g", "d", "POST", "/g", "POST,OPTIONS"}, + { + name: "does not set without OPTIONS matcher", + registerRoutes: func(r *Router) { + r.HandleFunc("/foo", stringHandler("a")).Methods(http.MethodGet, http.MethodPut, http.MethodPatch) + }, + requestMethod: "GET", + requestPath: "/foo", + expectedAccessControlAllowMethodsHeader: "", + expectedResponse: "a", + }, + { + name: "sets on non OPTIONS", + registerRoutes: func(r *Router) { + r.HandleFunc("/foo", stringHandler("a")).Methods(http.MethodGet, http.MethodPut, http.MethodPatch) + r.HandleFunc("/foo", stringHandler("b")).Methods(http.MethodOptions) + }, + requestMethod: "GET", + requestPath: "/foo", + expectedAccessControlAllowMethodsHeader: "GET,PUT,PATCH,OPTIONS", + expectedResponse: "a", + }, + { + name: "sets without preflight headers", + registerRoutes: func(r *Router) { + r.HandleFunc("/foo", stringHandler("a")).Methods(http.MethodGet, http.MethodPut, http.MethodPatch) + r.HandleFunc("/foo", stringHandler("b")).Methods(http.MethodOptions) + }, + requestMethod: "OPTIONS", + requestPath: "/foo", + expectedAccessControlAllowMethodsHeader: "GET,PUT,PATCH,OPTIONS", + expectedResponse: "b", + }, + { + name: "does not set on error", + registerRoutes: func(r *Router) { + r.HandleFunc("/foo", stringHandler("a")) + }, + requestMethod: "OPTIONS", + requestPath: "/foo", + expectedAccessControlAllowMethodsHeader: "", + expectedResponse: "a", + }, + { + name: "sets header on valid preflight", + registerRoutes: func(r *Router) { + r.HandleFunc("/foo", stringHandler("a")).Methods(http.MethodGet, http.MethodPut, http.MethodPatch) + r.HandleFunc("/foo", stringHandler("b")).Methods(http.MethodOptions) + }, + requestMethod: "OPTIONS", + requestPath: "/foo", + requestHeader: http.Header{ + "Access-Control-Request-Method": []string{"GET"}, + "Access-Control-Request-Headers": []string{"Authorization"}, + "Origin": []string{"http://example.com"}, + }, + expectedAccessControlAllowMethodsHeader: "GET,PUT,PATCH,OPTIONS", + expectedResponse: "b", + }, + { + name: "does not set methods from unmatching routes", + registerRoutes: func(r *Router) { + r.HandleFunc("/foo", stringHandler("c")).Methods(http.MethodDelete) + r.HandleFunc("/foo/bar", stringHandler("a")).Methods(http.MethodGet, http.MethodPut, http.MethodPatch) + r.HandleFunc("/foo/bar", stringHandler("b")).Methods(http.MethodOptions) + }, + requestMethod: "OPTIONS", + requestPath: "/foo/bar", + requestHeader: http.Header{ + "Access-Control-Request-Method": []string{"GET"}, + "Access-Control-Request-Headers": []string{"Authorization"}, + "Origin": []string{"http://example.com"}, + }, + expectedAccessControlAllowMethodsHeader: "GET,PUT,PATCH,OPTIONS", + expectedResponse: "b", + }, } - for _, tt := range cases { - router.HandleFunc(tt.path, stringHandler(tt.response)).Methods(tt.method) - } + for _, tt := range testCases { + t.Run(tt.name, func(t *testing.T) { + router := NewRouter() - router.Use(CORSMethodMiddleware(router)) + tt.registerRoutes(router) - for _, tt := range cases { - rr := httptest.NewRecorder() - req := newRequest(tt.method, tt.testURL) + router.Use(CORSMethodMiddleware(router)) - router.ServeHTTP(rr, req) + rw := NewRecorder() + req := newRequest(tt.requestMethod, tt.requestPath) + req.Header = tt.requestHeader - if rr.Body.String() != tt.response { - t.Errorf("Expected body '%s', found '%s'", tt.response, rr.Body.String()) - } + router.ServeHTTP(rw, req) - allowedMethods := rr.Header().Get("Access-Control-Allow-Methods") + actualMethodsHeader := rw.Header().Get("Access-Control-Allow-Methods") + if actualMethodsHeader != tt.expectedAccessControlAllowMethodsHeader { + t.Fatalf("Expected Access-Control-Allow-Methods to equal %s but got %s", tt.expectedAccessControlAllowMethodsHeader, actualMethodsHeader) + } - if allowedMethods != tt.expectedAllowedMethods { - t.Errorf("Expected Access-Control-Allow-Methods '%s', found '%s'", tt.expectedAllowedMethods, allowedMethods) - } + actualResponse := rw.Body.String() + if actualResponse != tt.expectedResponse { + t.Fatalf("Expected response to equal %s but got %s", tt.expectedResponse, actualResponse) + } + }) } } @@ -411,27 +513,33 @@ func TestMiddlewareOnMultiSubrouter(t *testing.T) { }) }) - rw := NewRecorder() - req := newRequest("GET", "/first") + t.Run("/first uses first middleware", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/first") - router.ServeHTTP(rw, req) - if rw.Body.String() != first { - t.Fatalf("Middleware did not run: expected %s middleware to write a response (got %s)", first, rw.Body.String()) - } + router.ServeHTTP(rw, req) + if rw.Body.String() != first { + t.Fatalf("Middleware did not run: expected %s middleware to write a response (got %s)", first, rw.Body.String()) + } + }) - rw = NewRecorder() - req = newRequest("GET", "/second") + t.Run("/second uses second middleware", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/second") - router.ServeHTTP(rw, req) - if rw.Body.String() != second { - t.Fatalf("Middleware did not run: expected %s middleware to write a response (got %s)", second, rw.Body.String()) - } + router.ServeHTTP(rw, req) + if rw.Body.String() != second { + t.Fatalf("Middleware did not run: expected %s middleware to write a response (got %s)", second, rw.Body.String()) + } + }) - rw = NewRecorder() - req = newRequest("GET", "/second/not-exist") + t.Run("uses not found handler", func(t *testing.T) { + rw := NewRecorder() + req := newRequest("GET", "/second/not-exist") - router.ServeHTTP(rw, req) - if rw.Body.String() != notFound { - t.Fatalf("Notfound handler did not run: expected %s for not-exist, (got %s)", notFound, rw.Body.String()) - } + router.ServeHTTP(rw, req) + if rw.Body.String() != notFound { + t.Fatalf("Notfound handler did not run: expected %s for not-exist, (got %s)", notFound, rw.Body.String()) + } + }) } diff --git a/vendor/github.com/onsi/gomega/CHANGELOG.md b/vendor/github.com/onsi/gomega/CHANGELOG.md index 5d1eda837..fcde9daba 100644 --- a/vendor/github.com/onsi/gomega/CHANGELOG.md +++ b/vendor/github.com/onsi/gomega/CHANGELOG.md @@ -1,3 +1,27 @@ +## 1.6.0 + +### Features + +- Display special chars on error [41e1b26] +- Add BeElementOf matcher [6a48b48] + +### Fixes + +- Remove duplication in XML matcher tests [cc1a6cb] +- Remove unnecessary conversions (#357) [7bf756a] +- Fixed import order (#353) [2e3b965] +- Added missing error handling in test (#355) [c98d3eb] +- Simplify code (#356) [0001ed9] +- Simplify code (#354) [0d9100e] +- Fixed typos (#352) [3f647c4] +- Add failure message tests to BeElementOf matcher [efe19c3] +- Update go-testcov untested sections [37ee382] +- Mark all uncovered files so go-testcov ./... works [53b150e] +- Reenable gotip in travis [5c249dc] +- Fix the typo of comment (#345) [f0e010e] +- Optimize contain_element_matcher [abeb93d] + + ## 1.5.0 ### Features diff --git a/vendor/github.com/onsi/gomega/format/format.go b/vendor/github.com/onsi/gomega/format/format.go index 3a4ba8fb9..91b11ec60 100644 --- a/vendor/github.com/onsi/gomega/format/format.go +++ b/vendor/github.com/onsi/gomega/format/format.go @@ -36,7 +36,7 @@ var PrintContextObjects = false // TruncatedDiff choose if we should display a truncated pretty diff or not var TruncatedDiff = true -// Ctx interface defined here to keep backwards compatability with go < 1.7 +// Ctx interface defined here to keep backwards compatibility with go < 1.7 // It matches the context.Context interface type Ctx interface { Deadline() (deadline time.Time, ok bool) @@ -61,7 +61,7 @@ Generates a formatted matcher success/failure message of the form: -If expected is omited, then the message looks like: +If expected is omitted, then the message looks like: Expected @@ -300,7 +300,7 @@ func formatString(object interface{}, indentation uint) string { } } - return fmt.Sprintf("%s", result) + return result } else { return fmt.Sprintf("%q", object) } diff --git a/vendor/github.com/onsi/gomega/gbytes/say_matcher.go b/vendor/github.com/onsi/gomega/gbytes/say_matcher.go index c15ddbfc3..0763f5e2d 100644 --- a/vendor/github.com/onsi/gomega/gbytes/say_matcher.go +++ b/vendor/github.com/onsi/gomega/gbytes/say_matcher.go @@ -21,7 +21,7 @@ Say is a Gomega matcher that operates on gbytes.Buffers: will succeed if the unread portion of the buffer matches the regular expression "something". -When Say succeeds, it fast forwards the gbytes.Buffer's read cursor to just after the succesful match. +When Say succeeds, it fast forwards the gbytes.Buffer's read cursor to just after the successful match. Thus, subsequent calls to Say will only match against the unread portion of the buffer Say pairs very well with Eventually. To assert that a buffer eventually receives data matching "[123]-star" within 3 seconds you can: diff --git a/vendor/github.com/onsi/gomega/gexec/build.go b/vendor/github.com/onsi/gomega/gexec/build.go index ce1574d46..741d845f4 100644 --- a/vendor/github.com/onsi/gomega/gexec/build.go +++ b/vendor/github.com/onsi/gomega/gexec/build.go @@ -68,7 +68,7 @@ func doBuild(gopath, packagePath string, env []string, args ...string) (compiled executable := filepath.Join(tmpDir, path.Base(packagePath)) if runtime.GOOS == "windows" { - executable = executable + ".exe" + executable += ".exe" } cmdArgs := append([]string{"build"}, args...) diff --git a/vendor/github.com/onsi/gomega/gexec/prefixed_writer.go b/vendor/github.com/onsi/gomega/gexec/prefixed_writer.go index ee3cf4072..feb6620c5 100644 --- a/vendor/github.com/onsi/gomega/gexec/prefixed_writer.go +++ b/vendor/github.com/onsi/gomega/gexec/prefixed_writer.go @@ -8,7 +8,7 @@ import ( ) /* -PrefixedWriter wraps an io.Writer, emiting the passed in prefix at the beginning of each new line. +PrefixedWriter wraps an io.Writer, emitting the passed in prefix at the beginning of each new line. This can be useful when running multiple gexec.Sessions concurrently - you can prefix the log output of each session by passing in a PrefixedWriter: diff --git a/vendor/github.com/onsi/gomega/ghttp/test_server.go b/vendor/github.com/onsi/gomega/ghttp/test_server.go index 6524eb40b..057d3ba4e 100644 --- a/vendor/github.com/onsi/gomega/ghttp/test_server.go +++ b/vendor/github.com/onsi/gomega/ghttp/test_server.go @@ -38,7 +38,7 @@ A more comprehensive example is available at https://onsi.github.io/gomega/#_tes }) Context("when requesting all sprockets", func() { - Context("when the response is succesful", func() { + Context("when the response is successful", func() { BeforeEach(func() { sprockets = []Sprocket{ NewSprocket("Alfalfa"), diff --git a/vendor/github.com/onsi/gomega/ghttp/test_server_test.go b/vendor/github.com/onsi/gomega/ghttp/test_server_test.go index be1c58e82..fd2e80728 100644 --- a/vendor/github.com/onsi/gomega/ghttp/test_server_test.go +++ b/vendor/github.com/onsi/gomega/ghttp/test_server_test.go @@ -1072,6 +1072,7 @@ var _ = Describe("TestServer", func() { var received protobuf.SimpleMessage body, err := ioutil.ReadAll(resp.Body) + Expect(err).ShouldNot(HaveOccurred()) err = proto.Unmarshal(body, &received) Expect(err).ShouldNot(HaveOccurred()) }) diff --git a/vendor/github.com/onsi/gomega/gomega_dsl.go b/vendor/github.com/onsi/gomega/gomega_dsl.go index e3cf9a51d..754f322a2 100644 --- a/vendor/github.com/onsi/gomega/gomega_dsl.go +++ b/vendor/github.com/onsi/gomega/gomega_dsl.go @@ -24,7 +24,7 @@ import ( "github.com/onsi/gomega/types" ) -const GOMEGA_VERSION = "1.5.0" +const GOMEGA_VERSION = "1.6.0" const nilFailHandlerPanic = `You are trying to make an assertion, but Gomega's fail handler is nil. If you're using Ginkgo then you probably forgot to put your assertion in an It(). @@ -155,7 +155,7 @@ func Expect(actual interface{}, extra ...interface{}) Assertion { // ExpectWithOffset(1, "foo").To(Equal("foo")) // // Unlike `Expect` and `Ω`, `ExpectWithOffset` takes an additional integer argument -// this is used to modify the call-stack offset when computing line numbers. +// that is used to modify the call-stack offset when computing line numbers. // // This is most useful in helper functions that make assertions. If you want Gomega's // error message to refer to the calling line in the test (as opposed to the line in the helper function) @@ -280,7 +280,7 @@ func SetDefaultEventuallyPollingInterval(t time.Duration) { defaultEventuallyPollingInterval = t } -// SetDefaultConsistentlyDuration sets the default duration for Consistently. Consistently will verify that your condition is satsified for this long. +// SetDefaultConsistentlyDuration sets the default duration for Consistently. Consistently will verify that your condition is satisfied for this long. func SetDefaultConsistentlyDuration(t time.Duration) { defaultConsistentlyDuration = t } diff --git a/vendor/github.com/onsi/gomega/matchers/match_xml_matcher_test.go b/vendor/github.com/onsi/gomega/matchers/match_xml_matcher_test.go index 767c0bf56..8879964e2 100644 --- a/vendor/github.com/onsi/gomega/matchers/match_xml_matcher_test.go +++ b/vendor/github.com/onsi/gomega/matchers/match_xml_matcher_test.go @@ -41,12 +41,6 @@ var _ = Describe("MatchXMLMatcher", func() { Expect(sample_09).ShouldNot(MatchXML(sample_10)) // same structures with different attribute values Expect(sample_11).Should(MatchXML(sample_11)) // with non UTF-8 encoding }) - - It("should work with byte arrays", func() { - Expect([]byte(sample_01)).Should(MatchXML([]byte(sample_01))) - Expect([]byte(sample_01)).Should(MatchXML(sample_01)) - Expect(sample_01).Should(MatchXML([]byte(sample_01))) - }) }) Context("when the expected is not valid XML", func() { diff --git a/vendor/github.com/onsi/gomega/matchers/receive_matcher_test.go b/vendor/github.com/onsi/gomega/matchers/receive_matcher_test.go index cf04e85dd..dbfe4134d 100644 --- a/vendor/github.com/onsi/gomega/matchers/receive_matcher_test.go +++ b/vendor/github.com/onsi/gomega/matchers/receive_matcher_test.go @@ -265,7 +265,7 @@ var _ = Describe("ReceiveMatcher", func() { Describe("when used with eventually and a custom matcher", func() { It("should return the matcher's error when a failing value is received on the channel, instead of the must receive something failure", func() { failures := InterceptGomegaFailures(func() { - c := make(chan string, 0) + c := make(chan string) Eventually(c, 0.01).Should(Receive(Equal("hello"))) }) Expect(failures[0]).Should(ContainSubstring("When passed a matcher, ReceiveMatcher's channel *must* receive something.")) diff --git a/vendor/github.com/onsi/gomega/matchers/succeed_matcher_test.go b/vendor/github.com/onsi/gomega/matchers/succeed_matcher_test.go index e42dd8a6e..d9e4dfa75 100644 --- a/vendor/github.com/onsi/gomega/matchers/succeed_matcher_test.go +++ b/vendor/github.com/onsi/gomega/matchers/succeed_matcher_test.go @@ -2,10 +2,11 @@ package matchers_test import ( "errors" + "regexp" + . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" . "github.com/onsi/gomega/matchers" - "regexp" ) func Erroring() error { diff --git a/vendor/github.com/onsi/gomega/matchers/support/goraph/bipartitegraph/bipartitegraph.go b/vendor/github.com/onsi/gomega/matchers/support/goraph/bipartitegraph/bipartitegraph.go index 8aaf8759d..108f28586 100644 --- a/vendor/github.com/onsi/gomega/matchers/support/goraph/bipartitegraph/bipartitegraph.go +++ b/vendor/github.com/onsi/gomega/matchers/support/goraph/bipartitegraph/bipartitegraph.go @@ -1,6 +1,5 @@ package bipartitegraph -import "errors" import "fmt" import . "github.com/onsi/gomega/matchers/support/goraph/node" @@ -28,7 +27,7 @@ func NewBipartiteGraph(leftValues, rightValues []interface{}, neighbours func(in for j, rightValue := range rightValues { neighbours, err := neighbours(leftValue, rightValue) if err != nil { - return nil, errors.New(fmt.Sprintf("error determining adjacency for %v and %v: %s", leftValue, rightValue, err.Error())) + return nil, fmt.Errorf("error determining adjacency for %v and %v: %s", leftValue, rightValue, err.Error()) } if neighbours { diff --git a/vendor/github.com/openshift/custom-resource-status/LICENSE b/vendor/github.com/openshift/custom-resource-status/LICENSE new file mode 100644 index 000000000..261eeb9e9 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/openshift/custom-resource-status/Makefile b/vendor/github.com/openshift/custom-resource-status/Makefile new file mode 100644 index 000000000..3841e01de --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/Makefile @@ -0,0 +1,24 @@ +CODEGEN_PKG ?= ./vendor/k8s.io/code-generator + +all: test verify-deepcopy + +update-deepcopy: ## Update the deepcopy generated code + ./tools/update-deepcopy.sh + +verify-deepcopy: ## Verify deepcopy generated code + VERIFY=--verify-only ./tools/update-deepcopy.sh + +test: ## Run unit tests + go test -count=1 -short ./conditions/... + go test -count=1 -short ./objectreferences/... + +help: ## Show this help screen + @echo 'Usage: make ... ' + @echo '' + @echo 'Available targets are:' + @echo '' + @grep -E '^[ a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \ + awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}' + @echo '' + +.PHONY: update-deepcopy verify-deepcopy diff --git a/vendor/github.com/openshift/custom-resource-status/OWNERS b/vendor/github.com/openshift/custom-resource-status/OWNERS new file mode 100644 index 000000000..46cb613ac --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/OWNERS @@ -0,0 +1,8 @@ +reviewers: + - djzager + - rthallisey + - mhrivnak +approvers: + - djzager + - rthallisey + - mhrivnak diff --git a/vendor/github.com/openshift/custom-resource-status/README.md b/vendor/github.com/openshift/custom-resource-status/README.md new file mode 100644 index 000000000..023688880 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/README.md @@ -0,0 +1,25 @@ +Custom Resource Status +====================== + +[![Go Report Card](https://goreportcard.com/badge/github.com/openshift/custom-resource-status)](https://goreportcard.com/report/github.com/openshift/custom-resource-status) +[![Go Doc](https://godoc.org/github.com/openshift/custom-resource-status?status.svg)](http://godoc.org/github.com/openshift/custom-resource-status) +[![GitHub Issues](https://img.shields.io/github/issues/openshift/custom-resource-status.svg)](https://github.com/openshift/custom-resource-status/issues) +[![Licensed under Apache License version 2.0](https://img.shields.io/github/license/openshift/custom-resource-status.svg?maxAge=2592000)](https://www.apache.org/licenses/LICENSE-2.0) + +The purpose of this project is to provide some level of standardization and +best-practices with respect to managing the status of custom resources. This project +steals, err draws from: + +* [Cluster Version Operator (CVO)](https://github.com/openshift/cluster-version-operator) + that manages essential OpenShift operators. +* [ClusterOperator Custom Resource](https://github.com/openshift/cluster-version-operator/blob/master/docs/dev/clusteroperator.md#what-should-an-operator-report-with-clusteroperator-custom-resource) + that exists for operators managed by CVO to communicate their status. +* [openshift/library-go ClusterOperator status helpers](https://github.com/openshift/library-go/blob/master/pkg/config/clusteroperator/v1helpers/status.go) + that makes it easy to manage the status on a ClusterOperator resource. + +The goal here is to prescribe, without mandate, how to meaningfully populate the +status of the Custom Resources your operator manages. Types, constants, and +functions are provided for the following: + +* [Conditions](conditions/README.md) +* [Object References](objectreferences/README.md) diff --git a/vendor/github.com/openshift/custom-resource-status/conditions/README.md b/vendor/github.com/openshift/custom-resource-status/conditions/README.md new file mode 100644 index 000000000..c79ae0886 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/conditions/README.md @@ -0,0 +1,44 @@ +Conditions +========== + +Provides: + +* `Condition` type as specified in the [Kubernetes API Conventions](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md) +* `ConditionType` and generally useful constants for this type (ie. "Available", + "Progressing", "Degraded", and "Upgradeable") +* Functions for setting, removing, finding, and evaluating conditions. + +To use, simply add `Conditions` to your Custom Resource Status struct like: + +``` +// ExampleAppStatus defines the observed state of ExampleApp +type ExampleAppStatus struct { + ... + // conditions describes the state of the operator's reconciliation functionality. + // +patchMergeKey=type + // +patchStrategy=merge + // +optional + // Conditions is a list of conditions related to operator reconciliation + Conditions []conditions.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} +``` + +Then, as appropriate in your Reconcile function, use +`conditions.SetStatusConditions` like: + +``` +instance := &examplev1alpha1.ExampleApp{} +err := r.client.Get(context.TODO(), request.NamespacedName, instance) +...handle err + +conditions.SetStatusCondition(&instance.Status.Conditions, conditions.Condition{ + Type: conditions.ConditionAvailable, + Status: corev1.ConditionFalse, + Reason: "ReconcileStarted", + Message: "Reconciling resource" +}) + +// Update the status +err = r.client.Status().Update(context.TODO(), instance) +...handle err +``` diff --git a/vendor/github.com/openshift/custom-resource-status/conditions/v1/_doc.go b/vendor/github.com/openshift/custom-resource-status/conditions/v1/_doc.go new file mode 100644 index 000000000..b657efeaa --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/conditions/v1/_doc.go @@ -0,0 +1,9 @@ +// +k8s:deepcopy-gen=package,register +// +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-gen=true + +// Package v1 provides version v1 of the types and functions necessary to +// manage and inspect a slice of conditions. It is opinionated in the +// condition types provided but leaves it to the user to define additional +// types as necessary. +package v1 diff --git a/vendor/github.com/openshift/custom-resource-status/conditions/v1/conditions.go b/vendor/github.com/openshift/custom-resource-status/conditions/v1/conditions.go new file mode 100644 index 000000000..d32c48d9a --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/conditions/v1/conditions.go @@ -0,0 +1,82 @@ +package v1 + +import ( + "time" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// SetStatusCondition sets the corresponding condition in conditions to newCondition. +func SetStatusCondition(conditions *[]Condition, newCondition Condition) { + if conditions == nil { + conditions = &[]Condition{} + } + existingCondition := FindStatusCondition(*conditions, newCondition.Type) + if existingCondition == nil { + newCondition.LastTransitionTime = metav1.NewTime(time.Now()) + newCondition.LastHeartbeatTime = metav1.NewTime(time.Now()) + *conditions = append(*conditions, newCondition) + return + } + + if existingCondition.Status != newCondition.Status { + existingCondition.Status = newCondition.Status + existingCondition.LastTransitionTime = metav1.NewTime(time.Now()) + } + + existingCondition.Reason = newCondition.Reason + existingCondition.Message = newCondition.Message + existingCondition.LastHeartbeatTime = metav1.NewTime(time.Now()) +} + +// RemoveStatusCondition removes the corresponding conditionType from conditions. +func RemoveStatusCondition(conditions *[]Condition, conditionType ConditionType) { + if conditions == nil { + return + } + newConditions := []Condition{} + for _, condition := range *conditions { + if condition.Type != conditionType { + newConditions = append(newConditions, condition) + } + } + + *conditions = newConditions +} + +// FindStatusCondition finds the conditionType in conditions. +func FindStatusCondition(conditions []Condition, conditionType ConditionType) *Condition { + for i := range conditions { + if conditions[i].Type == conditionType { + return &conditions[i] + } + } + + return nil +} + +// IsStatusConditionTrue returns true when the conditionType is present and set to `corev1.ConditionTrue` +func IsStatusConditionTrue(conditions []Condition, conditionType ConditionType) bool { + return IsStatusConditionPresentAndEqual(conditions, conditionType, corev1.ConditionTrue) +} + +// IsStatusConditionFalse returns true when the conditionType is present and set to `corev1.ConditionFalse` +func IsStatusConditionFalse(conditions []Condition, conditionType ConditionType) bool { + return IsStatusConditionPresentAndEqual(conditions, conditionType, corev1.ConditionFalse) +} + +// IsStatusConditionUnknown returns true when the conditionType is present and set to `corev1.ConditionUnknown` +func IsStatusConditionUnknown(conditions []Condition, conditionType ConditionType) bool { + return IsStatusConditionPresentAndEqual(conditions, conditionType, corev1.ConditionUnknown) +} + +// IsStatusConditionPresentAndEqual returns true when conditionType is present and equal to status. +func IsStatusConditionPresentAndEqual(conditions []Condition, conditionType ConditionType, status corev1.ConditionStatus) bool { + for _, condition := range conditions { + if condition.Type == conditionType { + return condition.Status == status + } + } + return false +} diff --git a/vendor/github.com/openshift/custom-resource-status/conditions/v1/conditions_test.go b/vendor/github.com/openshift/custom-resource-status/conditions/v1/conditions_test.go new file mode 100644 index 000000000..95917281d --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/conditions/v1/conditions_test.go @@ -0,0 +1,216 @@ +package v1 + +import ( + "testing" + "time" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func TestSetStatusCondition(t *testing.T) { + testCases := []struct { + name string + testCondition Condition + startConditions *[]Condition + expectedConditions *[]Condition + }{ + { + name: "add when empty", + testCondition: Condition{ + Type: ConditionAvailable, + Status: "True", + Reason: "Testing", + Message: "Basic message", + }, + startConditions: &[]Condition{}, + expectedConditions: &[]Condition{ + { + Type: ConditionAvailable, + Status: "True", + Reason: "Testing", + Message: "Basic message", + }, + }, + }, + { + name: "add to conditions", + testCondition: Condition{ + Type: ConditionAvailable, + Status: "True", + Reason: "TestingAvailableTrue", + Message: "Available condition true", + }, + startConditions: &[]Condition{ + { + Type: ConditionDegraded, + Status: "False", + Reason: "TestingDegradedFalse", + Message: "Degraded condition false", + LastHeartbeatTime: metav1.NewTime(time.Now()), + }, + }, + expectedConditions: &[]Condition{ + { + Type: ConditionAvailable, + Status: "True", + Reason: "TestingAvailableTrue", + Message: "Available condition true", + }, + { + Type: ConditionDegraded, + Status: "False", + Reason: "TestingDegradedFalse", + Message: "Degraded condition false", + }, + }, + }, + { + name: "replace condition", + testCondition: Condition{ + Type: ConditionDegraded, + Status: "True", + Reason: "TestingDegradedTrue", + Message: "Degraded condition true", + }, + startConditions: &[]Condition{ + { + Type: ConditionDegraded, + Status: "False", + Reason: "TestingDegradedFalse", + Message: "Degraded condition false", + }, + }, + expectedConditions: &[]Condition{ + { + Type: ConditionDegraded, + Status: "True", + Reason: "TestingDegradedTrue", + Message: "Degraded condition true", + }, + }, + }, + { + name: "last heartbeat", + testCondition: Condition{ + Type: ConditionDegraded, + Status: "True", + Reason: "TestingDegradedTrue", + Message: "Degraded condition true", + }, + startConditions: &[]Condition{ + { + Type: ConditionDegraded, + Status: "True", + Reason: "TestingDegradedFalse", + Message: "Degraded condition false", + }, + }, + expectedConditions: &[]Condition{ + { + Type: ConditionDegraded, + Status: "True", + Reason: "TestingDegradedTrue", + Message: "Degraded condition true", + }, + }, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + SetStatusCondition(tc.startConditions, tc.testCondition) + compareConditions(t, tc.startConditions, tc.expectedConditions) + }) + } + + return +} + +func TestRemoveStatusCondition(t *testing.T) { + testCases := []struct { + name string + testConditionType ConditionType + startConditions *[]Condition + expectedConditions *[]Condition + }{ + { + name: "remove when empty", + testConditionType: ConditionAvailable, + startConditions: &[]Condition{}, + expectedConditions: &[]Condition{}, + }, + { + name: "basic remove", + testConditionType: ConditionAvailable, + startConditions: &[]Condition{ + { + Type: ConditionAvailable, + Status: "True", + Reason: "TestingAvailableTrue", + Message: "Available condition true", + LastHeartbeatTime: metav1.NewTime(time.Now()), + }, + { + Type: ConditionDegraded, + Status: "False", + Reason: "TestingDegradedFalse", + Message: "Degraded condition false", + LastHeartbeatTime: metav1.NewTime(time.Now()), + }, + }, + expectedConditions: &[]Condition{ + { + Type: ConditionDegraded, + Status: "False", + Reason: "TestingDegradedFalse", + Message: "Degraded condition false", + }, + }, + }, + { + name: "remove last condition", + testConditionType: ConditionAvailable, + startConditions: &[]Condition{ + { + Type: ConditionAvailable, + Status: "True", + Reason: "TestingAvailableTrue", + Message: "Available condition true", + }, + }, + expectedConditions: &[]Condition{}, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + RemoveStatusCondition(tc.startConditions, tc.testConditionType) + compareConditions(t, tc.startConditions, tc.expectedConditions) + }) + } + + return +} + +func compareConditions(t *testing.T, gotConditions *[]Condition, expectedConditions *[]Condition) { + for _, expectedCondition := range *expectedConditions { + testCondition := FindStatusCondition(*gotConditions, expectedCondition.Type) + if testCondition == nil { + t.Errorf("Condition type '%v' not found in '%v'", expectedCondition.Type, *gotConditions) + } + if testCondition.Status != expectedCondition.Status { + t.Errorf("Unexpected status '%v', expected '%v'", testCondition.Status, expectedCondition.Status) + } + if testCondition.Message != expectedCondition.Message { + t.Errorf("Unexpected message '%v', expected '%v'", testCondition.Message, expectedCondition.Message) + } + // Test for lastHeartbeatTime + if testCondition.LastHeartbeatTime.IsZero() { + t.Error("lastHeartbeatTime should never be zero") + } + timeNow := metav1.NewTime(time.Now()) + if timeNow.Before(&testCondition.LastHeartbeatTime) { + t.Errorf("Unexpected lastHeartbeatTime '%v', should be before '%v'", testCondition.LastHeartbeatTime, timeNow) + } + } +} diff --git a/vendor/github.com/openshift/custom-resource-status/conditions/v1/types.go b/vendor/github.com/openshift/custom-resource-status/conditions/v1/types.go new file mode 100644 index 000000000..950678fb9 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/conditions/v1/types.go @@ -0,0 +1,51 @@ +package v1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// Condition represents the state of the operator's +// reconciliation functionality. +// +k8s:deepcopy-gen=true +type Condition struct { + Type ConditionType `json:"type" description:"type of condition ie. Available|Progressing|Degraded."` + + Status corev1.ConditionStatus `json:"status" description:"status of the condition, one of True, False, Unknown"` + + // +optional + Reason string `json:"reason,omitempty" description:"one-word CamelCase reason for the condition's last transition"` + + // +optional + Message string `json:"message,omitempty" description:"human-readable message indicating details about last transition"` + + // +optional + LastHeartbeatTime metav1.Time `json:"lastHeartbeatTime" description:"last time we got an update on a given condition"` + + // +optional + LastTransitionTime metav1.Time `json:"lastTransitionTime" description:"last time the condition transit from one status to another"` +} + +// ConditionType is the state of the operator's reconciliation functionality. +type ConditionType string + +const ( + // ConditionAvailable indicates that the resources maintained by the operator, + // is functional and available in the cluster. + ConditionAvailable ConditionType = "Available" + + // ConditionProgressing indicates that the operator is actively making changes to the resources maintained by the + // operator + ConditionProgressing ConditionType = "Progressing" + + // ConditionDegraded indicates that the resources maintained by the operator are not functioning completely. + // An example of a degraded state would be if not all pods in a deployment were running. + // It may still be available, but it is degraded + ConditionDegraded ConditionType = "Degraded" + + // ConditionUpgradeable indicates whether the resources maintained by the operator are in a state that is safe to upgrade. + // When `False`, the resources maintained by the operator should not be upgraded and the + // message field should contain a human readable description of what the administrator should do to + // allow the operator to successfully update the resources maintained by the operator. + ConditionUpgradeable ConditionType = "Upgradeable" +) diff --git a/vendor/github.com/openshift/custom-resource-status/conditions/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/custom-resource-status/conditions/v1/zz_generated.deepcopy.go new file mode 100644 index 000000000..bbbbf863d --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/conditions/v1/zz_generated.deepcopy.go @@ -0,0 +1,23 @@ +// +build !ignore_autogenerated + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1 + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Condition) DeepCopyInto(out *Condition) { + *out = *in + in.LastHeartbeatTime.DeepCopyInto(&out.LastHeartbeatTime) + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. +func (in *Condition) DeepCopy() *Condition { + if in == nil { + return nil + } + out := new(Condition) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/openshift/custom-resource-status/go.mod b/vendor/github.com/openshift/custom-resource-status/go.mod new file mode 100644 index 000000000..fbe26eab4 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/go.mod @@ -0,0 +1,10 @@ +module github.com/openshift/custom-resource-status + +go 1.12 + +require ( + github.com/onsi/gomega v1.5.0 + k8s.io/api v0.0.0-20190725062911-6607c48751ae + k8s.io/apimachinery v0.0.0-20190719140911-bfcf53abc9f8 + k8s.io/code-generator v0.0.0-20190717022600-77f3a1fe56bb +) diff --git a/vendor/github.com/openshift/custom-resource-status/go.sum b/vendor/github.com/openshift/custom-resource-status/go.sum new file mode 100644 index 000000000..66050d19b --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/go.sum @@ -0,0 +1,143 @@ +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= +github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= +github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= +github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= +github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= +github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= +github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= +github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= +github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gogo/protobuf v1.0.0 h1:2jyBKDKU/8v3v2xVR2PtiWQviFUyiaGk2rpfyFT8rTM= +github.com/gogo/protobuf v1.0.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= +github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gnostic v0.0.0-20170426233943-68f4ded48ba9/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= +github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.6 h1:MrUvLMLTMxbqFJ9kzlvat/rYZqZnW3u4wkLzWTaFwKs= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.5.0 h1:izbySO9zDPmjJ8rDjLvkA2zJHIo+HkYXHnf7eN7SSyo= +github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495 h1:I6A9Ag9FpEKOjcKrRNjQkPHawoXIhKyTGfvvjFAiiAk= +golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59 h1:QjA/9ArTfVTLfEhClDCG7SGrZkZixxWpwNCDiwJfh88= +golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 h1:OB/uP/Puiu5vS5QMRPrXCDWUPb+kt8f1KW8oQzFejQw= +gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= +gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= +gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e h1:jRyg0XfpwWlhEV8mDfdNGBeSJM2fuyh9Yjrnd8kF2Ts= +gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.0 h1:3zYtXIO92bvsdS3ggAdA8Gb4Azj0YU+TVY1uGYNFA8o= +gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +k8s.io/api v0.0.0-20190725062911-6607c48751ae h1:La/F8nlqpe1mOXWX22I+Ce8wfQOfXcymYZofbDgmjyo= +k8s.io/api v0.0.0-20190725062911-6607c48751ae/go.mod h1:1O0xzX/RAtnm7l+5VEUxZ1ysO2ghatfq/OZED4zM9kA= +k8s.io/apimachinery v0.0.0-20190719140911-bfcf53abc9f8 h1:fVMoqaOPZ6KTeszBSBO8buFmXaR2JlnMn53eEBeganU= +k8s.io/apimachinery v0.0.0-20190719140911-bfcf53abc9f8/go.mod h1:sBJWIJZfxLhp7mRsRyuAE/NfKTr3kXGR1iaqg8O0gJo= +k8s.io/code-generator v0.0.0-20190717022600-77f3a1fe56bb h1:hfslhgotToortpUcX3HrgGkwp/XmuhTv9SryRLzHkmY= +k8s.io/code-generator v0.0.0-20190717022600-77f3a1fe56bb/go.mod h1:cDx5jQmWH25Ff74daM7NVYty9JWw9dvIS9zT9eIubCY= +k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= +k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= +k8s.io/klog v0.3.1 h1:RVgyDHY/kFKtLqh67NvEWIgkMneNoIrdkN0CxDSQc68= +k8s.io/klog v0.3.1/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= +k8s.io/kube-openapi v0.0.0-20190709113604-33be087ad058/go.mod h1:nfDlWeOsu3pUf4yWGL+ERqohP4YsZcBJXWMK+gkzOA4= +modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= +modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= +modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= +modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= +modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= +sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= +sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= +sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/vendor/github.com/openshift/custom-resource-status/objectreferences/README.md b/vendor/github.com/openshift/custom-resource-status/objectreferences/README.md new file mode 100644 index 000000000..bb9d0c777 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/objectreferences/README.md @@ -0,0 +1,49 @@ +Object References +================= + +The `ObjectReference` type is provided by Kubernetes Core API +`"k8s.io/api/core/v1"` but the functions to set and find an `ObjectReference` +are provided in this package. This is useful if you would like +to include in the Status of your Custom Resource a list of objects +that are managed by your operator (ie. Deployments, Services, other +Custom Resources, etc.). + +For example, we can add `RelatedObjects` to our Status struct: + +``` +// ExampleAppStatus defines the observed state of ExampleApp +type ExampleAppStatus struct { + ... + // RelatedObjects is a list of objects that are "interesting" or related to this operator. + RelatedObjects []corev1.ObjectReference `json:"relatedObjects,omitempty"` +} +``` + +Then, through Reconcile, when an object we manage has been found we can add it to +the `RelatedObjects` slice. + +``` +found := &someAPI.SomeObject{} +err := r.client.Get(context.TODO(), types.NamespacedName{Name: object.Name, Namespace: object.Namespace}, found) +...handle err + +// Add it to the list of RelatedObjects if found +// import "k8s.io/client-go/tools/reference" +objectRef, err := reference.GetReference(r.scheme, found) +if err != nil { + return err +} +objectreferencesv1.SetObjectReference(&instance.Status.RelatedObjects, *objectRef) + +// Update the status +err = r.client.Status().Update(context.TODO(), instance) +...handle err +``` + +**NOTE**: This package specifies a minimum for what constitutes a valid object +reference. The minimum valid object reference consists of non-empty strings +for the object's: + +* APIVersion +* Kind +* Name diff --git a/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/_doc.go b/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/_doc.go new file mode 100644 index 000000000..ce7055f09 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/_doc.go @@ -0,0 +1,9 @@ +// +k8s:deepcopy-gen=package,register +// +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-gen=true + +// Package v1 provides version v1 of the functions necessary to +// manage and inspect a slice of object references. This can be +// used to add a RelatedObjects field on the status of your custom +// resource, adding objects that your operator manages to the status. +package v1 diff --git a/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/objectreferences.go b/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/objectreferences.go new file mode 100644 index 000000000..c0af5f1cc --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/objectreferences.go @@ -0,0 +1,108 @@ +package v1 + +import ( + "errors" + + corev1 "k8s.io/api/core/v1" +) + +var errMinObjectRef = errors.New("object reference must have, at a minimum: apiVersion, kind, and name") + +// SetObjectReference - updates list of object references based on newObject +func SetObjectReference(objects *[]corev1.ObjectReference, newObject corev1.ObjectReference) error { + if !minObjectReference(newObject) { + return errMinObjectRef + } + + if objects == nil { + objects = &[]corev1.ObjectReference{} + } + existingObject, err := FindObjectReference(*objects, newObject) + if err != nil { + return err + } + if existingObject == nil { // add it to the slice + *objects = append(*objects, newObject) + } else { // update found reference + *existingObject = newObject + } + return nil +} + +// RemoveObjectReference - updates list of object references to remove rmObject +func RemoveObjectReference(objects *[]corev1.ObjectReference, rmObject corev1.ObjectReference) error { + if !minObjectReference(rmObject) { + return errMinObjectRef + } + + if objects == nil { + return nil + } + newObjectReferences := []corev1.ObjectReference{} + // TODO: this is incredibly inefficient. If the performance hit becomes a + // problem this should be improved. + for _, object := range *objects { + if !ObjectReferenceEqual(object, rmObject) { + newObjectReferences = append(newObjectReferences, object) + } + } + + *objects = newObjectReferences + return nil +} + +// FindObjectReference - finds the first ObjectReference in a slice of objects +// matching find. +func FindObjectReference(objects []corev1.ObjectReference, find corev1.ObjectReference) (*corev1.ObjectReference, error) { + if !minObjectReference(find) { + return nil, errMinObjectRef + } + + for i := range objects { + if ObjectReferenceEqual(find, objects[i]) { + return &objects[i], nil + } + } + + return nil, nil +} + +// ObjectReferenceEqual - compares gotRef to expectedRef +// preference order: APIVersion, Kind, Name, and Namespace +// if either gotRef or expectedRef fail minObjectReference test, this function +// will simply return false +func ObjectReferenceEqual(gotRef, expectedRef corev1.ObjectReference) bool { + if !minObjectReference(gotRef) || !minObjectReference(expectedRef) { + return false + } + if gotRef.APIVersion != expectedRef.APIVersion { + return false + } + if gotRef.Kind != expectedRef.Kind { + return false + } + if gotRef.Name != expectedRef.Name { + return false + } + if expectedRef.Namespace != "" && (gotRef.Namespace != expectedRef.Namespace) { + return false + } + return true +} + +// in order to have any meaningful semantics on this we need to +// ensuer that some minimal amount of information is provided in +// the object reference +func minObjectReference(objRef corev1.ObjectReference) bool { + if objRef.APIVersion == "" { + return false + } + if objRef.Kind == "" { + return false + } + if objRef.Name == "" { + return false + } + + return true +} diff --git a/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/objectreferences_test.go b/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/objectreferences_test.go new file mode 100644 index 000000000..23a1cec0a --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/objectreferences/v1/objectreferences_test.go @@ -0,0 +1,364 @@ +package v1 + +import ( + "testing" + + "k8s.io/apimachinery/pkg/api/equality" + + corev1 "k8s.io/api/core/v1" +) + +func TestSetObjectReference(t *testing.T) { + testCases := []struct { + name string + testRef corev1.ObjectReference + startRefs *[]corev1.ObjectReference + expectedRefs *[]corev1.ObjectReference + shouldError bool + }{ + { + name: "add when empty", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{}, + expectedRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + }, + shouldError: false, + }, + { + name: "simple add", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{ + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + }, + expectedRefs: &[]corev1.ObjectReference{ + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + }, + shouldError: false, + }, + { + name: "replace reference", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + UID: "fooid", + }, + startRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + }, + expectedRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + UID: "fooid", + }, + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + }, + shouldError: false, + }, + { + name: "error on newObject not minObjectReference", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{}, + expectedRefs: &[]corev1.ObjectReference{}, + shouldError: true, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + err := SetObjectReference(tc.startRefs, tc.testRef) + if err != nil && !tc.shouldError { + t.Fatalf("Error occurred unexpectedly: %v", err) + } + if err != nil && tc.shouldError { + return + } + if !equality.Semantic.DeepEqual(*tc.startRefs, *tc.expectedRefs) { + t.Errorf("Unexpected object refs '%v', expected '%v'", tc.startRefs, tc.expectedRefs) + } + }) + } + return +} + +func TestRemoveObjectReference(t *testing.T) { + testCases := []struct { + name string + testRef corev1.ObjectReference + startRefs *[]corev1.ObjectReference + expectedRefs *[]corev1.ObjectReference + shouldError bool + }{ + { + name: "remove when empty", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{}, + expectedRefs: &[]corev1.ObjectReference{}, + shouldError: false, + }, + { + name: "simple remove", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + }, + expectedRefs: &[]corev1.ObjectReference{ + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + }, + shouldError: false, + }, + { + name: "remove last", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + }, + expectedRefs: &[]corev1.ObjectReference{}, + shouldError: false, + }, + { + // Not sure if this is possible by using SetObjectReference + // but testing this anyway + name: "remove matching", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + UID: "myuid", + }, + }, + expectedRefs: &[]corev1.ObjectReference{ + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + }, + shouldError: false, + }, + { + name: "error on rmObject not minObjectReference", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + { + Kind: "BarKind", + Namespace: "test-namespace", + Name: "bar", + APIVersion: "test.example.io", + }, + }, + expectedRefs: &[]corev1.ObjectReference{}, + shouldError: true, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + err := RemoveObjectReference(tc.startRefs, tc.testRef) + if err != nil && !tc.shouldError { + t.Fatalf("Error occurred unexpectedly: %v", err) + } + if err != nil && tc.shouldError { + return + } + if !equality.Semantic.DeepEqual(*tc.startRefs, *tc.expectedRefs) { + t.Errorf("Unexpected object refs '%v', expected '%v'", tc.startRefs, tc.expectedRefs) + } + }) + } + return +} + +func TestFindObjectReference(t *testing.T) { + testCases := []struct { + name string + testRef corev1.ObjectReference + startRefs *[]corev1.ObjectReference + expectedRef *corev1.ObjectReference + shouldError bool + }{ + { + name: "simple find", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{ + { + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + }, + expectedRef: &corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + shouldError: false, + }, + { + name: "find when empty", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + Namespace: "test-namespace", + Name: "foo", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{}, + expectedRef: nil, + shouldError: false, + }, + { + name: "err when not minimal object reference", + testRef: corev1.ObjectReference{ + Kind: "FooKind", + APIVersion: "test.example.io", + }, + startRefs: &[]corev1.ObjectReference{}, + expectedRef: nil, + shouldError: true, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + foundRef, err := FindObjectReference(*tc.startRefs, tc.testRef) + if err != nil && !tc.shouldError { + t.Fatalf("Error occurred unexpectedly: %v", err) + } + if err != nil && tc.shouldError { + return + } + if !equality.Semantic.DeepEqual(foundRef, tc.expectedRef) { + t.Errorf("Unexpected object ref '%v', expected '%v'", foundRef, tc.expectedRef) + } + }) + } + return +} diff --git a/vendor/github.com/openshift/custom-resource-status/testlib/matcher.go b/vendor/github.com/openshift/custom-resource-status/testlib/matcher.go new file mode 100644 index 000000000..5ee1d3d21 --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/testlib/matcher.go @@ -0,0 +1,50 @@ +package testlib + +import ( + "fmt" + + gomegatypes "github.com/onsi/gomega/types" + conditionsv1 "github.com/openshift/custom-resource-status/conditions/v1" +) + +// RepresentCondition - returns a GomegaMatcher useful for comparing conditions +func RepresentCondition(expected conditionsv1.Condition) gomegatypes.GomegaMatcher { + return &representConditionMatcher{ + expected: expected, + } +} + +type representConditionMatcher struct { + expected conditionsv1.Condition +} + +// Match - compares two conditions +// two conditions are the same if they have the same type, status, reason, and message +func (matcher *representConditionMatcher) Match(actual interface{}) (success bool, err error) { + actualCondition, ok := actual.(conditionsv1.Condition) + if !ok { + return false, fmt.Errorf("RepresentConditionMatcher expects a Condition") + } + + if matcher.expected.Type != actualCondition.Type { + return false, nil + } + if matcher.expected.Status != actualCondition.Status { + return false, nil + } + if matcher.expected.Reason != actualCondition.Reason { + return false, nil + } + if matcher.expected.Message != actualCondition.Message { + return false, nil + } + return true, nil +} + +func (matcher *representConditionMatcher) FailureMessage(actual interface{}) (message string) { + return fmt.Sprintf("Expected\n\t%#v\nto match the condition\n\t%#v", actual, matcher.expected) +} + +func (matcher *representConditionMatcher) NegatedFailureMessage(actual interface{}) (message string) { + return fmt.Sprintf("Expected\n\t%#v\nnot to match the condition\n\t%#v", actual, matcher.expected) +} diff --git a/vendor/github.com/openshift/custom-resource-status/tools/empty.txt b/vendor/github.com/openshift/custom-resource-status/tools/empty.txt new file mode 100644 index 000000000..e69de29bb diff --git a/vendor/github.com/openshift/custom-resource-status/tools/tools.go b/vendor/github.com/openshift/custom-resource-status/tools/tools.go new file mode 100644 index 000000000..b69d6ad4a --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/tools/tools.go @@ -0,0 +1,4 @@ +// Package tools imports things required by build scripts +package tools + +import _ "k8s.io/code-generator" // simply to force `go mod` to see them as dependencies diff --git a/vendor/github.com/openshift/custom-resource-status/tools/update-deepcopy.sh b/vendor/github.com/openshift/custom-resource-status/tools/update-deepcopy.sh new file mode 100755 index 000000000..120eb33ae --- /dev/null +++ b/vendor/github.com/openshift/custom-resource-status/tools/update-deepcopy.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/.. +CODEGEN_PKG=${CODEGEN_PKG:-$(cd ${SCRIPT_ROOT}; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../../../k8s.io/code-generator)} + +verify="${VERIFY:-}" + +bash ${CODEGEN_PKG}/generate-groups.sh "deepcopy" \ + github.com/openshift/custom-resource-status/generated \ + github.com/openshift/custom-resource-status \ + "conditions:v1" \ + "objectreferences:v1" \ + --go-header-file ${SCRIPT_ROOT}/tools/empty.txt \ + ${verify} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/.dockerignore b/vendor/github.com/operator-framework/operator-lifecycle-manager/.dockerignore new file mode 100644 index 000000000..d690ec8e6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/.dockerignore @@ -0,0 +1,2 @@ +.git/objects +./bin/* diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitignore b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitignore new file mode 100644 index 000000000..f09b88535 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitignore @@ -0,0 +1,452 @@ +# Created by .ignore support plugin (hsz.mobi) +### Emacs template +# -*- mode: gitignore; -*- +*~ +\#*\# +/.emacs.desktop +/.emacs.desktop.lock +*.elc +auto-save-list +tramp +.\#* + +# Org-mode +.org-id-locations +*_archive + +# flymake-mode +*_flymake.* + +# eshell files +/eshell/history +/eshell/lastdir + +# elpa packages +/elpa/ + +# reftex files +*.rel + +# AUCTeX auto folder +/auto/ + +# cask packages +.cask/ +dist/ + +# Flycheck +flycheck_*.el + +# server auth directory +/server/ + +# projectiles files +.projectile + +# directory configuration +.dir-locals.el +### JetBrains template +# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm +# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 +.idea/ + +# User-specific stuff: +.idea/**/workspace.xml +.idea/**/tasks.xml +.idea/dictionaries + +# Sensitive or high-churn files: +.idea/**/dataSources/ +.idea/**/dataSources.ids +.idea/**/dataSources.xml +.idea/**/dataSources.local.xml +.idea/**/sqlDataSources.xml +.idea/**/dynamic.xml +.idea/**/uiDesigner.xml + +# Gradle: +.idea/**/gradle.xml +.idea/**/libraries + +# CMake +cmake-build-debug/ + +# Mongo Explorer plugin: +.idea/**/mongoSettings.xml + +## File-based project format: +*.iws + +## Plugin-specific files: + +# IntelliJ +out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties +### macOS template +# General +*.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk +### Go template +# Binaries for programs and plugins +*.exe +*.dll +*.so +*.dylib + +# Test binary, build with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736 +.glide/ +### Vim template +# Swap +[._]*.s[a-v][a-z] +[._]*.sw[a-p] +[._]s[a-v][a-z] +[._]sw[a-p] + +# Session +Session.vim + +# Temporary +.netrwhist +*~ +# Auto-generated tag files +tags + +.idea/alm.iml +.idea/modules.xml +.idea/workspace.xml + + +### VisualStudioCode ### +.vscode/* +.history + +### VisualStudio ### +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +bld/ +[Bb]in/ +[Oo]bj/ +# [Ll]og/ TODO: Remove this rule + +# Visual Studio 2015 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUNIT +*.VisualState.xml +TestResult.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ +**/Properties/launchSettings.json + +*_i.c +*_p.c +*_i.h +*.ilk +*.meta +*.obj +*.pch +*.pdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# JustCode is a .NET coding add-in +.JustCode + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# TODO: Uncomment the next line to ignore your web deploy settings. +# By default, sensitive information, such as encrypted password +# should be stored in the .pubxml.user file. +#*.pubxml +*.pubxml.user +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Typescript v1 declaration files +typings/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# JetBrains Rider +.idea/ +*.sln.iml + +# CodeRush +.cr/ + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# project-specific +*.bak +**/resources/* +/build +/apiserver.local.config +e2e.namespace +minikube.kubeconfig diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci.jsonnet b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci.jsonnet new file mode 100644 index 000000000..b769b5dc8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci.jsonnet @@ -0,0 +1,120 @@ +local utils = import '.gitlab-ci/utils.libsonnet'; +local vars = import '.gitlab-ci/vars.libsonnet'; +local baseJob = import '.gitlab-ci/base_jobs.libsonnet'; +local k8s = utils.k8s; +local mergeJob = utils.ci.mergeJob; +local images = vars.images; +local docker = utils.docker; +local stages_list = [ + // gitlab-ci stages + 'docker_base', + 'docker_build', + 'deploy_preview', + 'test_setup', + 'tests', + 'test_teardown', + 'integration', + 'docker_release', + 'deploy_staging', + 'teardown', +]; + +local stages = utils.set(stages_list); + +// List CI jobs +local jobs = { + 'container-base-build': baseJob.dockerBuild { + stage: stages.docker_base, + script: docker.build_and_push(images.base.name, + cache=false, + args={ sshkey: vars.deploy_keys.operator_client }, + extra_opts=["-f base.Dockerfile"]), + only: ["schedules", "tags"], + }, + + 'container-build': baseJob.dockerBuild { + // Build and push the olm container. + // Docker Tag is the branch/tag name + stage: stages.docker_build, + before_script+: [ + "mkdir -p $PWD/bin", + ], + + // builds a single multistage dockerfile and tags images based on labels + // on the intermediate builds + script: docker.multibuild_and_push("upstream.Dockerfile", labelImageMap={ + 'builder': images.ci.olm.name, + 'olm': images.prerelease.olm.name, + 'e2e': images.e2e.name, + }), + only: ['master', 'tags'], + }, + + 'container-release': baseJob.dockerBuild { + // ! Only master + // push the container to the 'prod' repository + stage: stages.docker_release, + before_script+: ["mkdir -p $PWD/bin"], + script: + docker.rename(images.prerelease.olm.name, images.release.olm.name) + + docker.rename(images.e2e.name, images.e2elatest.name), + only: ['master'], + }, + + 'tag-release': baseJob.dockerBuild { + // ! Only tags + // push the container to the 'prod' repository + stage: stages.docker_release, + before_script+: ["mkdir -p $PWD/bin"], + script: + docker.rename(images.prerelease.olm.name, images.tag.olm.name) + + docker.rename(images.e2e.name, images.e2elatest.name), + only: ['tags'], + }, + + "deploy-staging": baseJob.Deploy { + local _vars = self.localvars, + localvars+:: { + image: images.release, + domain: "alm-staging.k8s.devtable.com", + namespace: "ci-alm-staging", + channel: "staging", + helm_opts: ["--force"], + kubeconfig: "$CD_KUBECONFIG", + }, + stage: stages.deploy_staging, + script+: [], + environment+: { + name: "staging", + }, + only: ['master'], + }, + + "deploy-openshift": baseJob.Deploy { + local _vars = self.localvars, + localvars+:: { + image: images.release, + domain: "console.apps.ui-preserve.origin-gce.dev.openshift.com", + namespace: "operator-lifecycle-manager", + channel: "staging", + helm_opts: ["--force"], + kubeconfig: "$OPENSHIFT_KUBECONFIG", + params+:: { + watchedNamespaces: "", + }, + }, + stage: stages.deploy_staging, + script+: [ + "curl -X POST --data-urlencode \"payload={\\\"text\\\": \\\"New OLM Operator quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHA} deployed to ${OPENSHIFT_HOST}/k8s/ns/operator-lifecycle-manager/deployments/alm-operator\\\"}\" ${TEAMUI_SLACK_URL}", + ], + environment+: { + name: "openshift", + }, + only: ['master'], + }, +}; + +{ + stages: stages_list, + variables: vars.global, +} + jobs diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci.yml b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci.yml new file mode 100644 index 000000000..9905d103a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci.yml @@ -0,0 +1,155 @@ +# Generated from .gitlab-ci.jsonnet +# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN +--- +container-base-build: + before_script: + - docker login -u $DOCKER_USER -p $DOCKER_PASS quay.io + image: docker:git + only: + - schedules + - tags + script: + - 'docker build --build-arg sshkey=$OPERATORCLENT_RSA_B64 --no-cache -f base.Dockerfile -t quay.io/coreos/olm-ci:base . ' + - docker push quay.io/coreos/olm-ci:base + stage: docker_base + tags: + - kubernetes + variables: + DOCKER_DRIVER: overlay2 + DOCKER_HOST: tcp://docker-host.gitlab.svc.cluster.local:2375 +container-build: + before_script: + - docker login -u $DOCKER_USER -p $DOCKER_PASS quay.io + - mkdir -p $PWD/bin + image: docker:git + only: + - master + - tags + script: + - docker build -f upstream.Dockerfile . + - "docker tag $(docker images --filter 'label=stage=builder' --format '{{.CreatedAt}}\t{{.ID}}' | sort -nr | head -n 1 | cut -f2) quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG}" + - "docker tag $(docker images --filter 'label=stage=e2e' --format '{{.CreatedAt}}\t{{.ID}}' | sort -nr | head -n 1 | cut -f2) quay.io/coreos/olm-e2e:${CI_COMMIT_REF_SLUG}-${SHA8}" + - "docker tag $(docker images --filter 'label=stage=olm' --format '{{.CreatedAt}}\t{{.ID}}' | sort -nr | head -n 1 | cut -f2) quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG}-pre" + - docker push quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG} + - docker push quay.io/coreos/olm-e2e:${CI_COMMIT_REF_SLUG}-${SHA8} + - docker push quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG}-pre + stage: docker_build + tags: + - kubernetes + variables: + DOCKER_DRIVER: overlay2 + DOCKER_HOST: tcp://docker-host.gitlab.svc.cluster.local:2375 +container-release: + before_script: + - docker login -u $DOCKER_USER -p $DOCKER_PASS quay.io + - mkdir -p $PWD/bin + image: docker:git + only: + - master + script: + - docker pull quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG}-pre + - docker tag quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG}-pre quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} + - docker push quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} + - docker pull quay.io/coreos/olm-e2e:${CI_COMMIT_REF_SLUG}-${SHA8} + - docker tag quay.io/coreos/olm-e2e:${CI_COMMIT_REF_SLUG}-${SHA8} quay.io/coreos/olm-e2e:latest + - docker push quay.io/coreos/olm-e2e:latest + stage: docker_release + tags: + - kubernetes + variables: + DOCKER_DRIVER: overlay2 + DOCKER_HOST: tcp://docker-host.gitlab.svc.cluster.local:2375 +deploy-openshift: + before_script: + - 'echo "version: 1.0.0-${CI_COMMIT_REF_SLUG}-pre" >> deploy/chart/Chart.yaml' + - 'echo "{\"catalog.image.ref\": \"quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8}\", \"catalog_namespace\": \"operator-lifecycle-manager\", \"namespace\": \"operator-lifecycle-manager\", \"olm.image.ref\": + \"quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8}\", \"package.image.ref\": \"quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8}\", \"watchedNamespaces\": \"\"}" > params.json' + - cat params.json + environment: + name: openshift + url: https://console.apps.ui-preserve.origin-gce.dev.openshift.com + image: quay.io/coreos/alm-ci-build:latest + only: + - master + script: + - echo $OPENSHIFT_KUBECONFIG | base64 -d > kubeconfig + - export KUBECONFIG=./kubeconfig + - charttmpdir=`mktemp -d 2>/dev/null || mktemp -d -t 'charttmpdir'`;mkdir -p ${charttmpdir};helm template -n olm --set namespace=operator-lifecycle-manager deploy/chart --set catalog.image.ref=quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} + --set catalog_namespace=operator-lifecycle-manager --set namespace=operator-lifecycle-manager --set olm.image.ref=quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} --set package.image.ref=quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} + --set watchedNamespaces= --output-dir ${charttmpdir};chartfilenames=$(ls ${charttmpdir}/olm/templates/*.yaml);echo ${chartfilenames};for f in ${chartfilenames};do if [[ $f == *.configmap.yaml ]];then + kubectl replace --force -f ${f};else kubectl apply -f ${f};fi;done; + - kubectl create secret docker-registry coreos-pull-secret --docker-server quay.io --docker-username $DOCKER_USER --docker-password $DOCKER_PASS --docker-email ignored@example.com --namespace=operator-lifecycle-manager + || true + - kubectl rollout status -w deployment/olm-operator --namespace=operator-lifecycle-manager + - kubectl rollout status -w deployment/catalog-operator --namespace=operator-lifecycle-manager + - 'curl -X POST --data-urlencode "payload={\"text\": \"New OLM Operator quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHA} deployed to ${OPENSHIFT_HOST}/k8s/ns/operator-lifecycle-manager/deployments/alm-operator\"}" + ${TEAMUI_SLACK_URL}' + stage: deploy_staging + tags: + - kubernetes + variables: + ALM_DOMAIN: console.apps.ui-preserve.origin-gce.dev.openshift.com + K8S_NAMESPACE: operator-lifecycle-manager +deploy-staging: + before_script: + - 'echo "version: 1.0.0-${CI_COMMIT_REF_SLUG}-pre" >> deploy/chart/Chart.yaml' + - 'echo "{\"catalog.image.ref\": \"quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8}\", \"catalog_namespace\": \"ci-alm-staging\", \"namespace\": \"ci-alm-staging\", \"olm.image.ref\": \"quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8}\", + \"package.image.ref\": \"quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8}\", \"watchedNamespaces\": \"ci-alm-staging\"}" > params.json' + - cat params.json + environment: + name: staging + url: https://alm-staging.k8s.devtable.com + image: quay.io/coreos/alm-ci-build:latest + only: + - master + script: + - echo $CD_KUBECONFIG | base64 -d > kubeconfig + - export KUBECONFIG=./kubeconfig + - charttmpdir=`mktemp -d 2>/dev/null || mktemp -d -t 'charttmpdir'`;mkdir -p ${charttmpdir};helm template -n olm --set namespace=ci-alm-staging deploy/chart --set catalog.image.ref=quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} + --set catalog_namespace=ci-alm-staging --set namespace=ci-alm-staging --set olm.image.ref=quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} --set package.image.ref=quay.io/coreos/olm:${CI_COMMIT_REF_SLUG}-${SHA8} + --set watchedNamespaces=ci-alm-staging --output-dir ${charttmpdir};chartfilenames=$(ls ${charttmpdir}/olm/templates/*.yaml);echo ${chartfilenames};for f in ${chartfilenames};do if [[ $f == *.configmap.yaml + ]];then kubectl replace --force -f ${f};else kubectl apply -f ${f};fi;done; + - kubectl create secret docker-registry coreos-pull-secret --docker-server quay.io --docker-username $DOCKER_USER --docker-password $DOCKER_PASS --docker-email ignored@example.com --namespace=ci-alm-staging + || true + - kubectl rollout status -w deployment/olm-operator --namespace=ci-alm-staging + - kubectl rollout status -w deployment/catalog-operator --namespace=ci-alm-staging + stage: deploy_staging + tags: + - kubernetes + variables: + ALM_DOMAIN: alm-staging.k8s.devtable.com + K8S_NAMESPACE: ci-alm-staging +stages: +- docker_base +- docker_build +- deploy_preview +- test_setup +- tests +- test_teardown +- integration +- docker_release +- deploy_staging +- teardown +tag-release: + before_script: + - docker login -u $DOCKER_USER -p $DOCKER_PASS quay.io + - mkdir -p $PWD/bin + image: docker:git + only: + - tags + script: + - docker pull quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG}-pre + - docker tag quay.io/coreos/olm-ci:${CI_COMMIT_REF_SLUG}-pre quay.io/coreos/olm:${CI_COMMIT_TAG} + - docker push quay.io/coreos/olm:${CI_COMMIT_TAG} + - docker pull quay.io/coreos/olm-e2e:${CI_COMMIT_REF_SLUG}-${SHA8} + - docker tag quay.io/coreos/olm-e2e:${CI_COMMIT_REF_SLUG}-${SHA8} quay.io/coreos/olm-e2e:latest + - docker push quay.io/coreos/olm-e2e:latest + stage: docker_release + tags: + - kubernetes + variables: + DOCKER_DRIVER: overlay2 + DOCKER_HOST: tcp://docker-host.gitlab.svc.cluster.local:2375 +variables: + FAILFASTCI_NAMESPACE: operator-framework + GET_SOURCES_ATTEMPTS: '10' diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/base_jobs.libsonnet b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/base_jobs.libsonnet new file mode 100644 index 000000000..e816ad759 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/base_jobs.libsonnet @@ -0,0 +1,91 @@ +local utils = import 'utils.libsonnet'; +local vars = import 'vars.libsonnet'; +local k8s = utils.k8s; +local helm = utils.helm; +local docker = utils.docker; +local appr = utils.appr; + +{ + local job_tags = { tags: ["kubernetes"] }, + + dockerBuild: { + // base job to manage containers (build / push) + image: "docker:git", + variables: { + DOCKER_DRIVER: "overlay2", + DOCKER_HOST: "tcp://docker-host.gitlab.svc.cluster.local:2375", + }, + before_script: [ + "docker login -u $DOCKER_USER -p $DOCKER_PASS quay.io", + ], + } + job_tags, + + Deploy: { + local this = self, + local _vars = self.localvars, + localvars:: { + appversion: "1.0.0-%s" % self.image.olm.tag, + apprepo: "quay.io/coreos/olm-ci-app", + appname: self.namespace, + chart: "deploy/chart", + app: "%s@%s" % [self.apprepo, self.appversion], + domain: "olm-%s.k8s.devtable.com" % "${CI_COMMIT_REF_SLUG}", + namespace: "ci-olm-%s" % "${CI_COMMIT_REF_SLUG}", + image: vars.images.prerelease, + channel: null, + helm_opts: [], + kubeconfig: "$CD_KUBECONFIG", + params: { + "olm.image.ref": _vars.image.olm.name, + "catalog.image.ref": _vars.image.olm.name, + "package.image.ref": _vars.image.olm.name, + watchedNamespaces: _vars.namespace, + catalog_namespace: _vars.namespace, + namespace: _vars.namespace, + }, + }, + + variables: { + K8S_NAMESPACE: _vars.namespace, + ALM_DOMAIN: _vars.domain, + }, + + image: "quay.io/coreos/alm-ci-build:latest", + environment: { + name: "review/%s" % _vars.appname, + url: "https://%s" % _vars.domain, + }, + + before_script: [ + 'echo "version: 1.0.0-${CI_COMMIT_REF_SLUG}-pre" >> %s/Chart.yaml' % _vars.chart, + 'echo %s > params.json' % std.escapeStringJson(_vars.params), + "cat params.json", + ], + + script: + k8s.setKubeConfig(_vars.kubeconfig) + + helm.templateApply("olm", _vars.chart, _vars.namespace, _vars.params) + + k8s.createPullSecret("coreos-pull-secret", + _vars.namespace, + "quay.io", + "$DOCKER_USER", + "$DOCKER_PASS") + + k8s.waitForDeployment("olm-operator", _vars.namespace) + + k8s.waitForDeployment("catalog-operator", _vars.namespace) + } + job_tags, + + DeployStop: self.Deploy { + variables+: { GIT_STRATEGY: "none" }, + environment+: { + action: "stop", + }, + before_script: [], + script: + k8s.setKubeConfig(self.localvars.kubeconfig) + [ + "kubectl delete apiservice v1alpha1.packages.apps.redhat.com --ignore-not-found=true", + "kubectl delete ns --ignore-not-found=true %s" % self.localvars.namespace, + "kubectl get pods -o wide -n %s" % self.localvars.namespace, + ], + } + job_tags, + +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/utils.libsonnet b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/utils.libsonnet new file mode 100644 index 000000000..9a38cab45 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/utils.libsonnet @@ -0,0 +1,239 @@ +{ + local topSelf = self, + # Generate a sequence array from 1 to i + seq(i):: ( + [x for x in std.range(1, i)] + ), + + objectFieldsHidden(obj):: ( + std.setDiff(std.objectFieldsAll(obj), std.objectFields(obj)) + ), + + objectFlatten(obj):: ( + // Merge 1 level dict depth into toplevel + local visible = { + [k]: obj[j][k] + for j in std.objectFieldsAll(obj) + for k in std.objectFieldsAll(obj[j]) + }; + + visible + ), + + compact(array):: ( + [x for x in array if x != null] + ), + + objectValues(obj):: ( + local fields = std.objectFields(obj); + [obj[key] for key in fields] + ), + + objectMap(func, obj):: ( + local fields = std.objectFields(obj); + { [key]: func(obj[key]) for key in fields } + ), + + capitalize(str):: ( + std.char(std.codepoint(str[0]) - 32) + str[1:] + ), + + test: [ + self.capitalize("test"), + ], + + + set(array):: + { [key]: key for key in array }, + + containerName(repo, tag):: "%s:%s" % [repo, tag], + + docker: { + local Docker = self, + + login(server, user, password):: [ + "docker login -u %s -p %s %s" % [user, password, server], + ], + cp(image, src, dest):: [ + "docker create %s | xargs -I{} docker cp {}:%s %s" % [image, src, dest], + ], + + run(image, cmd, opts=[]):: [ + local optstr = std.join(" ", opts); + 'docker run %s %s %s' % [optstr, image, cmd], + ], + + build_and_push(image, cache=true, args={}, extra_opts=[]):: ( + Docker.build(image, cache, args, extra_opts) + + Docker.push(image) + ), + + multibuild_and_push(dockerfile, labelImageMap={}):: ( + Docker.build_file(dockerfile) + + Docker.tag_from_labels(labelImageMap) + + Docker.push_all([labelImageMap[label] for label in std.objectFields(labelImageMap)]) + ), + + build_file(dockerfile):: [ + 'docker build -f %s .' % [dockerfile], + ], + + tag_from_labels(labelImageMap={}):: [ + "docker tag $(docker images --filter 'label=stage=%s' --format '{{.CreatedAt}}\t{{.ID}}' | sort -nr | head -n 1 | cut -f2) %s" + % [label, labelImageMap[label]] for label in std.objectFields(labelImageMap) + ], + + build(image, cache=true, args={},extra_opts=[]):: [ + local cache_opt = if cache == false + then '--no-cache' + else if std.type(cache) == 'boolean' + then '--no-cache' + else '--cache-from=%s' % cache; + local buildargs_opt = std.join(" ", [ + "--build-arg %s=%s" % [key, args[key]] + for key in std.objectFields(args) + ]); + local opts = std.join(" ", [buildargs_opt, cache_opt] + extra_opts); + 'docker build %s -t %s . ' % [opts, image], + ], + + push(image):: [ + 'docker push %s' % image, + ], + + push_all(images=[]):: ( + ['docker push %s' % image for image in images] + ), + + rename(src, dest):: [ + 'docker pull %s' % src, + 'docker tag %s %s' % [src, dest], + 'docker push %s' % [dest], + ], + + }, + + helm: { + templateApply(name, chartdir, namespace, vars={}):: [ + local set_opts = [ + "--set %s=%s" % [key, vars[key]] + for key in std.objectFields(vars) + ]; + + std.join(" ", [ + "charttmpdir=`mktemp -d 2>/dev/null || mktemp -d -t 'charttmpdir'`;" + + "mkdir -p ${charttmpdir};" + + "helm template -n %s --set namespace=%s %s %s --output-dir ${charttmpdir};" % [name, namespace, chartdir, std.join(" ", set_opts)] + + "chartfilenames=$(ls ${charttmpdir}/%s/templates/*.yaml);" % name + + "echo ${chartfilenames};" + + "for f in ${chartfilenames};" + + "do "+ + "if [[ $f == *.configmap.yaml ]];" + + "then kubectl replace --force -f ${f};" + + "else kubectl apply -f ${f};" + + "fi;" + + "done;" + ]), + ], + + // uses app-registry + upgrade(chartdir, appname, namespace="default", vars={}, extra_opts=[]):: [ + + local set_opts = [ + "--set %s=%s" % [key, vars[key]] + for key in std.objectFields(vars) + ]; + + std.join(" ", + [ + "helm upgrade %s --force --install %s" % [appname, chartdir], + "--namespace=%s" % namespace, + ] + + set_opts + + extra_opts), + ], + }, + + appr: { + + login(server, user, password):: [ + "appr login -u %s -p %s %s" % [user, password, server], + ], + + push(name, channel=null, force=false):: [ + std.join(" ", + ["appr push %s" % name] + + if channel != null then ["--channel %s" % channel] else [] + + if force == true then ["-f"] else []), + ], + + }, + + k8s: { + setKubeConfig(kubeconfig):: [ + "echo %s | base64 -d > kubeconfig" % kubeconfig, + "export KUBECONFIG=./kubeconfig", + ], + + waitForDeployment(deploymentName, namespace):: [ + "kubectl rollout status -w deployment/%s --namespace=%s" % [deploymentName, namespace], + ], + + createNamespace(name):: [ + "kubectl create ns %s" % name + " || true", + ], + + createPullSecret(name, namespace, server, user, password):: [ + std.join(" ", + [ + "kubectl create secret docker-registry %s" % name, + "--docker-server %s" % server, + "--docker-username %s" % user, + "--docker-password %s" % password, + "--docker-email ignored@example.com", + "--namespace=%s" % namespace, + "|| true", + ]), + ], + + get(type, name, namespace, extra_opts=[]):: [ + "kubectl get %s %s -n %s %s" % [ + type, + name, + namespace, + std.join(" ", extra_opts), + ], + ], + + apply(filepath, namespace=null, extra_opts=[]):: [ + std.join( + " ", + ["kubectl apply -f %s" % filepath] + + if namespace != null then ["--namespace %s" % namespace] else [] + + extra_opts + ), + ], + + }, + + ci: { + + mergeJob(base_job, jobs, stage=null):: { + [job_name]: base_job + jobs[job_name] + + if stage != null then { stage: stage } else {} + for job_name in std.objectFields(jobs) + }, + + only(key):: ( + if key == "master" + then { only: ['master', 'tags'] } + else { only: ['branches'] } + ), + + setManual(key, values):: ( + if std.objectHas(topSelf.set(values), key) + then { when: 'manual' } + else { only: ['branches'] } + ), + }, +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/vars.libsonnet b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/vars.libsonnet new file mode 100644 index 000000000..6648ae07a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/.gitlab-ci/vars.libsonnet @@ -0,0 +1,74 @@ +local utils = import "utils.libsonnet"; + +{ + deploy_keys: { operator_client: "$OPERATORCLENT_RSA_B64" }, + olm_repo: "github.com/operator-framework/operator-lifecycle-manager", + global: { + // .gitlab-ci.yaml top `variables` key + FAILFASTCI_NAMESPACE: "operator-framework", + // increase attempts to handle occational auth failures against gitlab.com + GET_SOURCES_ATTEMPTS: "10", + }, + + paths: { + olm: { + src: "$GOPATH/src/%s" % $.olm_repo, + }, + }, + + // internal variables + images: { + // Quay initial image, used in the Dockerfile FROM clause + base: { + repo: "quay.io/coreos/olm-ci", + tag: "base", + name: utils.containerName(self.repo, self.tag), + }, + + // release is a copy of the quayci image to the 'prod' repository + release: { + olm: { + repo: "quay.io/coreos/olm", + tag: "${CI_COMMIT_REF_SLUG}-${SHA8}", + name: utils.containerName(self.repo, self.tag), + }, + }, + + tag: { + olm: { + repo: "quay.io/coreos/olm", + tag: "${CI_COMMIT_TAG}", + name: utils.containerName(self.repo, self.tag), + }, + }, + + + ci: { + olm: { + repo: "quay.io/coreos/olm-ci", + tag: "${CI_COMMIT_REF_SLUG}", + name: utils.containerName(self.repo, self.tag), + }, + }, + + e2e: { + repo: "quay.io/coreos/olm-e2e", + tag: "${CI_COMMIT_REF_SLUG}-${SHA8}", + name: utils.containerName(self.repo, self.tag), + }, + + e2elatest: { + repo: "quay.io/coreos/olm-e2e", + tag: "latest", + name: utils.containerName(self.repo, self.tag), + }, + + prerelease: { + olm: { + repo: "quay.io/coreos/olm-ci", + tag: "${CI_COMMIT_REF_SLUG}-pre", + name: utils.containerName(self.repo, self.tag), + }, + }, + }, +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/CHANGELOG.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/CHANGELOG.md new file mode 100644 index 000000000..f4e76b3af --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/CHANGELOG.md @@ -0,0 +1,553 @@ +# Change Log + +## [0.10.1](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.10.1) (2019-06-05) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.10.0...0.10.1) + +**Closed issues:** + +- Unable to install the olm [\#882](https://github.com/operator-framework/operator-lifecycle-manager/issues/882) +- Doc for defining x-descriptors [\#808](https://github.com/operator-framework/operator-lifecycle-manager/issues/808) +- Api server backed resources missing permissions [\#804](https://github.com/operator-framework/operator-lifecycle-manager/issues/804) +- Seeing a consistent pattern of warnings installing OLM on OS3 cluster [\#803](https://github.com/operator-framework/operator-lifecycle-manager/issues/803) +- Localhost:9000 can't be accessed [\#800](https://github.com/operator-framework/operator-lifecycle-manager/issues/800) +- Unable to see operators after install/deploy the OML by following the installation guide [\#784](https://github.com/operator-framework/operator-lifecycle-manager/issues/784) +- Pull configmap-operator-registry from quay org "operator-framework" not "operatorframework" in 0.8.1 and master [\#779](https://github.com/operator-framework/operator-lifecycle-manager/issues/779) +- "no matches for kind" error during OLM installation [\#746](https://github.com/operator-framework/operator-lifecycle-manager/issues/746) +- need ability to specify roleRef in permissions [\#732](https://github.com/operator-framework/operator-lifecycle-manager/issues/732) +- none of the deployment works with okd 3.11 [\#715](https://github.com/operator-framework/operator-lifecycle-manager/issues/715) +- Subscription stuck at Upgrading [\#700](https://github.com/operator-framework/operator-lifecycle-manager/issues/700) +- Getting started guide does not work [\#677](https://github.com/operator-framework/operator-lifecycle-manager/issues/677) +- Installation sometimes fails [\#558](https://github.com/operator-framework/operator-lifecycle-manager/issues/558) +- Unhelpful "RequirementsNotMet" message when attempting to deploy Template Service Broker Operator CSV [\#543](https://github.com/operator-framework/operator-lifecycle-manager/issues/543) + +**Other changes:** + +- Bump release version to 0.10.1 [\#887](https://github.com/operator-framework/operator-lifecycle-manager/pull/887) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- Add Internal types for operators.coreos.com API group [\#877](https://github.com/operator-framework/operator-lifecycle-manager/pull/877) ([njhale](https://github.com/njhale)) +- Documentation: Fix a few typos [\#876](https://github.com/operator-framework/operator-lifecycle-manager/pull/876) ([marcoderama](https://github.com/marcoderama)) +- feat\(install\): Add new install scripts for releases, update release [\#875](https://github.com/operator-framework/operator-lifecycle-manager/pull/875) ([ecordell](https://github.com/ecordell)) +- Change Global Catalog Namespace for OpenShift [\#871](https://github.com/operator-framework/operator-lifecycle-manager/pull/871) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(operatorgroup\): Remove namespaces requirement for opgroup status [\#869](https://github.com/operator-framework/operator-lifecycle-manager/pull/869) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- docs\(release\): add basic steps for making release [\#867](https://github.com/operator-framework/operator-lifecycle-manager/pull/867) ([jpeeler](https://github.com/jpeeler)) +- update manifests to 0.10.0 [\#866](https://github.com/operator-framework/operator-lifecycle-manager/pull/866) ([jpeeler](https://github.com/jpeeler)) +- chore\(deps\): bump kube deps to 1.14 [\#864](https://github.com/operator-framework/operator-lifecycle-manager/pull/864) ([ecordell](https://github.com/ecordell)) +- fix\(catalog\): close grpc connections before deleting them [\#861](https://github.com/operator-framework/operator-lifecycle-manager/pull/861) ([ecordell](https://github.com/ecordell)) + +## [0.10.0](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.10.0) (2019-05-22) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.9.0...0.10.0) + +**Closed issues:** + +- Operator lifecycle manager and operator-sdk connection [\#862](https://github.com/operator-framework/operator-lifecycle-manager/issues/862) +- I am getting error while installing OLM [\#854](https://github.com/operator-framework/operator-lifecycle-manager/issues/854) +- Generated Subscriptions should have an owner reference to created Subscription [\#832](https://github.com/operator-framework/operator-lifecycle-manager/issues/832) +- replaces meta data for operator will throw fatal error when no previous version of operator is found. [\#831](https://github.com/operator-framework/operator-lifecycle-manager/issues/831) +- Operator catalog is created but now shown in the OLM UI [\#822](https://github.com/operator-framework/operator-lifecycle-manager/issues/822) +- After it be installed the URL to connect/use it should be informed to the user [\#785](https://github.com/operator-framework/operator-lifecycle-manager/issues/785) +- Add 'operatorgroups' to edit and view clusterroles [\#743](https://github.com/operator-framework/operator-lifecycle-manager/issues/743) +- upstream deployment: olm pod keeps crashing [\#714](https://github.com/operator-framework/operator-lifecycle-manager/issues/714) + +Other changes: + +- bump version to 0.10.0 [\#865](https://github.com/operator-framework/operator-lifecycle-manager/pull/865) ([jpeeler](https://github.com/jpeeler)) +- \(refactor\) Move csv set and replace to a package [\#860](https://github.com/operator-framework/operator-lifecycle-manager/pull/860) ([tkashem](https://github.com/tkashem)) +- fix\(unit\): Remove leftover println causing excessive log in unit test [\#859](https://github.com/operator-framework/operator-lifecycle-manager/pull/859) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- fix\(run\_console\_loca\): Fix command and improve output message [\#858](https://github.com/operator-framework/operator-lifecycle-manager/pull/858) ([camilamacedo86](https://github.com/camilamacedo86)) +- test\(olm\): test role aggregation for aggregate apiservices [\#856](https://github.com/operator-framework/operator-lifecycle-manager/pull/856) ([ecordell](https://github.com/ecordell)) +- fix\(unit\): TestUpdate no longer flakes [\#855](https://github.com/operator-framework/operator-lifecycle-manager/pull/855) ([ecordell](https://github.com/ecordell)) +- chore\(deploy\): fix release scripts [\#852](https://github.com/operator-framework/operator-lifecycle-manager/pull/852) ([ecordell](https://github.com/ecordell)) +- fix\(operatorgroup\): No targetNamespaces matched namespace selector [\#851](https://github.com/operator-framework/operator-lifecycle-manager/pull/851) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- Bug 1705649: fix olm-operators tolerations [\#850](https://github.com/operator-framework/operator-lifecycle-manager/pull/850) ([ravisantoshgudimetla](https://github.com/ravisantoshgudimetla)) +- fix\(deploy\): add missing descriptions to manifests [\#848](https://github.com/operator-framework/operator-lifecycle-manager/pull/848) ([jpeeler](https://github.com/jpeeler)) +- fix\(catalog\): fix issue where subscriptions sometimes get "stuck" [\#847](https://github.com/operator-framework/operator-lifecycle-manager/pull/847) ([ecordell](https://github.com/ecordell)) +- fix\(deploy\): add missing descriptions [\#845](https://github.com/operator-framework/operator-lifecycle-manager/pull/845) ([jpeeler](https://github.com/jpeeler)) +- Add Termination Message to Failing OLM Pods [\#844](https://github.com/operator-framework/operator-lifecycle-manager/pull/844) ([alecmerdler](https://github.com/alecmerdler)) +- Fix tolerations [\#843](https://github.com/operator-framework/operator-lifecycle-manager/pull/843) ([ravisantoshgudimetla](https://github.com/ravisantoshgudimetla)) +- fix\(catalog\): Fix subscriptions without a sourceNamespace hang forever [\#839](https://github.com/operator-framework/operator-lifecycle-manager/pull/839) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- fix\(resolver\): fixes a bug where resolved dependent subscriptions don't [\#838](https://github.com/operator-framework/operator-lifecycle-manager/pull/838) ([ecordell](https://github.com/ecordell)) +- Refactor to avoid cache races [\#837](https://github.com/operator-framework/operator-lifecycle-manager/pull/837) ([jpeeler](https://github.com/jpeeler)) +- Set limit on length of Status.Conditions of a csv [\#836](https://github.com/operator-framework/operator-lifecycle-manager/pull/836) ([tkashem](https://github.com/tkashem)) +- Fix gRPC registry pod recreation [\#835](https://github.com/operator-framework/operator-lifecycle-manager/pull/835) ([njhale](https://github.com/njhale)) +- Support semver ranges of versions to skip in the head of a channel [\#834](https://github.com/operator-framework/operator-lifecycle-manager/pull/834) ([ecordell](https://github.com/ecordell)) +- test\(e2e\): wait for deployment to exist in csv replacement test [\#833](https://github.com/operator-framework/operator-lifecycle-manager/pull/833) ([ecordell](https://github.com/ecordell)) +- Always set LastTransitionTime in OperatorStatusCondition [\#830](https://github.com/operator-framework/operator-lifecycle-manager/pull/830) ([soltysh](https://github.com/soltysh)) +- Revert "chore\(cvo\): remove ClusterOperator from manifests" [\#828](https://github.com/operator-framework/operator-lifecycle-manager/pull/828) ([ecordell](https://github.com/ecordell)) +- fix\(olm\): Fix the issue with missing events due to rate limit [\#827](https://github.com/operator-framework/operator-lifecycle-manager/pull/827) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- chore\(cvo\): remove ClusterOperator from manifests [\#826](https://github.com/operator-framework/operator-lifecycle-manager/pull/826) ([ecordell](https://github.com/ecordell)) +- Add node-selector annotation to namespace [\#824](https://github.com/operator-framework/operator-lifecycle-manager/pull/824) ([ravisantoshgudimetla](https://github.com/ravisantoshgudimetla)) +- chore\(cvo\): update openshift/api so that OperatorFailing is changed to OperatorDegraded [\#823](https://github.com/operator-framework/operator-lifecycle-manager/pull/823) ([ecordell](https://github.com/ecordell)) +- Add validation details for `spec.maturity` field [\#821](https://github.com/operator-framework/operator-lifecycle-manager/pull/821) ([tlwu2013](https://github.com/tlwu2013)) +- Subscription Status InstallPlan References [\#820](https://github.com/operator-framework/operator-lifecycle-manager/pull/820) ([njhale](https://github.com/njhale)) +- Add priorityClassName [\#817](https://github.com/operator-framework/operator-lifecycle-manager/pull/817) ([jianzhangbjz](https://github.com/jianzhangbjz)) +- Update catalog if image changes [\#816](https://github.com/operator-framework/operator-lifecycle-manager/pull/816) ([ecordell](https://github.com/ecordell)) +- feat\(packageserver\): add additional info to package server output [\#813](https://github.com/operator-framework/operator-lifecycle-manager/pull/813) ([ecordell](https://github.com/ecordell)) +- feat\(rbac\): restrict permissions for namespace admins [\#812](https://github.com/operator-framework/operator-lifecycle-manager/pull/812) ([ecordell](https://github.com/ecordell)) +- chore\(cvo\): report progressing=true if the version has updated [\#811](https://github.com/operator-framework/operator-lifecycle-manager/pull/811) ([ecordell](https://github.com/ecordell)) +- add logging and separate muxer for metrics [\#809](https://github.com/operator-framework/operator-lifecycle-manager/pull/809) ([jpeeler](https://github.com/jpeeler)) +- fix\(catalog\): recreate registry pods when deleted [\#807](https://github.com/operator-framework/operator-lifecycle-manager/pull/807) ([njhale](https://github.com/njhale)) +- documentation: Fix a few typos. [\#806](https://github.com/operator-framework/operator-lifecycle-manager/pull/806) ([marcoderama](https://github.com/marcoderama)) +- Garbage Collection for OperatorGroup RBAC [\#795](https://github.com/operator-framework/operator-lifecycle-manager/pull/795) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(olm\): generate aggregated clusterroles for ownnamespace operatorgroups correctly [\#794](https://github.com/operator-framework/operator-lifecycle-manager/pull/794) ([ecordell](https://github.com/ecordell)) +- Fixing indentation for spec field [\#787](https://github.com/operator-framework/operator-lifecycle-manager/pull/787) ([bergerhoffer](https://github.com/bergerhoffer)) +- Add support for Windows WSL in run\_console\_local.sh [\#768](https://github.com/operator-framework/operator-lifecycle-manager/pull/768) ([leszko](https://github.com/leszko)) +- fix the labels.provider of packagemanifest issue [\#766](https://github.com/operator-framework/operator-lifecycle-manager/pull/766) ([jianzhangbjz](https://github.com/jianzhangbjz)) +- fix\(deployment\): Clean up orphaned deployments [\#759](https://github.com/operator-framework/operator-lifecycle-manager/pull/759) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- Add Provided APIs to PackageManifest [\#754](https://github.com/operator-framework/operator-lifecycle-manager/pull/754) ([alecmerdler](https://github.com/alecmerdler)) +- Fix small typo. [\#751](https://github.com/operator-framework/operator-lifecycle-manager/pull/751) ([lveyde](https://github.com/lveyde)) +- fix\(olm\): add deletion monitoring for api services [\#750](https://github.com/operator-framework/operator-lifecycle-manager/pull/750) ([jpeeler](https://github.com/jpeeler)) + +## [0.9.0](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.9.0) (2019-04-11) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.8.1...0.9.0) + +**Implemented enhancements:** + +- feat\(packageserver\): support apps.redhat.com and operators.coreos.com [\#788](https://github.com/operator-framework/operator-lifecycle-manager/pull/788) ([njhale](https://github.com/njhale)) +- fix\(metrics\): add service monitor config [\#682](https://github.com/operator-framework/operator-lifecycle-manager/pull/682) ([jpeeler](https://github.com/jpeeler)) + +**Fixed bugs:** + +- fix\(annotation\): don't annotate deployments that aren't owned by a CSV [\#792](https://github.com/operator-framework/operator-lifecycle-manager/pull/792) ([ecordell](https://github.com/ecordell)) +- fix\(packageserver\): add struct tags to PackageManifestList [\#791](https://github.com/operator-framework/operator-lifecycle-manager/pull/791) ([njhale](https://github.com/njhale)) +- fix\(olm\): use hashes for provided api labels [\#778](https://github.com/operator-framework/operator-lifecycle-manager/pull/778) ([ecordell](https://github.com/ecordell)) + +**Closed issues:** + +- git add issue [\#797](https://github.com/operator-framework/operator-lifecycle-manager/issues/797) +- Unable to install the latest version on minishift [\#780](https://github.com/operator-framework/operator-lifecycle-manager/issues/780) +- scripts/install\_local.sh: upstream-operators.catalogsource.yaml not written correctly [\#772](https://github.com/operator-framework/operator-lifecycle-manager/issues/772) +- flag provided but not defined: -writeStatusName [\#770](https://github.com/operator-framework/operator-lifecycle-manager/issues/770) +- ClusterServiceVersion Status: Failed [\#769](https://github.com/operator-framework/operator-lifecycle-manager/issues/769) +- Upstream quickstart and latest manifests should deploy same OLM image [\#747](https://github.com/operator-framework/operator-lifecycle-manager/issues/747) + +**Other changes:** + +- Fix modules [\#805](https://github.com/operator-framework/operator-lifecycle-manager/pull/805) ([njhale](https://github.com/njhale)) +- Cut Release 0.9.0 [\#802](https://github.com/operator-framework/operator-lifecycle-manager/pull/802) ([alecmerdler](https://github.com/alecmerdler)) +- Bump OLM Release Version to 0.9.0 [\#801](https://github.com/operator-framework/operator-lifecycle-manager/pull/801) ([alecmerdler](https://github.com/alecmerdler)) +- Update Kubernetes dependencies to 1.12.7 [\#793](https://github.com/operator-framework/operator-lifecycle-manager/pull/793) ([jpeeler](https://github.com/jpeeler)) +- chore\(build\): build binaries locally and load them into containers [\#777](https://github.com/operator-framework/operator-lifecycle-manager/pull/777) ([ecordell](https://github.com/ecordell)) +- chore\(catalog\): add ClusterOperator status for catalog operator [\#776](https://github.com/operator-framework/operator-lifecycle-manager/pull/776) ([ecordell](https://github.com/ecordell)) +- chore\(deploy\): set priorityclass on olm pods [\#775](https://github.com/operator-framework/operator-lifecycle-manager/pull/775) ([ecordell](https://github.com/ecordell)) +- chore\(api\): bump operatorgroup and packagemanifest to v1 [\#774](https://github.com/operator-framework/operator-lifecycle-manager/pull/774) ([ecordell](https://github.com/ecordell)) +- chore\(manifests\): recut 0.8.1 [\#771](https://github.com/operator-framework/operator-lifecycle-manager/pull/771) ([njhale](https://github.com/njhale)) +- docs\(subscriptions\): add improved sub status proposal [\#741](https://github.com/operator-framework/operator-lifecycle-manager/pull/741) ([njhale](https://github.com/njhale)) + +## [0.8.1](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.8.1) (2019-03-20) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.7.1...0.8.1) + +**Implemented enhancements:** + +- Grant namespace list to global operators [\#764](https://github.com/operator-framework/operator-lifecycle-manager/pull/764) ([ecordell](https://github.com/ecordell)) +- feat\(csv\): requeue csvs on change to CRDs [\#763](https://github.com/operator-framework/operator-lifecycle-manager/pull/763) ([njhale](https://github.com/njhale)) +- Add upstream catalog [\#762](https://github.com/operator-framework/operator-lifecycle-manager/pull/762) ([ecordell](https://github.com/ecordell)) +- refactor\(images\): use operator-framework namespace for all olm images [\#752](https://github.com/operator-framework/operator-lifecycle-manager/pull/752) ([njhale](https://github.com/njhale)) +- clusteroperator: Report when OLM reaches "level" and check syncs [\#748](https://github.com/operator-framework/operator-lifecycle-manager/pull/748) ([smarterclayton](https://github.com/smarterclayton)) +- feat\(test\): adds CSV phase reporting for package server [\#745](https://github.com/operator-framework/operator-lifecycle-manager/pull/745) ([jpeeler](https://github.com/jpeeler)) +- Add minKubeVersion validation to templates [\#739](https://github.com/operator-framework/operator-lifecycle-manager/pull/739) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- OperatorGroup expansion/contraction [\#736](https://github.com/operator-framework/operator-lifecycle-manager/pull/736) ([ecordell](https://github.com/ecordell)) +- docs\(operatorgroups\): add more extensive docs [\#721](https://github.com/operator-framework/operator-lifecycle-manager/pull/721) ([njhale](https://github.com/njhale)) +- add all-in-one yaml and helper script [\#720](https://github.com/operator-framework/operator-lifecycle-manager/pull/720) ([dmesser](https://github.com/dmesser)) +- feat\(csv\): allow use verb in permissions [\#717](https://github.com/operator-framework/operator-lifecycle-manager/pull/717) ([ecordell](https://github.com/ecordell)) +- Add Graceful Shutdown to PackageManifest Server [\#711](https://github.com/operator-framework/operator-lifecycle-manager/pull/711) ([alecmerdler](https://github.com/alecmerdler)) +- feat\(catalogsource\): allow grpc source types that don't require an image [\#709](https://github.com/operator-framework/operator-lifecycle-manager/pull/709) ([njhale](https://github.com/njhale)) +- remove minishift support [\#704](https://github.com/operator-framework/operator-lifecycle-manager/pull/704) ([leseb](https://github.com/leseb)) +- fix\(packagemanifest\): Add InstallModes info from CSV to PackageManifest [\#697](https://github.com/operator-framework/operator-lifecycle-manager/pull/697) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- fix\(installplans\): add ability to apply Services [\#674](https://github.com/operator-framework/operator-lifecycle-manager/pull/674) ([njhale](https://github.com/njhale)) +- test\(validation\): add test to verify OLM can use bundles with CRDs with min/max fields [\#672](https://github.com/operator-framework/operator-lifecycle-manager/pull/672) ([njhale](https://github.com/njhale)) +- test\(catalog\): add e2e test to verify configmap changes are detected [\#670](https://github.com/operator-framework/operator-lifecycle-manager/pull/670) ([ecordell](https://github.com/ecordell)) +- fix\(operatorgroups\): write out CSV status on OperatorGroup issues [\#669](https://github.com/operator-framework/operator-lifecycle-manager/pull/669) ([njhale](https://github.com/njhale)) +- Add minimum kube version to CSV & check it against server version [\#663](https://github.com/operator-framework/operator-lifecycle-manager/pull/663) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- Watch all namespaces in local setup by removing watchedNamespaces in local-values [\#657](https://github.com/operator-framework/operator-lifecycle-manager/pull/657) ([chancez](https://github.com/chancez)) +- Write cluster operator status after successful startup \(attempt \#2\) [\#652](https://github.com/operator-framework/operator-lifecycle-manager/pull/652) ([jpeeler](https://github.com/jpeeler)) +- Consume Operator Registry from PackageManifest Server [\#650](https://github.com/operator-framework/operator-lifecycle-manager/pull/650) ([njhale](https://github.com/njhale)) +- update codegen for 2019 [\#646](https://github.com/operator-framework/operator-lifecycle-manager/pull/646) ([jcantrill](https://github.com/jcantrill)) +- test\(catalog\): add an e2e test verifying that the rh-operators catalog starts [\#643](https://github.com/operator-framework/operator-lifecycle-manager/pull/643) ([ecordell](https://github.com/ecordell)) +- feat\(csv\): add installmodes to CSV spec [\#640](https://github.com/operator-framework/operator-lifecycle-manager/pull/640) ([njhale](https://github.com/njhale)) +- feat\(resolver\): take all subscriptions into account when resolving [\#638](https://github.com/operator-framework/operator-lifecycle-manager/pull/638) ([ecordell](https://github.com/ecordell)) +- Requeue subscriptions on catalogsource change [\#633](https://github.com/operator-framework/operator-lifecycle-manager/pull/633) ([ecordell](https://github.com/ecordell)) +- Add view permissions for CRDs on provided APIs [\#618](https://github.com/operator-framework/operator-lifecycle-manager/pull/618) ([ecordell](https://github.com/ecordell)) +- Require pluralname for APIServiceDefinitions in CSVs [\#617](https://github.com/operator-framework/operator-lifecycle-manager/pull/617) ([ecordell](https://github.com/ecordell)) +- Verify CRD's condition to ensure it's registered with k8s API \(rebased\) [\#614](https://github.com/operator-framework/operator-lifecycle-manager/pull/614) ([jpeeler](https://github.com/jpeeler)) +- chore\(release\): switch image-reference tag to operator-lifecycle-manager [\#612](https://github.com/operator-framework/operator-lifecycle-manager/pull/612) ([ecordell](https://github.com/ecordell)) +- feat\(package-server\): create subscription manifest [\#609](https://github.com/operator-framework/operator-lifecycle-manager/pull/609) ([njhale](https://github.com/njhale)) +- use quay.io vs registry.reg-aws.openshift.com [\#608](https://github.com/operator-framework/operator-lifecycle-manager/pull/608) ([jboyd01](https://github.com/jboyd01)) +- feat\(ci\): remove e2e tests from gitlab [\#602](https://github.com/operator-framework/operator-lifecycle-manager/pull/602) ([ecordell](https://github.com/ecordell)) +- feat\(package-server\): self-host package-server with CSV [\#594](https://github.com/operator-framework/operator-lifecycle-manager/pull/594) ([njhale](https://github.com/njhale)) +- test\(csv\): use mock-ext-server for owned apiservice e2e test [\#593](https://github.com/operator-framework/operator-lifecycle-manager/pull/593) ([njhale](https://github.com/njhale)) +- Add operator namespace [\#591](https://github.com/operator-framework/operator-lifecycle-manager/pull/591) ([jpeeler](https://github.com/jpeeler)) +- Don't process CSVs without operatorgroup [\#589](https://github.com/operator-framework/operator-lifecycle-manager/pull/589) ([ecordell](https://github.com/ecordell)) +- Adding description to package manifest object [\#587](https://github.com/operator-framework/operator-lifecycle-manager/pull/587) ([galletti94](https://github.com/galletti94)) +- Propagate Labels from `CatalogSource` to `PackageManifests` [\#576](https://github.com/operator-framework/operator-lifecycle-manager/pull/576) ([alecmerdler](https://github.com/alecmerdler)) +- Make use a valid clusterPermissions rule verb [\#575](https://github.com/operator-framework/operator-lifecycle-manager/pull/575) ([wongma7](https://github.com/wongma7)) +- Create role bindings for operator service accounts [\#571](https://github.com/operator-framework/operator-lifecycle-manager/pull/571) ([ecordell](https://github.com/ecordell)) +- feat\(olm\): use cache listers in olm-operator [\#569](https://github.com/operator-framework/operator-lifecycle-manager/pull/569) ([njhale](https://github.com/njhale)) +- Operator group follow ups [\#568](https://github.com/operator-framework/operator-lifecycle-manager/pull/568) ([jpeeler](https://github.com/jpeeler)) +- feat\(mocks\): generate fakes and mocks in a container [\#564](https://github.com/operator-framework/operator-lifecycle-manager/pull/564) ([njhale](https://github.com/njhale)) +- Remove ns annotator [\#563](https://github.com/operator-framework/operator-lifecycle-manager/pull/563) ([ecordell](https://github.com/ecordell)) +- Create registry pods for ConfigMap CatalogSources [\#556](https://github.com/operator-framework/operator-lifecycle-manager/pull/556) ([ecordell](https://github.com/ecordell)) +- Switch to go modules [\#554](https://github.com/operator-framework/operator-lifecycle-manager/pull/554) ([ecordell](https://github.com/ecordell)) +- feat\(make\): add e2e command for running from ci-operator [\#552](https://github.com/operator-framework/operator-lifecycle-manager/pull/552) ([ecordell](https://github.com/ecordell)) +- Add test case for supporting multi-version CRD [\#548](https://github.com/operator-framework/operator-lifecycle-manager/pull/548) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- Verify Native APIs Present for ClusterServiceVersion [\#541](https://github.com/operator-framework/operator-lifecycle-manager/pull/541) ([alecmerdler](https://github.com/alecmerdler)) +- feat\(csv\): detect req and dep change in succeeded/failed phases [\#536](https://github.com/operator-framework/operator-lifecycle-manager/pull/536) ([njhale](https://github.com/njhale)) +- Add `assign` verb to csv crd [\#531](https://github.com/operator-framework/operator-lifecycle-manager/pull/531) ([eriknelson](https://github.com/eriknelson)) +- Emit Kubernetes Events for ClusterServiceVersion [\#530](https://github.com/operator-framework/operator-lifecycle-manager/pull/530) ([alecmerdler](https://github.com/alecmerdler)) +- feat\(csv\): add cert rotation for owned APIServices [\#525](https://github.com/operator-framework/operator-lifecycle-manager/pull/525) ([njhale](https://github.com/njhale)) +- Pass Annotations to PackageManifests [\#521](https://github.com/operator-framework/operator-lifecycle-manager/pull/521) ([alecmerdler](https://github.com/alecmerdler)) +- feat\(deploy\): add debug variable to all deployments [\#518](https://github.com/operator-framework/operator-lifecycle-manager/pull/518) ([jpeeler](https://github.com/jpeeler)) +- feat\(build\): allow skipping minikube during local builds [\#516](https://github.com/operator-framework/operator-lifecycle-manager/pull/516) ([jpeeler](https://github.com/jpeeler)) +- Add possible nonResourceURL verbs to validation [\#511](https://github.com/operator-framework/operator-lifecycle-manager/pull/511) ([eriknelson](https://github.com/eriknelson)) +- Add CatalogSource-Specific Fields to PackageManifest [\#505](https://github.com/operator-framework/operator-lifecycle-manager/pull/505) ([alecmerdler](https://github.com/alecmerdler)) +- Add Runlevels + docker labels [\#502](https://github.com/operator-framework/operator-lifecycle-manager/pull/502) ([ecordell](https://github.com/ecordell)) +- Make use a valid clusterPermissions rule verb [\#499](https://github.com/operator-framework/operator-lifecycle-manager/pull/499) ([wongma7](https://github.com/wongma7)) +- Always Return Global `PackageManifests` [\#494](https://github.com/operator-framework/operator-lifecycle-manager/pull/494) ([alecmerdler](https://github.com/alecmerdler)) +- refine cluster-admin OLM workflow [\#482](https://github.com/operator-framework/operator-lifecycle-manager/pull/482) ([madorn](https://github.com/madorn)) +- add OperatorGroup [\#480](https://github.com/operator-framework/operator-lifecycle-manager/pull/480) ([jpeeler](https://github.com/jpeeler)) +- feat\(olm\): add RBAC requirements check for CSVs [\#479](https://github.com/operator-framework/operator-lifecycle-manager/pull/479) ([njhale](https://github.com/njhale)) +- Allow resolving ClusterRoles [\#477](https://github.com/operator-framework/operator-lifecycle-manager/pull/477) ([ecordell](https://github.com/ecordell)) +- Implement Watch for `PackageManifest` API [\#476](https://github.com/operator-framework/operator-lifecycle-manager/pull/476) ([alecmerdler](https://github.com/alecmerdler)) + +**Fixed bugs:** + +- OLM Unable to Upgrade Through Multiple Versions [\#755](https://github.com/operator-framework/operator-lifecycle-manager/issues/755) +- Subscription steps through multiple upgrades [\#761](https://github.com/operator-framework/operator-lifecycle-manager/pull/761) ([ecordell](https://github.com/ecordell)) +- Fix typo - k8s version format [\#760](https://github.com/operator-framework/operator-lifecycle-manager/pull/760) ([tlwu2013](https://github.com/tlwu2013)) +- fix\(csv\): properly detect apiservice and crd conflicts [\#758](https://github.com/operator-framework/operator-lifecycle-manager/pull/758) ([njhale](https://github.com/njhale)) +- Emit `InstallSucceeded` Event for CSV [\#749](https://github.com/operator-framework/operator-lifecycle-manager/pull/749) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(packageserver\): set packageserver to IfNotPresent [\#738](https://github.com/operator-framework/operator-lifecycle-manager/pull/738) ([ecordell](https://github.com/ecordell)) +- fix\(installmodes\): update support logic to match expected behavior [\#733](https://github.com/operator-framework/operator-lifecycle-manager/pull/733) ([njhale](https://github.com/njhale)) +- fix\(packagesever\): add missing name field to api definition [\#731](https://github.com/operator-framework/operator-lifecycle-manager/pull/731) ([ecordell](https://github.com/ecordell)) +- fix\(owners\): remove cross-namespace and cluster-\>namespace ownerrefs [\#729](https://github.com/operator-framework/operator-lifecycle-manager/pull/729) ([ecordell](https://github.com/ecordell)) +- fix\(csv\): remove regex on base64 image data [\#723](https://github.com/operator-framework/operator-lifecycle-manager/pull/723) ([ecordell](https://github.com/ecordell)) +- fix\(ocp\): add csv and deployment for package server [\#722](https://github.com/operator-framework/operator-lifecycle-manager/pull/722) ([jpeeler](https://github.com/jpeeler)) +- Fix API Validation for `OperatorGroup` Spec [\#716](https://github.com/operator-framework/operator-lifecycle-manager/pull/716) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(manifests\): start manifest file names with 0000\_50\_olm\_\* [\#712](https://github.com/operator-framework/operator-lifecycle-manager/pull/712) ([njhale](https://github.com/njhale)) +- fix\(olm\): properly detect cluster operator API [\#710](https://github.com/operator-framework/operator-lifecycle-manager/pull/710) ([jpeeler](https://github.com/jpeeler)) +- fix\(registry-pods\): add everything toleration to registry pods [\#708](https://github.com/operator-framework/operator-lifecycle-manager/pull/708) ([njhale](https://github.com/njhale)) +- Make e2e more robust [\#703](https://github.com/operator-framework/operator-lifecycle-manager/pull/703) ([jpeeler](https://github.com/jpeeler)) +- fix\(deploy\): Add a component prefix to manifests [\#702](https://github.com/operator-framework/operator-lifecycle-manager/pull/702) ([smarterclayton](https://github.com/smarterclayton)) +- fix\(csv\): only allow one CSV per provided API across intersecting operatorgroups [\#701](https://github.com/operator-framework/operator-lifecycle-manager/pull/701) ([njhale](https://github.com/njhale)) +- fix\(olm\): Remove the "v" prefix in minKubeVersion if presents [\#699](https://github.com/operator-framework/operator-lifecycle-manager/pull/699) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- Fix README.md links for CRDs, Descriptor, and Package [\#695](https://github.com/operator-framework/operator-lifecycle-manager/pull/695) ([ron1](https://github.com/ron1)) +- fix\(olm\): Fix CSVs api-servers battle for ownership of APIServices [\#690](https://github.com/operator-framework/operator-lifecycle-manager/pull/690) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- fix\(subscriptions\): fix race between subscription sync and cache [\#689](https://github.com/operator-framework/operator-lifecycle-manager/pull/689) ([njhale](https://github.com/njhale)) +- fix\(reconciler\): set command in pod spec of registry images [\#688](https://github.com/operator-framework/operator-lifecycle-manager/pull/688) ([ecordell](https://github.com/ecordell)) +- fix\(permissions\): Generate unique Names for permissions [\#687](https://github.com/operator-framework/operator-lifecycle-manager/pull/687) ([ecordell](https://github.com/ecordell)) +- Correct URL for Package Server CSV Link [\#685](https://github.com/operator-framework/operator-lifecycle-manager/pull/685) ([alecmerdler](https://github.com/alecmerdler)) +- Ensure Owner References on ConfigMaps for CatalogSources [\#681](https://github.com/operator-framework/operator-lifecycle-manager/pull/681) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(cm-reconciler\): query for pods to overwrite by CatalogSource label [\#680](https://github.com/operator-framework/operator-lifecycle-manager/pull/680) ([njhale](https://github.com/njhale)) +- fix\(installplan\): fix bug where too many installplans can be created [\#679](https://github.com/operator-framework/operator-lifecycle-manager/pull/679) ([ecordell](https://github.com/ecordell)) +- fix\(subscriptions\): respect startingCSV [\#676](https://github.com/operator-framework/operator-lifecycle-manager/pull/676) ([njhale](https://github.com/njhale)) +- Add view role verbs to admin/edit role aggregation. [\#673](https://github.com/operator-framework/operator-lifecycle-manager/pull/673) ([cliles](https://github.com/cliles)) +- add view rbac to 'admin' and 'edit' default roles [\#671](https://github.com/operator-framework/operator-lifecycle-manager/pull/671) ([aweiteka](https://github.com/aweiteka)) +- fix\(packageserver\): don't error out when listing [\#667](https://github.com/operator-framework/operator-lifecycle-manager/pull/667) ([njhale](https://github.com/njhale)) +- fix\(operatorgroups\): use copied csv for update status [\#665](https://github.com/operator-framework/operator-lifecycle-manager/pull/665) ([njhale](https://github.com/njhale)) +- fix\(deploy\): add linux nodeselector [\#653](https://github.com/operator-framework/operator-lifecycle-manager/pull/653) ([ecordell](https://github.com/ecordell)) +- fix\(metrics\): remove resources that aren't updated [\#637](https://github.com/operator-framework/operator-lifecycle-manager/pull/637) ([jpeeler](https://github.com/jpeeler)) +- fix\(crds\): remove category all from CRDs [\#636](https://github.com/operator-framework/operator-lifecycle-manager/pull/636) ([ecordell](https://github.com/ecordell)) +- fix\(charts\): add operator\_namespace to run-local values [\#634](https://github.com/operator-framework/operator-lifecycle-manager/pull/634) ([njhale](https://github.com/njhale)) +- fix\(deploy\): add runlevel to openshift-operators [\#620](https://github.com/operator-framework/operator-lifecycle-manager/pull/620) ([ecordell](https://github.com/ecordell)) +- fix\(olm\): don't annotate target namespace on copied CSVs [\#616](https://github.com/operator-framework/operator-lifecycle-manager/pull/616) ([jpeeler](https://github.com/jpeeler)) +- fix\(e2e\): make operator group test more robust [\#603](https://github.com/operator-framework/operator-lifecycle-manager/pull/603) ([jpeeler](https://github.com/jpeeler)) +- fix\(e2e\): fix CSV tests [\#599](https://github.com/operator-framework/operator-lifecycle-manager/pull/599) ([njhale](https://github.com/njhale)) +- Fix a typo in documentation [\#596](https://github.com/operator-framework/operator-lifecycle-manager/pull/596) ([smanpathak](https://github.com/smanpathak)) +- Fix `client-go` Dependency [\#592](https://github.com/operator-framework/operator-lifecycle-manager/pull/592) ([alecmerdler](https://github.com/alecmerdler)) +- Fix Panic in PackageManifest Server [\#590](https://github.com/operator-framework/operator-lifecycle-manager/pull/590) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(annotations\): merge CSV and pod template annotations when installing deployments [\#585](https://github.com/operator-framework/operator-lifecycle-manager/pull/585) ([njhale](https://github.com/njhale)) +- Add `packagemanifest:aggregated-apiserver-clusterrole` [\#583](https://github.com/operator-framework/operator-lifecycle-manager/pull/583) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(csv-requeue\): requeue on namespace all if all namespaces are watched [\#572](https://github.com/operator-framework/operator-lifecycle-manager/pull/572) ([njhale](https://github.com/njhale)) +- Fix Go Modules [\#561](https://github.com/operator-framework/operator-lifecycle-manager/pull/561) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(queueInformers\): use separate queue for each namespace [\#560](https://github.com/operator-framework/operator-lifecycle-manager/pull/560) ([njhale](https://github.com/njhale)) +- fix\(olm\): set lister up for deployments [\#550](https://github.com/operator-framework/operator-lifecycle-manager/pull/550) ([jpeeler](https://github.com/jpeeler)) +- Fix olm pod name so log to be written correctly to olm.log [\#549](https://github.com/operator-framework/operator-lifecycle-manager/pull/549) ([dinhxuanvu](https://github.com/dinhxuanvu)) +- Fix template values for 'olm' parameters [\#537](https://github.com/operator-framework/operator-lifecycle-manager/pull/537) ([rhuss](https://github.com/rhuss)) +- fix\(e2e\): switch to port 5443 for owned apiservice test [\#527](https://github.com/operator-framework/operator-lifecycle-manager/pull/527) ([njhale](https://github.com/njhale)) +- fix\(package-server\): make secure port configurable and default to 5443 [\#524](https://github.com/operator-framework/operator-lifecycle-manager/pull/524) ([ecordell](https://github.com/ecordell)) +- fix\(olm\): don't annotate namespaces on operator creation [\#523](https://github.com/operator-framework/operator-lifecycle-manager/pull/523) ([ecordell](https://github.com/ecordell)) +- fix\(build\): add cleanup for package release files [\#517](https://github.com/operator-framework/operator-lifecycle-manager/pull/517) ([jpeeler](https://github.com/jpeeler)) +- fix\(metrics\): use CRD client instead of k8s [\#515](https://github.com/operator-framework/operator-lifecycle-manager/pull/515) ([jpeeler](https://github.com/jpeeler)) +- fix\(requirements\): add support for non resource url rules [\#514](https://github.com/operator-framework/operator-lifecycle-manager/pull/514) ([njhale](https://github.com/njhale)) +- Rewrite Namespace when Fetching Global PackageManifests [\#513](https://github.com/operator-framework/operator-lifecycle-manager/pull/513) ([alecmerdler](https://github.com/alecmerdler)) +- Small log statement fix with olm requirements [\#508](https://github.com/operator-framework/operator-lifecycle-manager/pull/508) ([eriknelson](https://github.com/eriknelson)) +- fix\(requirements\): remove extra empty permission requirement statuses [\#506](https://github.com/operator-framework/operator-lifecycle-manager/pull/506) ([njhale](https://github.com/njhale)) +- fix\(ci\): use deployment namespace for catalog\_namespace [\#504](https://github.com/operator-framework/operator-lifecycle-manager/pull/504) ([njhale](https://github.com/njhale)) +- fix 30\_14-imagestream.yaml formatting [\#500](https://github.com/operator-framework/operator-lifecycle-manager/pull/500) ([mrogers950](https://github.com/mrogers950)) +- Add missing binary to fix run-local-shift [\#497](https://github.com/operator-framework/operator-lifecycle-manager/pull/497) ([font](https://github.com/font)) +- feat\(csv\): install owned APIServices [\#492](https://github.com/operator-framework/operator-lifecycle-manager/pull/492) ([njhale](https://github.com/njhale)) +- fix\(build\): don't vendor [\#490](https://github.com/operator-framework/operator-lifecycle-manager/pull/490) ([ecordell](https://github.com/ecordell)) +- fix\(deploy\): yaml error in imagereferences [\#486](https://github.com/operator-framework/operator-lifecycle-manager/pull/486) ([ecordell](https://github.com/ecordell)) +- fix\(deploy\): only use replace on configmaps [\#483](https://github.com/operator-framework/operator-lifecycle-manager/pull/483) ([ecordell](https://github.com/ecordell)) + +**Closed issues:** + +- Continuous Delivery via OLM [\#742](https://github.com/operator-framework/operator-lifecycle-manager/issues/742) +- Operator install plans fail w/repeat count regexp parsing error with OLM 0.8.1+ on OCP 3.11 [\#735](https://github.com/operator-framework/operator-lifecycle-manager/issues/735) +- Generated aggregated cluster roles contains group id in resource name [\#730](https://github.com/operator-framework/operator-lifecycle-manager/issues/730) +- package server panic when deploying operator source from operator-marketplace [\#728](https://github.com/operator-framework/operator-lifecycle-manager/issues/728) +- Help needed with CR display name [\#725](https://github.com/operator-framework/operator-lifecycle-manager/issues/725) +- OLM complains with "Policy rule not satisfied for service account" [\#724](https://github.com/operator-framework/operator-lifecycle-manager/issues/724) +- operator does not upgrade packagserver [\#706](https://github.com/operator-framework/operator-lifecycle-manager/issues/706) +- Unable to deploy OLM on minishift [\#705](https://github.com/operator-framework/operator-lifecycle-manager/issues/705) +- How to enable all workspaces so that OLM watches them? [\#698](https://github.com/operator-framework/operator-lifecycle-manager/issues/698) +- README links to CRDs, Descriptors, and Packages are broken [\#694](https://github.com/operator-framework/operator-lifecycle-manager/issues/694) +- MountVolume.SetUp failed for volume "config-volume" : secrets "alertmanager-alertmanager-main" not found [\#648](https://github.com/operator-framework/operator-lifecycle-manager/issues/648) +- Use CR definitions instead of configmap data [\#644](https://github.com/operator-framework/operator-lifecycle-manager/issues/644) +- `make run-local` for Minikube fails with "packageserver" deployment failure [\#642](https://github.com/operator-framework/operator-lifecycle-manager/issues/642) +- Question: instalingl the OLM via the CVO [\#628](https://github.com/operator-framework/operator-lifecycle-manager/issues/628) +- change catalog operator default namespace [\#627](https://github.com/operator-framework/operator-lifecycle-manager/issues/627) +- manifests: OLM is creating a namespace without run-level [\#619](https://github.com/operator-framework/operator-lifecycle-manager/issues/619) +- Non operator-sdk operators [\#610](https://github.com/operator-framework/operator-lifecycle-manager/issues/610) +- Unable to retrieve pull secret openshift-operator-lifecycle-manager/coreos-pull-secret for openshift-operator-lifecycle-manager/olm-operator... [\#607](https://github.com/operator-framework/operator-lifecycle-manager/issues/607) +- package-server pod keeps crashing [\#598](https://github.com/operator-framework/operator-lifecycle-manager/issues/598) +- OLM GUI does not have permission to list its OLM CRDs [\#597](https://github.com/operator-framework/operator-lifecycle-manager/issues/597) +- OLM compatibility with cluster monitoring Operator [\#581](https://github.com/operator-framework/operator-lifecycle-manager/issues/581) +- ClusterRoleBinding against aggregated-apiserver-clusterrole without role manifest [\#577](https://github.com/operator-framework/operator-lifecycle-manager/issues/577) +- Failed to update catalog source `rh-operators` status [\#544](https://github.com/operator-framework/operator-lifecycle-manager/issues/544) +- Latest console image is broken [\#540](https://github.com/operator-framework/operator-lifecycle-manager/issues/540) +- Question: How to "enable" the OLM in the console for Minishift ? [\#538](https://github.com/operator-framework/operator-lifecycle-manager/issues/538) +- olm-operator local run expects `master` image tag which is unavailable [\#529](https://github.com/operator-framework/operator-lifecycle-manager/issues/529) +- CSV waits for wrong CRD version to be available [\#507](https://github.com/operator-framework/operator-lifecycle-manager/issues/507) +- Add support for specifying multiple CRDs in one yaml file [\#495](https://github.com/operator-framework/operator-lifecycle-manager/issues/495) +- make run-local-shift fails on minishift due to the lack of helm [\#488](https://github.com/operator-framework/operator-lifecycle-manager/issues/488) +- CSV support for ClusterRoles [\#473](https://github.com/operator-framework/operator-lifecycle-manager/issues/473) + +**Other changes:** + +- docs\(git\): add changelog [\#765](https://github.com/operator-framework/operator-lifecycle-manager/pull/765) ([njhale](https://github.com/njhale)) +- chore\(manifests\): regenerate manifests to include new anyOf validation [\#744](https://github.com/operator-framework/operator-lifecycle-manager/pull/744) ([njhale](https://github.com/njhale)) +- docs: update CSV link [\#713](https://github.com/operator-framework/operator-lifecycle-manager/pull/713) ([robszumski](https://github.com/robszumski)) +- chore\(deploy\): use downstream image for openshift builds [\#693](https://github.com/operator-framework/operator-lifecycle-manager/pull/693) ([ecordell](https://github.com/ecordell)) +- chore\(modules\): update operator-registry module to v1.0.6 [\#691](https://github.com/operator-framework/operator-lifecycle-manager/pull/691) ([njhale](https://github.com/njhale)) +- Add godoc for InstallModeTypes [\#683](https://github.com/operator-framework/operator-lifecycle-manager/pull/683) ([pmorie](https://github.com/pmorie)) +- chore\(deploy\): change 30 prefix to 50 [\#678](https://github.com/operator-framework/operator-lifecycle-manager/pull/678) ([ecordell](https://github.com/ecordell)) +- Cut 0.8.1 [\#662](https://github.com/operator-framework/operator-lifecycle-manager/pull/662) ([ecordell](https://github.com/ecordell)) +- Update metering InstallModes to support SingleNamespace [\#658](https://github.com/operator-framework/operator-lifecycle-manager/pull/658) ([chancez](https://github.com/chancez)) +- chore\(ci\): remove ci checks for PRs [\#654](https://github.com/operator-framework/operator-lifecycle-manager/pull/654) ([ecordell](https://github.com/ecordell)) +- Remove operatorsource installation [\#651](https://github.com/operator-framework/operator-lifecycle-manager/pull/651) ([kevinrizza](https://github.com/kevinrizza)) +- update Service Catalog memory & cpu limits [\#649](https://github.com/operator-framework/operator-lifecycle-manager/pull/649) ([jboyd01](https://github.com/jboyd01)) +- Add Metering Operator to catalog [\#647](https://github.com/operator-framework/operator-lifecycle-manager/pull/647) ([EmilyM1](https://github.com/EmilyM1)) +- fix 1663113. Add component image ENV vars to cluster-logging-operator [\#645](https://github.com/operator-framework/operator-lifecycle-manager/pull/645) ([jcantrill](https://github.com/jcantrill)) +- Updated MongoDB Operator to 0.6 [\#641](https://github.com/operator-framework/operator-lifecycle-manager/pull/641) ([rodrigovalin](https://github.com/rodrigovalin)) +- chore\(fake\): add fake for registry client [\#630](https://github.com/operator-framework/operator-lifecycle-manager/pull/630) ([ecordell](https://github.com/ecordell)) +- increase memory limits on all service catalog pods [\#629](https://github.com/operator-framework/operator-lifecycle-manager/pull/629) ([jboyd01](https://github.com/jboyd01)) +- Install operatorsource crd and default cr [\#622](https://github.com/operator-framework/operator-lifecycle-manager/pull/622) ([kevinrizza](https://github.com/kevinrizza)) +- Updated CSV marketplace manifests [\#621](https://github.com/operator-framework/operator-lifecycle-manager/pull/621) ([ecordell](https://github.com/ecordell)) +- add rbac for servicebindings/finalizers [\#615](https://github.com/operator-framework/operator-lifecycle-manager/pull/615) ([jboyd01](https://github.com/jboyd01)) +- Regen manifests [\#611](https://github.com/operator-framework/operator-lifecycle-manager/pull/611) ([ecordell](https://github.com/ecordell)) +- Descheduler operator CRD, CSV [\#584](https://github.com/operator-framework/operator-lifecycle-manager/pull/584) ([ravisantoshgudimetla](https://github.com/ravisantoshgudimetla)) +- chore\(docs\): fix markdown lint warnings [\#574](https://github.com/operator-framework/operator-lifecycle-manager/pull/574) ([jpeeler](https://github.com/jpeeler)) +- docs\(arch\): add operator groups [\#573](https://github.com/operator-framework/operator-lifecycle-manager/pull/573) ([jpeeler](https://github.com/jpeeler)) +- Creating csv, crd, and packages for clusterlogging and elasticsearch … [\#570](https://github.com/operator-framework/operator-lifecycle-manager/pull/570) ([jcantrill](https://github.com/jcantrill)) +- Cut 0.8.0 [\#567](https://github.com/operator-framework/operator-lifecycle-manager/pull/567) ([ecordell](https://github.com/ecordell)) +- chore\(build\): remove vendor commands from base dockerfile [\#566](https://github.com/operator-framework/operator-lifecycle-manager/pull/566) ([ecordell](https://github.com/ecordell)) +- chore\(release\): bump version to 0.8.0 [\#565](https://github.com/operator-framework/operator-lifecycle-manager/pull/565) ([ecordell](https://github.com/ecordell)) +- Service Catalog CSV: update resource limitations [\#562](https://github.com/operator-framework/operator-lifecycle-manager/pull/562) ([jboyd01](https://github.com/jboyd01)) +- Update AMQ logo to new brand standard [\#547](https://github.com/operator-framework/operator-lifecycle-manager/pull/547) ([rhamilto](https://github.com/rhamilto)) +- use OpenShift's ServiceCatalog build, update rbac + more [\#545](https://github.com/operator-framework/operator-lifecycle-manager/pull/545) ([jboyd01](https://github.com/jboyd01)) +- Add Service to Owned Resources for Prometheus Operator [\#539](https://github.com/operator-framework/operator-lifecycle-manager/pull/539) ([alecmerdler](https://github.com/alecmerdler)) +- Add `ConfigMap` as an Owned Resource for Prometheus [\#535](https://github.com/operator-framework/operator-lifecycle-manager/pull/535) ([alecmerdler](https://github.com/alecmerdler)) +- chore\(release\): cut release 0.7.4 [\#534](https://github.com/operator-framework/operator-lifecycle-manager/pull/534) ([njhale](https://github.com/njhale)) +- chore\(release\): bump version number to 0.7.4 [\#533](https://github.com/operator-framework/operator-lifecycle-manager/pull/533) ([njhale](https://github.com/njhale)) +- \[Doc\] Add note about helm binary requirement [\#528](https://github.com/operator-framework/operator-lifecycle-manager/pull/528) ([aditya-konarde](https://github.com/aditya-konarde)) +- chore\(package-server\): enable auth by default [\#526](https://github.com/operator-framework/operator-lifecycle-manager/pull/526) ([njhale](https://github.com/njhale)) +- More Descriptors for Dynatrace Operator [\#522](https://github.com/operator-framework/operator-lifecycle-manager/pull/522) ([alecmerdler](https://github.com/alecmerdler)) +- More Descriptors for Couchbase Operator [\#520](https://github.com/operator-framework/operator-lifecycle-manager/pull/520) ([alecmerdler](https://github.com/alecmerdler)) +- Update OKD install instructions [\#519](https://github.com/operator-framework/operator-lifecycle-manager/pull/519) ([font](https://github.com/font)) +- bump 0.7.3 [\#512](https://github.com/operator-framework/operator-lifecycle-manager/pull/512) ([ecordell](https://github.com/ecordell)) +- chore\(deploy\): update release scripts to not use 3 different images [\#510](https://github.com/operator-framework/operator-lifecycle-manager/pull/510) ([ecordell](https://github.com/ecordell)) +- chore\(deploy\): put all binaries in the same image [\#509](https://github.com/operator-framework/operator-lifecycle-manager/pull/509) ([ecordell](https://github.com/ecordell)) +- chore\(deploy\): use runlevel label on namespace [\#503](https://github.com/operator-framework/operator-lifecycle-manager/pull/503) ([smarterclayton](https://github.com/smarterclayton)) +- add example and additional info about optional CSV metadata \(replace… [\#501](https://github.com/operator-framework/operator-lifecycle-manager/pull/501) ([madorn](https://github.com/madorn)) +- Fix for Federation CSV [\#498](https://github.com/operator-framework/operator-lifecycle-manager/pull/498) ([alecmerdler](https://github.com/alecmerdler)) +- Dropping label for origin releasepayload [\#496](https://github.com/operator-framework/operator-lifecycle-manager/pull/496) ([abhinavdahiya](https://github.com/abhinavdahiya)) +- fix\(deploy\): add base images for ci-operator [\#493](https://github.com/operator-framework/operator-lifecycle-manager/pull/493) ([ecordell](https://github.com/ecordell)) +- rh-operators: add FederationV2 v0.0.2 [\#491](https://github.com/operator-framework/operator-lifecycle-manager/pull/491) ([font](https://github.com/font)) +- change go build to use 1.10 [\#489](https://github.com/operator-framework/operator-lifecycle-manager/pull/489) ([jpeeler](https://github.com/jpeeler)) +- Revert "fix\(deploy\): remove package-server until ci-operator is outpu… [\#487](https://github.com/operator-framework/operator-lifecycle-manager/pull/487) ([ecordell](https://github.com/ecordell)) +- re-cut 0.7.1 [\#484](https://github.com/operator-framework/operator-lifecycle-manager/pull/484) ([ecordell](https://github.com/ecordell)) +- certified-operators: rectify form of business for Dynatrace [\#478](https://github.com/operator-framework/operator-lifecycle-manager/pull/478) ([baichinger](https://github.com/baichinger)) +- Cut 0.7.1 [\#475](https://github.com/operator-framework/operator-lifecycle-manager/pull/475) ([ecordell](https://github.com/ecordell)) + +## [0.7.1](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.7.1) (2018-09-19) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.7.0...0.7.1) + +**Closed issues:** + +- Tag "master" of quay.io/coreos/package-server does not exist [\#471](https://github.com/operator-framework/operator-lifecycle-manager/issues/471) + +**Other changes:** + +- feat\(ci\): push tags to quay [\#474](https://github.com/operator-framework/operator-lifecycle-manager/pull/474) ([ecordell](https://github.com/ecordell)) + +## [0.7.0](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.7.0) (2018-09-19) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/v3.11.0...0.7.0) + +**Closed issues:** + +- minishift steps need to be updated for service catalog [\#469](https://github.com/operator-framework/operator-lifecycle-manager/issues/469) +- The `--service-catalog` clusterup option is invalid for OS 3.10+ [\#468](https://github.com/operator-framework/operator-lifecycle-manager/issues/468) +- `The ConfigMap "rh-operators" is invalid` while installing on upstream k8s [\#467](https://github.com/operator-framework/operator-lifecycle-manager/issues/467) + +**Other changes:** + +- 0.7.0 packages api [\#472](https://github.com/operator-framework/operator-lifecycle-manager/pull/472) ([ecordell](https://github.com/ecordell)) +- Issue \#469 update the service catalog instruction for minishift. [\#470](https://github.com/operator-framework/operator-lifecycle-manager/pull/470) ([praveenkumar](https://github.com/praveenkumar)) +- Documentation: Change to full path [\#466](https://github.com/operator-framework/operator-lifecycle-manager/pull/466) ([LiliC](https://github.com/LiliC)) +- All Namespaces Support for PackageManifest API [\#465](https://github.com/operator-framework/operator-lifecycle-manager/pull/465) ([alecmerdler](https://github.com/alecmerdler)) +- Create OWNERS [\#464](https://github.com/operator-framework/operator-lifecycle-manager/pull/464) ([ecordell](https://github.com/ecordell)) +- test\(e2e\): add OwnerReference GC behavior test [\#463](https://github.com/operator-framework/operator-lifecycle-manager/pull/463) ([njhale](https://github.com/njhale)) +- Cut 0.7.0 [\#462](https://github.com/operator-framework/operator-lifecycle-manager/pull/462) ([ecordell](https://github.com/ecordell)) +- List out options for Descriptors [\#461](https://github.com/operator-framework/operator-lifecycle-manager/pull/461) ([madorn](https://github.com/madorn)) +- cut 0.7.0 images [\#460](https://github.com/operator-framework/operator-lifecycle-manager/pull/460) ([ecordell](https://github.com/ecordell)) +- feat\(olm\): support depending on APIservices [\#459](https://github.com/operator-framework/operator-lifecycle-manager/pull/459) ([ecordell](https://github.com/ecordell)) +- Improvements on the MongoDB Enterprise Operator CSV. [\#458](https://github.com/operator-framework/operator-lifecycle-manager/pull/458) ([rodrigovalin](https://github.com/rodrigovalin)) +- \[WIP\] feat\(catalog\): add RBAC step resolution [\#457](https://github.com/operator-framework/operator-lifecycle-manager/pull/457) ([njhale](https://github.com/njhale)) +- add metrics [\#452](https://github.com/operator-framework/operator-lifecycle-manager/pull/452) ([jpeeler](https://github.com/jpeeler)) + +## [v3.11.0](https://github.com/operator-framework/operator-lifecycle-manager/tree/v3.11.0) (2018-09-13) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.6.0...v3.11.0) + +**Implemented enhancements:** + +- Instructions for Running OLM UI [\#431](https://github.com/operator-framework/operator-lifecycle-manager/pull/431) ([alecmerdler](https://github.com/alecmerdler)) +- Action Descriptors [\#426](https://github.com/operator-framework/operator-lifecycle-manager/pull/426) ([alecmerdler](https://github.com/alecmerdler)) + +**Fixed bugs:** + +- `./scripts/run\_console\_local.sh` doesn't provide a usable console with `make run-local` or `make run-local-shift` [\#437](https://github.com/operator-framework/operator-lifecycle-manager/issues/437) + +**Closed issues:** + +- Can't deploy OLM onto OpenShift [\#436](https://github.com/operator-framework/operator-lifecycle-manager/issues/436) +- Creation of CRD defined in 05-catalogsource.crd.yaml fails [\#416](https://github.com/operator-framework/operator-lifecycle-manager/issues/416) + +**Other changes:** + +- fix\(vendor\): revendor dependencies [\#456](https://github.com/operator-framework/operator-lifecycle-manager/pull/456) ([njhale](https://github.com/njhale)) +- fix\(vendor\): revendor dependencies [\#455](https://github.com/operator-framework/operator-lifecycle-manager/pull/455) ([njhale](https://github.com/njhale)) +- feat\(olm\): attempt to cleanup namespace annotations on shutdown [\#454](https://github.com/operator-framework/operator-lifecycle-manager/pull/454) ([ecordell](https://github.com/ecordell)) +- feat\(olm\): attempt to cleanup namespace annotations on shutdown [\#453](https://github.com/operator-framework/operator-lifecycle-manager/pull/453) ([ecordell](https://github.com/ecordell)) +- \[WIP\] fix\(ci\): add pipeline queueing [\#451](https://github.com/operator-framework/operator-lifecycle-manager/pull/451) ([njhale](https://github.com/njhale)) +- fix\(prometheus\): add securityContext to alertmanager example [\#450](https://github.com/operator-framework/operator-lifecycle-manager/pull/450) ([ecordell](https://github.com/ecordell)) +- docs: install OLM with 'kubectl create -f' instead of 'kubectl apply -f' [\#449](https://github.com/operator-framework/operator-lifecycle-manager/pull/449) ([djwhatle](https://github.com/djwhatle)) +- feat\(cmd\): add version flags [\#448](https://github.com/operator-framework/operator-lifecycle-manager/pull/448) ([njhale](https://github.com/njhale)) +- feat\(catalog\): add aggregated roles for each resolved CRD [\#447](https://github.com/operator-framework/operator-lifecycle-manager/pull/447) ([ecordell](https://github.com/ecordell)) +- docs: add CSV guide [\#446](https://github.com/operator-framework/operator-lifecycle-manager/pull/446) ([robszumski](https://github.com/robszumski)) +- feat\(run\_console\_local\): add docker pull for console image [\#445](https://github.com/operator-framework/operator-lifecycle-manager/pull/445) ([njhale](https://github.com/njhale)) +- chore\(rbac\): add olm-specific ClusterRole [\#444](https://github.com/operator-framework/operator-lifecycle-manager/pull/444) ([ecordell](https://github.com/ecordell)) +- Remove outdated install instructions [\#443](https://github.com/operator-framework/operator-lifecycle-manager/pull/443) ([ecordell](https://github.com/ecordell)) +- chore\(deploy\): remove ansible scripts for install [\#442](https://github.com/operator-framework/operator-lifecycle-manager/pull/442) ([ecordell](https://github.com/ecordell)) +- Fix Local Console Script with Minikube [\#441](https://github.com/operator-framework/operator-lifecycle-manager/pull/441) ([alecmerdler](https://github.com/alecmerdler)) +- Add/update CSVs for RH and partners [\#440](https://github.com/operator-framework/operator-lifecycle-manager/pull/440) ([robszumski](https://github.com/robszumski)) +- feat\(osbs\): add non-multistage dockerfile [\#439](https://github.com/operator-framework/operator-lifecycle-manager/pull/439) ([njhale](https://github.com/njhale)) +- Remove broker files for repo migration [\#438](https://github.com/operator-framework/operator-lifecycle-manager/pull/438) ([jpeeler](https://github.com/jpeeler)) +- Allow use of existing KUBECONFIG env var for e2e [\#435](https://github.com/operator-framework/operator-lifecycle-manager/pull/435) ([jpeeler](https://github.com/jpeeler)) +- \[WIP\] Package Extension API Server [\#433](https://github.com/operator-framework/operator-lifecycle-manager/pull/433) ([njhale](https://github.com/njhale)) +- Separate internal API client wrappers from generated external clients [\#432](https://github.com/operator-framework/operator-lifecycle-manager/pull/432) ([ecordell](https://github.com/ecordell)) +- Catalog renaming OCS -\> rh-operators [\#429](https://github.com/operator-framework/operator-lifecycle-manager/pull/429) ([ecordell](https://github.com/ecordell)) +- Red Hat CD Readiness [\#428](https://github.com/operator-framework/operator-lifecycle-manager/pull/428) ([njhale](https://github.com/njhale)) +- test\(e2e\): add catalog loading between operator restart test [\#427](https://github.com/operator-framework/operator-lifecycle-manager/pull/427) ([njhale](https://github.com/njhale)) +- updated prometheus csv according to the integration into openshift [\#425](https://github.com/operator-framework/operator-lifecycle-manager/pull/425) ([sichvoge](https://github.com/sichvoge)) +- fix\(catalog\): add check for loaded catalogs [\#424](https://github.com/operator-framework/operator-lifecycle-manager/pull/424) ([njhale](https://github.com/njhale)) +- feat\(subscription\): add dedicated currentCSV field to subscription [\#423](https://github.com/operator-framework/operator-lifecycle-manager/pull/423) ([njhale](https://github.com/njhale)) +- fix\(operatorclient\): remove wait for deployment rollout [\#422](https://github.com/operator-framework/operator-lifecycle-manager/pull/422) ([njhale](https://github.com/njhale)) +- fix\(e2e\): remove deployment cleanup [\#421](https://github.com/operator-framework/operator-lifecycle-manager/pull/421) ([njhale](https://github.com/njhale)) +- Set Status on Subscription with Invalid Catalog Source [\#420](https://github.com/operator-framework/operator-lifecycle-manager/pull/420) ([alecmerdler](https://github.com/alecmerdler)) +- feat\(catalog\): add catalog status block updates [\#419](https://github.com/operator-framework/operator-lifecycle-manager/pull/419) ([njhale](https://github.com/njhale)) +- Deployment fixes [\#418](https://github.com/operator-framework/operator-lifecycle-manager/pull/418) ([ecordell](https://github.com/ecordell)) +- Fixes \#416 [\#417](https://github.com/operator-framework/operator-lifecycle-manager/pull/417) ([mvazquezc](https://github.com/mvazquezc)) +- \[WIP\] feat\(catalog\): add namespace awareness to plan execution [\#415](https://github.com/operator-framework/operator-lifecycle-manager/pull/415) ([njhale](https://github.com/njhale)) +- Make key resources linkable in philosophy doc [\#414](https://github.com/operator-framework/operator-lifecycle-manager/pull/414) ([pmorie](https://github.com/pmorie)) +- Cut 0.6.0 [\#413](https://github.com/operator-framework/operator-lifecycle-manager/pull/413) ([ecordell](https://github.com/ecordell)) +- \[WIP\] feat\(resolver\): add namespace and channel awareness [\#402](https://github.com/operator-framework/operator-lifecycle-manager/pull/402) ([njhale](https://github.com/njhale)) + +## [0.6.0](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.6.0) (2018-08-07) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.5.0...0.6.0) + +**Closed issues:** + +- Attempting upstream installation against kube \>= 1.11 fails with validation errors [\#400](https://github.com/operator-framework/operator-lifecycle-manager/issues/400) +- make schema-check fails with missing vendored dependency [\#389](https://github.com/operator-framework/operator-lifecycle-manager/issues/389) + +**Other changes:** + +- chore\(vendor\): remove vendor directory [\#412](https://github.com/operator-framework/operator-lifecycle-manager/pull/412) ([ecordell](https://github.com/ecordell)) +- fix\(e2e\) + fix\(csv upgrade\) + fix\(leak\) [\#411](https://github.com/operator-framework/operator-lifecycle-manager/pull/411) ([ecordell](https://github.com/ecordell)) +- minor: broken link [\#408](https://github.com/operator-framework/operator-lifecycle-manager/pull/408) ([Jiri-Kremser](https://github.com/Jiri-Kremser)) +- fix\(csv\): CSV update process optimization regression [\#407](https://github.com/operator-framework/operator-lifecycle-manager/pull/407) ([ecordell](https://github.com/ecordell)) +- Use GroupVersionKind in Spec Descriptor for Selector [\#405](https://github.com/operator-framework/operator-lifecycle-manager/pull/405) ([alecmerdler](https://github.com/alecmerdler)) +- Catalog Cleanup [\#404](https://github.com/operator-framework/operator-lifecycle-manager/pull/404) ([ecordell](https://github.com/ecordell)) +- 1.11 updates [\#403](https://github.com/operator-framework/operator-lifecycle-manager/pull/403) ([ecordell](https://github.com/ecordell)) +- test\(catalog\_versions\): add multi-catalogsource aware resolution tests [\#401](https://github.com/operator-framework/operator-lifecycle-manager/pull/401) ([njhale](https://github.com/njhale)) +- Add CatalogSource Namespace To CRD Validation [\#399](https://github.com/operator-framework/operator-lifecycle-manager/pull/399) ([alecmerdler](https://github.com/alecmerdler)) +- chore\(deps\): update k8s libs to 1.11 versions [\#398](https://github.com/operator-framework/operator-lifecycle-manager/pull/398) ([ecordell](https://github.com/ecordell)) +- docs: add access control workflow [\#397](https://github.com/operator-framework/operator-lifecycle-manager/pull/397) ([robszumski](https://github.com/robszumski)) +- test\(installplan\): multi source e2e [\#396](https://github.com/operator-framework/operator-lifecycle-manager/pull/396) ([njhale](https://github.com/njhale)) +- chore\(ci\): update gitlab-ci.yml from jsonnet [\#395](https://github.com/operator-framework/operator-lifecycle-manager/pull/395) ([ecordell](https://github.com/ecordell)) +- fix\(installplan\): type InstallPlan.Status.CatalogSources to \[\]string … [\#394](https://github.com/operator-framework/operator-lifecycle-manager/pull/394) ([njhale](https://github.com/njhale)) +- Deploy CI to `operator-lifecycle-manager` Namespace [\#393](https://github.com/operator-framework/operator-lifecycle-manager/pull/393) ([alecmerdler](https://github.com/alecmerdler)) +- Fix invalid `minishift start` option in build\_local\_shift.sh [\#392](https://github.com/operator-framework/operator-lifecycle-manager/pull/392) ([jsm84](https://github.com/jsm84)) +- vendor: re-run `dep ensure` [\#390](https://github.com/operator-framework/operator-lifecycle-manager/pull/390) ([jzelinskie](https://github.com/jzelinskie)) +- feat\(catalog\_resources\): add prometheus 0.22.1 [\#388](https://github.com/operator-framework/operator-lifecycle-manager/pull/388) ([ecordell](https://github.com/ecordell)) +- feat\(catalog\): multiple CatalogSource resolution [\#386](https://github.com/operator-framework/operator-lifecycle-manager/pull/386) ([njhale](https://github.com/njhale)) + +## [0.5.0](https://github.com/operator-framework/operator-lifecycle-manager/tree/0.5.0) (2018-07-23) +[Full Changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/0.4.0...0.5.0) + +**Implemented enhancements:** + +- Separate Manifest Validator [\#365](https://github.com/operator-framework/operator-lifecycle-manager/pull/365) ([alecmerdler](https://github.com/alecmerdler)) +- Manual Approval of Install Plans [\#347](https://github.com/operator-framework/operator-lifecycle-manager/pull/347) ([alecmerdler](https://github.com/alecmerdler)) +- GitLab CI Fix [\#341](https://github.com/operator-framework/operator-lifecycle-manager/pull/341) ([alecmerdler](https://github.com/alecmerdler)) + +**Fixed bugs:** + +- Prevent ownership conflicts for CRDs [\#375](https://github.com/operator-framework/operator-lifecycle-manager/pull/375) ([ecordell](https://github.com/ecordell)) +- Fix InstallPlanReference in Subscription Status [\#359](https://github.com/operator-framework/operator-lifecycle-manager/pull/359) ([ecordell](https://github.com/ecordell)) +- Fix Subscriptions being Updated Without Changes [\#357](https://github.com/operator-framework/operator-lifecycle-manager/pull/357) ([alecmerdler](https://github.com/alecmerdler)) +- Slack Webhook Rename [\#337](https://github.com/operator-framework/operator-lifecycle-manager/pull/337) ([alecmerdler](https://github.com/alecmerdler)) +- Clarify Status Condition when Catalog Source Not Found [\#335](https://github.com/operator-framework/operator-lifecycle-manager/pull/335) ([alecmerdler](https://github.com/alecmerdler)) + +**Closed issues:** + +- Typos in architecture doc [\#376](https://github.com/operator-framework/operator-lifecycle-manager/issues/376) +- make manifests error when rendering templates with helm [\#369](https://github.com/operator-framework/operator-lifecycle-manager/issues/369) +- make run-local missing charts [\#368](https://github.com/operator-framework/operator-lifecycle-manager/issues/368) +- make run-local is broken [\#366](https://github.com/operator-framework/operator-lifecycle-manager/issues/366) +- make build fails [\#360](https://github.com/operator-framework/operator-lifecycle-manager/issues/360) +- vendoring fails when run `make vendor` [\#350](https://github.com/operator-framework/operator-lifecycle-manager/issues/350) + +**Other changes:** + +- fix SingleSourceResolver to use plan namespace for resolved CSVs [\#387](https://github.com/operator-framework/operator-lifecycle-manager/pull/387) ([njhale](https://github.com/njhale)) +- Add CatalogSource Name to InstallPlan Steps [\#385](https://github.com/operator-framework/operator-lifecycle-manager/pull/385) ([njhale](https://github.com/njhale)) +- Fix OpenShift Deploy CI [\#384](https://github.com/operator-framework/operator-lifecycle-manager/pull/384) ([alecmerdler](https://github.com/alecmerdler)) +- Deploy to OpenShift Cluster [\#383](https://github.com/operator-framework/operator-lifecycle-manager/pull/383) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(docs\): correct spelling of philosopy.md [\#382](https://github.com/operator-framework/operator-lifecycle-manager/pull/382) ([aravindhp](https://github.com/aravindhp)) +- Cut 0.5.0 [\#381](https://github.com/operator-framework/operator-lifecycle-manager/pull/381) ([ecordell](https://github.com/ecordell)) +- Add CatalogSource Namespace to Subscription Objects [\#380](https://github.com/operator-framework/operator-lifecycle-manager/pull/380) ([alecmerdler](https://github.com/alecmerdler)) +- fix\(docs\): typos in architecture.md [\#377](https://github.com/operator-framework/operator-lifecycle-manager/pull/377) ([ecordell](https://github.com/ecordell)) +- Fix a small typo [\#374](https://github.com/operator-framework/operator-lifecycle-manager/pull/374) ([fabiand](https://github.com/fabiand)) +- fix\(servicebroker\): add main\_test.go to servicebroker cmd [\#372](https://github.com/operator-framework/operator-lifecycle-manager/pull/372) ([ecordell](https://github.com/ecordell)) +- fix\(make\): fixes run-local and run-local-shift [\#371](https://github.com/operator-framework/operator-lifecycle-manager/pull/371) ([ecordell](https://github.com/ecordell)) +- Remove tectonic-operators [\#370](https://github.com/operator-framework/operator-lifecycle-manager/pull/370) ([ecordell](https://github.com/ecordell)) +- fix\(make\): set version var for run-local [\#367](https://github.com/operator-framework/operator-lifecycle-manager/pull/367) ([ecordell](https://github.com/ecordell)) +- Resolve Install Plan before Requiring Approval [\#364](https://github.com/operator-framework/operator-lifecycle-manager/pull/364) ([alecmerdler](https://github.com/alecmerdler)) +- readme: fix broken link to CSV example [\#363](https://github.com/operator-framework/operator-lifecycle-manager/pull/363) ([robszumski](https://github.com/robszumski)) +- Fix memory usage in catalog operator [\#362](https://github.com/operator-framework/operator-lifecycle-manager/pull/362) ([ecordell](https://github.com/ecordell)) +- Tests for Runaway Control Loops [\#361](https://github.com/operator-framework/operator-lifecycle-manager/pull/361) ([alecmerdler](https://github.com/alecmerdler)) +- Fix the deploy to kubernetes command in install.md [\#358](https://github.com/operator-framework/operator-lifecycle-manager/pull/358) ([aravindhp](https://github.com/aravindhp)) +- Ansible playbook [\#356](https://github.com/operator-framework/operator-lifecycle-manager/pull/356) ([ecordell](https://github.com/ecordell)) +- Add metering to a separate, upstream-only catalog [\#354](https://github.com/operator-framework/operator-lifecycle-manager/pull/354) ([ecordell](https://github.com/ecordell)) +- chore\(deps\): commit vendored dependencies [\#352](https://github.com/operator-framework/operator-lifecycle-manager/pull/352) ([ecordell](https://github.com/ecordell)) +- feat\(servicebroker\): list one serviceclass per package [\#349](https://github.com/operator-framework/operator-lifecycle-manager/pull/349) ([ericavonb](https://github.com/ericavonb)) +- Add installPlanApproval to Subscription-v1 [\#348](https://github.com/operator-framework/operator-lifecycle-manager/pull/348) ([ecordell](https://github.com/ecordell)) +- Strip Markdown Descriptions from OSB [\#346](https://github.com/operator-framework/operator-lifecycle-manager/pull/346) ([alecmerdler](https://github.com/alecmerdler)) +- test validate service broker api version function [\#345](https://github.com/operator-framework/operator-lifecycle-manager/pull/345) ([ericavonb](https://github.com/ericavonb)) +- OSB Rebase \(part 2\) [\#344](https://github.com/operator-framework/operator-lifecycle-manager/pull/344) ([ecordell](https://github.com/ecordell)) +- Rebased OSB backbone [\#342](https://github.com/operator-framework/operator-lifecycle-manager/pull/342) ([ecordell](https://github.com/ecordell)) +- Update manifests for 0.4.0 release [\#340](https://github.com/operator-framework/operator-lifecycle-manager/pull/340) ([ecordell](https://github.com/ecordell)) + + + +\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/DEVELOPMENT.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/DEVELOPMENT.md new file mode 100644 index 000000000..50977aeac --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/DEVELOPMENT.md @@ -0,0 +1,90 @@ +## Tooling + +### Requirements + +| Requirement | Purpose | macOS | +|-------------|-----------------------|----------------------| +| Go | Compiler | brew install go | +| Dep | Dependency Management | brew install dep | +| Docker | Packaging | [Docker for Mac] | +| jsonnet | JSON templating tool | brew install jsonnet | +| ffctl | Gitlab CI format | pip install ffctl | + +[Docker for Mac]: https://store.docker.com/editions/community/docker-ce-desktop-mac + +### Usage + +#### Testing + +This project uses the built-in testing support for golang. + +To run the tests for all go packages outside of the vendor directory, run: +```sh +$ make test +``` + +To run the e2e tests locally: + +```sh +$ make e2e-local +``` + +To run a specific e2e test locally: + +```sh +$ make e2e-local TEST=TestCreateInstallPlanManualApproval +``` + +#### Building + +Ensure your version of go is up to date; check that you're running v1.9 with the +command: +```sh +$ go version +``` + +To build the go binary, run: +```sh +$ make build +``` + +#### Packaging + +ALM is packaged as a set of manifests for a tectonic-x-operator specialization (tectonic-alm-operator). + +A new version can be generated from the helm chart by: + + 1. Modifying the `deploy/tectonic-alm-operator/values.yaml` file for the release to include new SHAs of the container images. + 1. Running the `package` make command, which takes a single variable (`ver`) + +For example: + +``` +make ver=0.3.0 package +``` + +Will generate a new set of manifests from the helm chart in `deploy/chart` combined with the `values.yaml` file in `deploy/tectonic-alm-operator`, and output the rendered templates to `deploy/tectonic-alm-operator/manifests/0.3.0`. + +See the documentation in `deploy/tectonic-alm-operator` for how to take the new manifests and package them as a new version of `tectonic-alm-operator`. + +### Dependency Management + +#### Using make +These commands are handled for you via the Makefile. To install the project +dependencies, run: + +```sh +$ make vendor +``` + +To update dependencies, run: + +```sh +$ make vendor-update +# verify changes +$ make test +$ make e2e-local-docker +``` + +The Makefile recipes for testing and builds ensure the project's dependencies +are properly installed and vendored before running. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/Dockerfile new file mode 100644 index 000000000..6c2f4bad4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Dockerfile @@ -0,0 +1,55 @@ +FROM openshift/origin-release:golang-1.12 as builder +RUN yum update -y +RUN yum install -y make git + +ENV GO111MODULE auto +ENV GOPATH /go +ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH + +WORKDIR /build + +# copy just enough of the git repo to parse HEAD, used to record version in OLM binaries +COPY .git/HEAD .git/HEAD +COPY .git/refs/heads/. .git/refs/heads +RUN mkdir -p .git/objects + +COPY Makefile Makefile +COPY OLM_VERSION OLM_VERSION +COPY pkg pkg +COPY vendor vendor +COPY cmd cmd +COPY test test +COPY go.mod go.mod +COPY go.sum go.sum +RUN make build + +FROM openshift/origin-base + +ADD manifests/ /manifests +LABEL io.openshift.release.operator=true + +# Copy the binary to a standard location where it will run. +COPY --from=builder /build/bin/olm /bin/olm +COPY --from=builder /build/bin/catalog /bin/catalog +COPY --from=builder /build/bin/package-server /bin/package-server + +# This image doesn't need to run as root user. +USER 1001 + +EXPOSE 8080 +EXPOSE 5443 + +# Apply labels as needed. ART build automation fills in others required for +# shipping, including component NVR (name-version-release) and image name. OSBS +# applies others at build time. So most required labels need not be in the source. +# +# io.k8s.display-name is required and is displayed in certain places in the +# console (someone correct this if that's no longer the case) +# +# io.k8s.description is equivalent to "description" and should be defined per +# image; otherwise the parent image's description is inherited which is +# confusing at best when examining images. +# +LABEL io.k8s.display-name="OpenShift Operator Lifecycle Manager" \ + io.k8s.description="This is a component of OpenShift Container Platform and manages the lifecycle of operators." \ + maintainer="Odin Team " diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/contributors/design-proposals/subscription-status.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/contributors/design-proposals/subscription-status.md new file mode 100644 index 000000000..da166521f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/contributors/design-proposals/subscription-status.md @@ -0,0 +1,775 @@ +# Improved Subscription Status + +Status: Pending + +Version: Alpha + +Implementation Owner: TBD + +## Motivation + +The `Subscription` `CustomResource` needs to expose useful information when a failure scenario is encountered. Failures can be encountered throughout a `Subscription`'s existence and can include issues with `InstallPlan` resolution, `CatalogSource` connectivity, `ClusterServiceVersion` (CSV) status, and more. To surface this information, explicit status for `Subscriptions` will be introduced via [status conditions](#status-conditions) which will be set by new, specialized status sync handlers for resources of interest (`Subscriptions`, `InstallPlan`s, `CatalogSource`s and CSVs). + +### Following Conventions + +In order to design a status that makes sense in the context of kubernetes resources, it's important to conform to current conventions. This will also help us avoid pitfalls that may have already been solved. + +#### Status Conditions + +The [kube api-conventions docs](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties) state that: +> Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. + +A few internal Kubernetes resources that implement status conditions: + +- [NodeStatus](https://github.com/kubernetes/kubernetes/blob/6c31101257bfcd47fa53702cea07fe2eedf2ad92/pkg/apis/core/types.go#L3556) +- [DeploymentStatus](https://github.com/kubernetes/kubernetes/blob/f5574bf62a051c4a41a3fff717cc0bad735827eb/pkg/apis/apps/types.go#L415) +- [DaemonSetStatus](https://github.com/kubernetes/kubernetes/blob/f5574bf62a051c4a41a3fff717cc0bad735827eb/pkg/apis/apps/types.go#L582) +- [ReplicaSetStatus](https://github.com/kubernetes/kubernetes/blob/f5574bf62a051c4a41a3fff717cc0bad735827eb/pkg/apis/apps/types.go#L751) + +Introducing status conditions will let us have an explicit, level-based view of the current abnormal state of a `Subscription`. They are essentially orthogonal states (regions) of the compound state (`SubscriptionStatus`)¹. A conditionᵢ has a set of sub states [Unknown, True, False] each with sub states of their own [Reasonsᵢ],where Reasonsᵢ contains the set of transition reasons for conditionᵢ. This compound state can be used to inform a decision about performing an operation on the cluster. + +> 1. [What is a statechart?](https://statecharts.github.io/what-is-a-statechart.html); see 'A state can have many "regions"' + +#### References to Related Objects + +The [kube api-convention docs](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#references-to-related-objects) state that: +> References to specific objects, especially specific resource versions and/or specific fields of those objects, are specified using the ObjectReference type (or other types representing strict subsets of it). + +Rather than building our own abstractions to reference managed resources (like `InstallPlan`s), we can take advantage of the pre-existing `ObjectReference` type. + +## Proposal + +### Changes to SubscriptionStatus + +- Introduce a `SubscriptionCondition` type + - Describes a single state of a `Subscription` explicity +- Introduce a `SubscriptionConditionType` field + - Describes the type of a condition +- Introduce a `Conditions` field of type `[]SubscriptionCondition` to `SubscriptionStatus` + - Describes multiple potentially orthogonal states of a `Subscription` explicitly +- Introduce an `InstallPlanRef` field of type [*corev1.ObjectReference](https://github.com/kubernetes/kubernetes/blob/f5574bf62a051c4a41a3fff717cc0bad735827eb/pkg/apis/core/types.go#L3993) + - To replace custom type with existing apimachinery type +- Deprecate the `Install` field + - Value will be kept up to date to support older clients until a major version change +- Introduce a `SubscriptionCatalogStatus` type + - Describes a Subscription's view of a CatalogSource's status +- Introduce a `CatalogStatus` field of type `[]SubscriptionCatalogStatus` + - CatalogStatus contains the Subscription's view of its relevant CatalogSources' status + +### Changes to Subscription Reconciliation + +Changes to `Subscription` reconciliation can be broken into three parts: + +1. Phase in use of `SubscriptionStatus.Install` with `SubscriptionStatus.InstallPlanRef`: + - Write to `Install` and `InstallPlanRef` but still read from `Install` + - Read from `InstallPlanRef` + - Stop writing to `Install` +2. Create independent sync handlers and workqueues for resources of interest (status-handler) that only update specific `SubscriptionStatus` fields and `StatusConditions`: + - Build actionable state reactively through objects of interest + - Treat omitted `SubscriptionConditionTypes` in `SubscriptionStatus.Conditions` as having `ConditionStatus` "Unknown" + - Add new status-handlers with new workqueues for: + - `Subscription`s + - `CatalogSource`s + - `InstallPlan`s + - CSVs + - These sync handlers can be phased-in incrementally: + - Add a conditions block and the `UpToDate` field, and ensure the `UpToDate` field is set properly when updating status + - Pick one condition to start detecting, and write its status + - Repeat with other conditions. This is a good opportunity to parallelize work immediate value to end-users (they start seeing the new conditions ASAP) + - Once all conditions are being synchronized, start using them to set the state of other fields (e.g. `UpToDate`) +3. Add status-handler logic to toggle the `SubscriptionStatus.UpToDate` field: + - Whenever `SubscriptionStatus.InstalledCSV == SubscriptionStatus.CurrentCSV` and `SubscriptionStatus.Conditions` has a `SubscriptionConditionType` of type `SubscriptionInstalledCSVReplacementAvailable` with `Status == "True"`, set `SubscriptionStatus.UpToDate = true` + - Whenever `SubscriptionStatus.InstalledCSV != SubscriptionStatus.CurrentCSV`, set `SubscriptionStatus.UpToDate = false` + +## Implementation + +### SubscriptionStatus + +Updated SusbcriptionStatus resource: + +```go +import ( + // ... + corev1 "k8s.io/kubernetes/pkg/apis/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + // ... +) + +type SubscriptionStatus struct { + // ObservedGeneration is the generation observed by the Subscription controller. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // CurrentCSV is the CSV the Subscription is progressing to. + // +optional + CurrentCSV string `json:"currentCSV,omitempty"` + + // InstalledCSV is the CSV currently installed by the Subscription. + // +optional + InstalledCSV string `json:"installedCSV,omitempty"` + + // Install is a reference to the latest InstallPlan generated for the Subscription. + // DEPRECATED: InstallPlanRef + // +optional + Install *InstallPlanReference `json:"installplan,omitempty"` + + // State represents the current state of the Subscription + // +optional + State SubscriptionState `json:"state,omitempty"` + + // Reason is the reason the Subscription was transitioned to its current state. + // +optional + Reason ConditionReason `json:"reason,omitempty"` + + // InstallPlanRef is a reference to the latest InstallPlan that contains the Subscription's current CSV. + // +optional + InstallPlanRef *corev1.ObjectReference `json:"installPlanRef,omitempty"` + + // CatalogStatus contains the Subscription's view of its relevant CatalogSources' status. + // It is used to determine SubscriptionStatusConditions related to CatalogSources. + // +optional + CatalogStatus []SubscriptionCatalogStatus `json:"catalogStatus,omitempty"` + + // UpToDate is true when the latest CSV for the Subscription's package and channel is installed and running; false otherwise. + // + // This field is not a status SubscriptionCondition because it "represents a well-known state that applies to all instances of a kind" + // (see https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties). + // In this case, all Subscriptions are either up to date or not up to date. + UpToDate bool `json:"UpToDate"` + + // LastUpdated represents the last time that the Subscription status was updated. + LastUpdated metav1.Time `json:"lastUpdated"` + + // Conditions is a list of the latest available observations about a Subscription's current state. + // +optional + Conditions []SubscriptionCondition `json:"conditions,omitempty"` +} + +// SubscriptionCatalogHealth describes a Subscription's view of a CatalogSource's status. +type SubscriptionCatalogStatus struct { + // CatalogSourceRef is a reference to a CatalogSource. + CatalogSourceRef *corev1.ObjectReference `json:"catalogSourceRef"` + + // LastUpdated represents the last time that the CatalogSourceHealth changed + LastUpdated `json:"lastUpdated"` + + // Healthy is true if the CatalogSource is healthy; false otherwise. + Healthy bool `json:"healthy"` +} + +// SubscriptionConditionType indicates an explicit state condition about a Subscription in "abnormal-true" +// polarity form (see https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties). +type SusbcriptionConditionType string + +const ( + // SubscriptionResolutionFails indicates the Subscription has failed to resolve a set + SubscriptionResolutionFailed SubscriptionConditionType = "ResolutionFailed" + + // SubscriptionCatalogSourcesUnhealthy indicates that some or all of the CatalogSources to be used in resolution are unhealthy. + SubscriptionCatalogSourcesUnhealthy SubscriptionConditionType = "CatalogSourcesUnhealthy" + + // SubscriptionCatalogSourceInvalid indicates the CatalogSource specified in the SubscriptionSpec is not valid. + SubscriptionCatalogSourceInvalid SubscriptionConditionType = "CatalogSourceInvalid" + + // SubscriptionPackageChannelInvalid indicates the package and channel specified in the SubscriptionSpec is not valid. + SubscriptionPackageChannelInvalid SubscriptionConditionType = "PackageChannelInvalid" + + // SubscriptionInstallPlanFailed indicates the InstallPlan responsible for installing the current CSV has failed. + SubscriptionInstallPlanFailed SubscriptionConditionType = "InstallPlanFailed" + + // SubscriptionInstallPlanMissing indicates the InstallPlan responsible for installing the current CSV is missing. + SubscriptionInstallPlanMissing SubscriptionConditionType = "InstallPlanMissing" + + // SubscriptionInstallPlanAwaitingManualApproval indicates the InstallPlan responsible for installing the current CSV is waiting + // for manual approval. + SubscriptionInstallPlanAwaitingManualApproval SubscriptionConditionType = "InstallPlanAwaitingManualApproval" + + // SubscriptionInstalledCSVReplacementAvailable indicates there exists a replacement for the installed CSV. + SubscriptionInstalledCSVReplacementAvailable SubscriptionConditionType = "InstalledCSVReplacementAvailable" + + // SubscriptionInstalledCSVMissing indicates the installed CSV is missing. + SubscriptionInstalledCSVMissing SubscriptionConditionType = "InstalledCSVMissing" + + // SubscriptionInstalledCSVFailed indicates the installed CSV has failed. + SubscriptionInstalledCSVFailed SubscriptionConditionType = "InstalledCSVFailed" +) + +type SubscriptionCondition struct { + // Type is the type of Subscription condition. + Type SubscriptionConditionType `json:"type" description:"type of Subscription condition"` + + // Status is the status of the condition, one of True, False, Unknown. + Status corev1.ConditionStatus `json:"status" description:"status of the condition, one of True, False, Unknown"` + + // Reason is a one-word CamelCase reason for the condition's last transition. + // +optional + Reason string `json:"reason,omitempty" description:"one-word CamelCase reason for the condition's last transition"` + + // Message is a human-readable message indicating details about last transition. + // +optional + Message string `json:"message,omitempty" description:"human-readable message indicating details about last transition"` + + // LastHeartbeatTime is the last time we got an update on a given condition + // +optional + LastHeartbeatTime *metav1.Time `json:"lastHeartbeatTime,omitempty" description:"last time we got an update on a given condition"` + + // LastTransitionTime is the last time the condition transit from one status to another + // +optional + LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty" description:"last time the condition transit from one status to another"` +} +``` + +### Subscription Reconciliation + +Phasing in `SusbcriptionStatus.InstallPlanRef`: + +- Create a helper function to convert `ObjectReference`s into `InstallPlanReference`s in _pkg/api/apis/operators/v1alpha1/subscription_types.go_ + +```go +package v1alpha1 + +import ( + // ... + corev1 "k8s.io/api/core/v1" + // ... +) +// ... +func NewInstallPlanReference(ref *corev1.ObjectReference) *InstallPlanReference { + return &InstallPlanReference{ + APIVersion: ref.APIVersion, + Kind: ref.Kind, + Name: ref.Name, + UID: ref.UID, + } +} +``` + +- Define an interface and method for generating `ObjectReferences` for `InstallPlan`s in _pkg/api/apis/operators/referencer.go_ + +```go +package operators + +import ( + "fmt" + // ... + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/meta" + // ... + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha2" +) + +// CannotReferenceError indicates that an ObjectReference could not be generated for a resource. +type CannotReferenceError struct{ + obj interface{} + msg string +} + +// Error returns the error's error string. +func (err *CannotReferenceError) Error() string { + return fmt.Sprintf("cannot reference %v: %s", obj, msg) +} + +// NewCannotReferenceError returns a pointer to a CannotReferenceError instantiated with the given object and message. +func NewCannotReferenceError(obj interface{}, msg string) *CannotReferenceError { + return &CannotReferenceError{obj: obj, msg: msg} +} + +// ObjectReferencer knows how to return an ObjectReference for a resource. +type ObjectReferencer interface { + // ObjectReferenceFor returns an ObjectReference for the given resource. + ObjectReferenceFor(obj interface{}) (*corev1.ObjectReference, error) +} + +// ObjectReferencerFunc is a function type that implements ObjectReferencer. +type ObjectReferencerFunc func(obj interface{}) (*corev1.ObjectReference, error) + +// ObjectReferenceFor returns an ObjectReference for the current resource by invoking itself. +func (f ObjectReferencerFunc) ObjectReferenceFor(obj interface{}) (*corev1.ObjectReference, error) { + return f(obj) +} + +// OperatorsObjectReferenceFor generates an ObjectReference for the given resource if it's provided by the operators.coreos.com API group. +func OperatorsObjectReferenceFor(obj interface{}) (*corev1.ObjectReference, error) { + // Attempt to access ObjectMeta + objMeta, err := meta.Accessor(obj) + if err != nil { + return nil, NewCannotReferenceError(obj, err.Error()) + } + + ref := &corev1.ObjectReference{ + Namespace: objMeta.GetNamespace(), + Name: objMeta.GetName(), + UID: objMeta.GetUI(), + } + switch objMeta.(type) { + case *v1alpha1.ClusterServiceVersion: + ref.Kind = v1alpha1.ClusterServiceVersionKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case *v1alpha1.InstallPlan: + ref.Kind = v1alpha1.InstallPlanKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case *v1alpha1.Subscription: + ref.Kind = v1alpha1.SubscriptionKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case *v1alpha1.CatalogSource: + ref.Kind = v1alpha1.CatalogSourceKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case *v1.OperatorGroup: + ref.Kind = v1alpha2.OperatorGroupKind + ref.APIVersion = v1alpha2.SchemeGroupVersion.String() + case v1alpha1.ClusterServiceVersion: + ref.Kind = v1alpha1.ClusterServiceVersionKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case v1alpha1.InstallPlan: + ref.Kind = v1alpha1.InstallPlanKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case v1alpha1.Subscription: + ref.Kind = v1alpha1.SubscriptionKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case v1alpha1.CatalogSource: + ref.Kind = v1alpha1.CatalogSourceKind + ref.APIVersion = v1alpha1.SchemeGroupVersion.String() + case v1.OperatorGroup: + ref.Kind = v1alpha2.OperatorGroupKind + ref.APIVersion = v1alpha2.SchemeGroupVersion.String() + default: + return nil, NewCannotReferenceError(objMeta, "resource not a valid olm kind") + } + + return ref, nil +} + +type ReferenceSet map[*corev1.ObjectReference]struct{} + +type ReferenceSetBuilder interface { + Build(obj interface{}) (ReferenceSet, error) +} + +type ReferenceSetBuilderFunc func(obj interface{}) (ReferenceSet, error) + +func (f ReferenceSetBuilderFunc) Build(obj interface{}) (ReferenceSet, error) { + return f(obj) +} + +func BuildOperatorsReferenceSet(obj interface{}) (ReferenceSet, error) { + referencer := ObjectReferencer(OperatorsObjectReferenceFor) + obj := []interface{} + set := make(ReferenceSet) + switch v := obj.(type) { + case []*v1alpha1.ClusterServiceVersion: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []*v1alpha1.InstallPlan: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []*v1alpha1.Subscription: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []*v1alpha1.CatalogSource: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []*v1.OperatorGroup: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []v1alpha1.ClusterServiceVersion: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []v1alpha1.InstallPlan: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []v1alpha1.Subscription: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []v1alpha1.CatalogSource: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + case []v1.OperatorGroup: + for _, o := range v { + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + default: + // Could be a single resource + ref, err := referencer.ObjectReferenceFor(o) + if err != nil { + return nil, err + } + set[ref] = struct{}{} + } + + return set, nil +} + + +``` + +- Add an `ObjectReferencer` field to the [catalog-operator](https://github.com/operator-framework/operator-lifecycle-manager/blob/22691a771a330fc05608a7ec1516d31a17a13ded/pkg/controller/operators/catalog/operator.go#L58) + +```go +package catalog + +import ( + // ... + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + // ... +) +// ... +type Operator struct { + // ... + referencer operators.ObjectReferencer +} +// ... +func NewOperator(kubeconfigPath string, logger *logrus.Logger, wakeupInterval time.Duration, configmapRegistryImage, operatorNamespace string, watchedNamespaces ...string) (*Operator, error) { + // ... + op := &Operator{ + // ... + referencer: operators.ObjectReferencerFunc(operators.OperatorsObjectReferenceFor), + } + // ... +} +// ... +``` + +- Generate `ObjectReference`s in [ensureInstallPlan(...)](https://github.com/operator-framework/operator-lifecycle-manager/blob/22691a771a330fc05608a7ec1516d31a17a13ded/pkg/controller/operators/catalog/operator.go#L804) + +```go +func (o *Operator) ensureInstallPlan(logger *logrus.Entry, namespace string, subs []*v1alpha1.Subscription, installPlanApproval v1alpha1.Approval, steps []*v1alpha1.Step) (*corev1.ObjectReference, error) { + // ... + for _, installPlan := range installPlans { + if installPlan.Status.CSVManifestsMatch(steps) { + logger.Infof("found InstallPlan with matching manifests: %s", installPlan.GetName()) + return a.referencer.ObjectReferenceFor(installPlan), nil + } + } + // ... +} +``` + +Write to `SusbcriptionStatus.InstallPlan` and `SubscriptionStatus.InstallPlanRef`: + +- Generate `ObjectReference`s in [createInstallPlan(...)](https://github.com/operator-framework/operator-lifecycle-manager/blob/22691a771a330fc05608a7ec1516d31a17a13ded/pkg/controller/operators/catalog/operator.go#L863) + +```go +func (o *Operator) createInstallPlan(namespace string, subs []*v1alpha1.Subscription, installPlanApproval v1alpha1.Approval, steps []*v1alpha1.Step) (*corev1.ObjectReference, error) { + // ... + return a.referencer.ObjectReferenceFor(res), nil +} +``` + +- Use `ObjectReference` to populate both `SusbcriptionStatus.InstallPlan` and `SubscriptionStatus.InstallPlanRef` in [updateSubscriptionStatus](https://github.com/operator-framework/operator-lifecycle-manager/blob/22691a771a330fc05608a7ec1516d31a17a13ded/pkg/controller/operators/catalog/operator.go#L774) + +```go +func (o *Operator) updateSubscriptionStatus(namespace string, subs []*v1alpha1.Subscription, installPlanRef *corev1.ObjectReference) error { + // ... + for _, sub := range subs { + // ... + if installPlanRef != nil { + sub.Status.InstallPlanRef = installPlanRef + sub.Status.Install = v1alpha1.NewInstallPlanReference(installPlanRef) + sub.Status.State = v1alpha1.SubscriptionStateUpgradePending + } + // ... + } + // ... +} +``` + +Phase in orthogonal `SubscriptionStatus` condition updates (pick a condition type to start with): + +- Pick `SubscriptionCatalogSourcesUnhealthy` +- Add `SusbcriptionCondition` getter and setter helper methods to `SubscriptionStatus` + +```go +// GetCondition returns the SubscriptionCondition of the given type if it exists in the SubscriptionStatus' Conditions; returns a condition of the given type with a ConditionStatus of "Unknown" if not found. +func (status SubscriptionStatus) GetCondition(conditionType SubscriptionConditionType) SubscriptionCondition { + for _, cond := range status.Conditions { + if cond.Type == conditionType { + return cond + } + } + + return SubscriptionCondition{ + Type: conditionType, + Status: corev1.ConditionUnknown, + // ... + } +} + +// SetCondition sets the given SubscriptionCondition in the SubscriptionStatus' Conditions. +func (status SubscriptionStatus) SetCondition(condition SubscriptionCondition) { + for i, cond := range status.Conditions { + if cond.Type == condition.Type { + cond[i] = condition + return + } + } + + status.Conditions = append(status.Conditions, condition) +} +``` + +- Add a `ReferenceSetBuilder` field to the [catalog-operator](https://github.com/operator-framework/operator-lifecycle-manager/blob/22691a771a330fc05608a7ec1516d31a17a13ded/pkg/controller/operators/catalog/operator.go#L58) + +```go +package catalog + +import ( + // ... + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + // ... +) +// ... +type Operator struct { + // ... + referenceSetBuilder operators.ReferenceSetBuilder +} +// ... +func NewOperator(kubeconfigPath string, logger *logrus.Logger, wakeupInterval time.Duration, configmapRegistryImage, operatorNamespace string, watchedNamespaces ...string) (*Operator, error) { + // ... + op := &Operator{ + // ... + referenceSetBuilder: operators.ReferenceSetBuilderFunc(operators.BuildOperatorsReferenceSet), + } + // ... +} +// ... +``` + +- Define a new `CatalogSource` sync function that checks the health of a given `CatalogSource` and the health of every `CatalogSource` in its namespace and the global namespace and updates all `Subscription`s that have visibility on it with the condition state + +```go +// syncSusbcriptionCatalogStatus generates a SubscriptionCatalogStatus for a CatalogSource and updates the +// status of all Subscriptions in its namespace; for CatalogSources in the global catalog namespace, Subscriptions +// in all namespaces are updated. +func (o *Operator) syncSubscriptionCatalogStatus(obj interface{}) (syncError error) { + catsrc, ok := obj.(*v1alpha1.CatalogSource) + if !ok { + o.Log.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting CatalogSource failed") + } + + logger := o.Log.WithFields(logrus.Fields{ + "catsrc": catsrc.GetName(), + "namespace": catsrc.GetNamespace(), + "id": queueinformer.NewLoopID(), + }) + logger.Debug("syncing subscription catalogsource status") + + // Get SubscriptionCatalogStatus + sourceKey := resolver.CatalogKey{Name: owner.Name, Namespace: metaObj.GetNamespace()} + status := o.getSubscriptionCatalogStatus(logger, sourceKey, a.referencer.ObjectReferenceFor(catsrc)) + + // Update the status of all Subscriptions that can view this CatalogSource + syncError = updateSubscriptionCatalogStatus(logger, status) +} + +// getSubscriptionCatalogStatus gets the SubscriptionCatalogStatus for a given SourceKey and ObjectReference. +func (o *Operator) getSubscriptionCatalogStatus(logger logrus.Entry, sourceKey resolver.SourceKey, *corev1.ObjectReference) *v1alpha1.SubscriptionCatalogStatus { + // TODO: Implement this +} + +// updateSubscriptionCatalogStatus updates all Subscriptions in the CatalogSource namespace with the given SubscriptionCatalogStatus; +// for CatalogSources in the global catalog namespace, Subscriptions in all namespaces are updated. +func (o *Operator) updateSubscriptionCatalogStatus(logger logrus.Entry, status SubscriptionCatalogStatus) error { + // TODO: Implement this. It should handle removing CatalogStatus entries to non-existent CatalogSources. +} +``` + +- Define a new `Subscription` sync function that checks the `CatalogStatus` field and sets `SubscriptionCondition`s relating to `CatalogSource` status + +```go +func (o *Operator) syncSubscriptionCatalogConditions(obj interface{}) (syncError error) { + sub, ok := obj.(*v1alpha1.Subscription) + if !ok { + o.Log.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting Subscription failed") + } + + logger := o.Log.WithFields(logrus.Fields{ + "sub": sub.GetName(), + "namespace": sub.GetNamespace(), + "id": queueinformer.NewLoopID(), + }) + logger.Debug("syncing subscription catalogsource conditions") + + // Get the list of CatalogSources visible to the Subscription + catsrcs, err := o.listResolvableCatalogSources(sub.GetNamespace()) + if err != nil { + logger.WithError(err).Warn("could not list resolvable catalogsources") + syncError = err + return + } + + // Build reference set from resolvable catalogsources + refSet, err := o.referenceSetBuilder.Build(catsrcs) + if err != nil { + logger.WithError(err).Warn("could not build object reference set of resolvable catalogsources") + syncError = err + return + } + + // Defer an update to the Subscription + out := sub.DeepCopy() + defer func() { + // TODO: Implement update SubscriptionStatus using out if syncError == nil and Subscription has changed + }() + + // Update CatalogSource related CatalogSourceConditions + currentSources = len(refSet) + knownSources = len(sub.Status.CatalogStatus) + + // unhealthyUpdated is set to true when a change has been made to the condition of type SubscriptionCatalogSourcesUnhealthy + unhealthyUpdated := false + // TODO: Add flags for other condition types + + if currentSources > knownSources { + // Flip SubscriptionCatalogSourcesUnhealthy to "Unknown" + condition := out.Status.GetCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy) + condition.Status = corev1.ConditionUnknown + condition.Reason = "MissingCatalogInfo" + condition.Message = fmt.Sprintf("info on health of %d/%d catalogsources not yet known", currentSources - knownSources, currentSources) + condition.LastSync = timeNow() + out.Status.SetCondition(condition) + unhealthyUpdated = true + } + + // TODO: Add flags for other condition types to loop predicate + for i := 0; !unhealthyUpdated && i < knownSources; i++ { + status := sub.Status.CatalogSources + + if !unhealthyUpdated { + if status.CatalogSourceRef == nil { + // Flip SubscriptionCatalogSourcesUnhealthy to "Unknown" + condition := out.Status.GetCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy) + condition.Status = corev1.ConditionUnknown + condition.Reason = "CatalogInfoInvalid" + condition.Message = "info missing reference to catalogsource" + condition.LastSync = timeNow() + out.Status.SetCondition(condition) + unhealthyUpdated = true + break + } + + if _, ok := refSet[status.CatalogSourceRef]; !ok { + // Flip SubscriptionCatalogSourcesUnhealthy to "Unknown" + condition := out.Status.GetCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy) + condition.Status = corev1.ConditionUnknown + condition.Reason = "CatalogInfoInconsistent" + condition.Message = fmt.Sprintf("info found for non-existent catalogsource %s/%s", ref.Name, ref.Namespace) + condition.LastSync = timeNow() + out.Status.SetCondition(condition) + unhealthyUpdated = true + break + } + + if !status.CatalogSourceRef.Healthy { + // Flip SubscriptionCatalogSourcesUnhealthy to "True" + condition := out.Status.GetCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy) + condition.Status = corev1.ConditionTrue + condition.Reason = "CatalogSourcesUnhealthy" + condition.Message = "one or more visible catalogsources are unhealthy" + condition.LastSync = timeNow() + out.Status.SetCondition(condition) + unhealthyUpdated = true + break + } + } + + // TODO: Set any other conditions relating to the CatalogSource status + } + + if !unhealthyUpdated { + // Flip SubscriptionCatalogSourcesUnhealthy to "False" + condition := out.Status.GetCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy) + condition.Status = corev1.ConditionFalse + condition.Reason = "CatalogSourcesHealthy" + condition.Message = "all catalogsources are healthy" + condition.LastSync = timeNow() + out.Status.SetCondition(condition) + unhealthyUpdated = true + } +} + +// listResolvableCatalogSources returns a list of the CatalogSources that can be used in resolution for a Subscription in the given namespace. +func (o *Operator) listResolvableCatalogSources(namespace string) ([]v1alpha1.CatalogSource, error) { + // TODO: Implement this. Should be the union of CatalogSources in the given namespace and the global catalog namespace. +} +``` + +- Register new [QueueIndexer](https://github.com/operator-framework/operator-lifecycle-manager/blob/a88f5349eb80da2367b00a5191c0a7b50074f331/pkg/lib/queueinformer/queueindexer.go#L14)s with separate workqueues for handling `syncSubscriptionCatalogStatus` and `syncSubscriptionCatalogConditions` to the [catalog-operator](https://github.com/operator-framework/operator-lifecycle-manager/blob/22691a771a330fc05608a7ec1516d31a17a13ded/pkg/controller/operators/catalog/operator.go#L58). Use the same cache feeding other respective workqueues. + +```go +package catalog +// ... +type Operator struct { + // ... + subscriptionCatalogStatusIndexer *queueinformer.QueueIndexer + subscriptionStatusIndexer *queueinformer.QueueIndexer +} +// ... +func NewOperator(kubeconfigPath string, logger *logrus.Logger, wakeupInterval time.Duration, configmapRegistryImage, operatorNamespace string, watchedNamespaces ...string) (*Operator, error) { + // ... + // Register separate queue for syncing SubscriptionStatus from CatalogSource updates + subCatStatusQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "subCatStatus") + subCatQueueIndexer := queueinformer.NewQueueIndexer(subCatStatusQueue, op.catsrcIndexers, op.syncSubscriptionCatalogStatus, "subCatStatus", logger, metrics.NewMetricsNil()) + op.RegisterQueueIndexer(subCatQueueIndexer) + op.subscriptionCatalogStatusIndexer = subCatQueueIndexer + // ... + // Register separate queue for syncing SubscriptionStatus + subStatusQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "subStatus") + subQueueIndexer := queueinformer.NewQueueIndexer(csvStatusQueue, op.subIndexers, op.syncSubscriptionCatalogConditions, "subStatus", logger, metrics.NewMetricsNil()) + op.RegisterQueueIndexer(subQueueIndexer) + op.subscriptionStatusIndexer = subQueueIndexer + // ... +} +// ... +``` \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/contributors/design-proposals/user-defined-service-account.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/contributors/design-proposals/user-defined-service-account.md new file mode 100644 index 000000000..26f6991f6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/contributors/design-proposals/user-defined-service-account.md @@ -0,0 +1,71 @@ +## Requirement +Allow cluster administrator to specify a service account for an operator group so that all operator(s) associated with this operator group are deployed and run against the privileges granted to the service account. + +`APIService` and `CustomResourceDefinition` will always be created by `OLM` using the `cluster-admin` role. The service account(s) associated with operator group(s) should never be granted privileges to write these resources. + +If the specified service account does not have enough permission(s) for an operator that is being installed, useful and contextual information should be added to the status of the respective resource(s) so that it is easy for the administrator to troubleshoot and resolve the issue. + +## Scenarios: +* Administrator creates a new operator group and specifies a service account. All operator(s) associated with this operator group are installed and run against the privileges granted to the service account. + +* Administrator creates a new operator group and does not specify any service account. We will maintain backward compatibility. Same behavior as today. + +* Existing operator group(s) (no service account is specified): We will maintain backward compatibility, same behavior as today. + +* Administrator updates an existing operator group and specifies a service account. We can be permissive and allow the existing operator(s) to continue to run with their current privileges. When such an existing operator is going through an upgrade it should be reinstalled and run against the privileges granted to the service account like any new operator(s). + +* The service account changes - permission may be added or taken away. Or existing service account is swapped with a new one. + +* The administrator removes the service account from the operator group. + +* The administrator has an untrusted operator and wants to run it with much less privileges than what the service account in the operator group allows. + +## Scope +This feature will be implemented in phases. Phase 1 is scoped at: +* While creating permissions for an operator, use the service account specified in the operator group. This will ensure that the operator install will fail if it asks for a privilege not granted to the service account. +* The deployment of the operator(s) are carried out using the client bound to `cluster-admin` role granted to OLM. We are going to use a scoped client bound to the service account for deployment(s). + +The following are not in scope for phase 1: +* We currently use `rbac authorizer` in `OLM` to check permission status. We are not introducing any change to `permissionStatus` function in this phase. In the future we can look into removing `rbac authorizer` from `OLM`. An alternate and more maintainable solution could be to use `SelfSubjectAccessReview` with a client bound to the service account of the operator. + + +## Proposed Changes +As part of the first phase, we propose the following changes: +* During reconciliation of `OperatorGroup` resource(s), if a service account is specified then: + * Make sure the service account exists. + * Update the Status of `OperatorGroup` with a reference to the `ServiceAccount`. + +`OperatorGroupSpec` already has an attribute `ServiceAccount`. So the specification of `OperatorGroup` will not change. Also, we expect the `ServiceAccount` object to be in the same namespace as the `OperatorGroup`. + +Add a new field in `OperatorGroupStatus` to refer to the resolved service account. +```go +ServiceAccountRef *corev1.ObjectReference `json:"serviceAccountRef,omitempty"` +``` + +* Add ability to create a client that is bound to the bearer token of the service account specified in the operator group. + +* While creating `(Cluster)Role`, `(Cluster)RoleBinding` object(s) for an operator being installed, use the client crafted above so that it is confined to the privileges granted to the service account specified in the operator group. `installPlanTransitioner.ExecutePlan` function is responsible for creating these role(s). Here is how we get access to the `OperatorGroup`: +```go +func (o *Operator) ExecutePlan(plan *v1alpha1.InstallPlan) error { + ... + // The operator group must be in the same namespace as the Installplan. + // 1. List all OperatorGroup resource(s) in the same namespace as Installplan. + list, err := lister.OperatorsV1().OperatorGroupLister().OperatorGroups(plan.GetNamespace()).List(labels.Everything()) + + // Although we expect one OperatorGroup in a namespace, we should be defensive. + // 2. Filter the list: + if len(Status.Namespaces) == 0 { + // Remove from the list. + } + + // If the resulting list has more than one OperatorGroup treat it as an error condition. +} +``` + +* The `InstallPlan` status will reflect the error(s) encountered if `OLM` fails to create the roles. + +### How to build a client bound to a service account: +`InClusterConfig` attaches bearer token to to the`rest.Config` object returned. See https://github.com/kubernetes/client-go/blob/master/rest/config.go#L399. We can do the following to create a client that binds to a service account: +* Call `InClusterConfig` to create a `rest.Config` bound to the POD's `serviceaccount`. +* Use `AnonymousClientConfig` function to copy the `rest.Config` without the bearer token. https://github.com/kubernetes/client-go/blob/master/rest/config.go#L491 +* Set `BearerToken` from the secret associated with the service account. \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/access-control.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/access-control.md new file mode 100644 index 000000000..4ca8fcf9e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/access-control.md @@ -0,0 +1,46 @@ +# Access Control Philosophy + +The [architecture][arch] is designed around a number of CRDs that ensure that the main personas of your clusters, the cluster admins and end users, have the appropriate permissions to get their jobs done while maintaining a degree of access control. + +Using CRDs for this allows for default roles to be modeled using Kubernetes RBAC, which integrates into the wide variety of community tools like `kubectl` as well as the API server's audit log. + +## End Users + +End users are the engineers, operations and manager staff that utilize the cluster to run applications. OLM is designed to facilitate the installation and management of Operator instances in a self-service manner within a namespace. + +Running an Operator manually requires access to cluster-level permissions, which end users don't typically have. Here’s a typical list of tasks required: + +1. Create Service Account for Operator +1. Create minimal Role for the Operator +1. Create Role Binding for Role and Service Account +1. Create the Custom Resource Definition +1. Create Operator Deployment, referencing the Service Account +1. Create an instance of the custom resource within a namespace +1. Operator uses Service Account to create the app resources (Deployments, Pods, etc) + +In order to both ensure self-service _and_ minimal permissions, OLM generates these cluster-level resources on behalf of the end user, in a manner that is safe and auditable. Once an admin has installed/granted access to an Operator (see below), the end user only needs to: + +1. Create an instance of the custom resource within a namespace +1. Operator uses Service Account to create the app resources (Deployments, Pods, etc) + +As you can see, no cluster permissions are needed. + +## Cluster Admins + +Cluster admins have the ability to provide a selection of Operators for use on the cluster. These Operators are described in a Cluster Service Version (CSV) file which resides in a CatalogSource (along with the Operator's CRD and package manifests). The cluster admin can now select the teams and namespaces that can use this particular Operator, by creating a Subscription object, which will trigger the creation of an InstallPlan that points to a specific CatalogSource. Once the InstallPlan is approved, the OLM software is responsible for parsing the CatalogSource and performing the following: + +1. Create the Custom Resource Definition +1. Create Service Account for Operator +1. Create minimal Role or ClusterRole for the Operator +1. Create Role or ClusterRoleBinding for Role or ClusterRole and Service Account +1. Create Operator Deployment, referencing the Service Account + +Once a namespace is created, the end-users now have the ability to create instances of the Custom Resource in a self-service manner (see above). OLM also has the ability to control automatic updates of the Operators running in namespaces. See the [architecture][arch] for more details. + +## Invent Your Own Personas + +OLM uses standard Kubernetes RBAC so that admins can create customized personas in addition to the methods described above. For example, if you want to allow a larger group of namespace admins to subscribe to various Operators without being a cluster admin, they can be granted access to CRUD on Subscription objects. + +If you want your end-users to be able to install CSVs themselves, they can be granted access to CSVs and Subscriptions. This is typically done when you are producing Operators as part of your product or internal platform. + +[arch]: architecture.md diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/architecture.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/architecture.md new file mode 100644 index 000000000..59a718c52 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/architecture.md @@ -0,0 +1,137 @@ +# Architecture + +OLM is composed of two Operators: the OLM Operator and the Catalog Operator. + +Each of these Operators are responsible for managing the CRDs that are the basis for the OLM framework: + +| Resource | Short Name | Owner | Description | +|--------------------------|------------|---------|--------------------------------------------------------------------------------------------| +| ClusterServiceVersion | csv | OLM | application metadata: name, version, icon, required resources, installation, etc... | +| InstallPlan | ip | Catalog | calculated list of resources to be created in order to automatically install/upgrade a CSV | +| CatalogSource | catsrc | Catalog | a repository of CSVs, CRDs, and packages that define an application | +| Subscription | sub | Catalog | used to keep CSVs up to date by tracking a channel in a package | +| OperatorGroup | og | OLM | used to group multiple namespaces and prepare for use by an operator | + +Each of these Operators are also responsible for creating resources: + +| Operator | Creatable Resources | +|----------|----------------------------| +| OLM | Deployment | +| OLM | Service Account | +| OLM | (Cluster)Roles | +| OLM | (Cluster)RoleBindings | +| Catalog | Custom Resource Definition | +| Catalog | ClusterServiceVersion | + +## What is a ClusterServiceVersion + +ClusterServiceVersion combines metadata and runtime information about a service that allows OLM to manage it. + +ClusterServiceVersion: + +- Metadata (name, description, version, links, labels, icon, etc) +- Install strategy + - Type: Deployment + - Set of service accounts / required permissions + - Set of deployments + +- CRDs + - Type + - Owned - managed by this service + - Required - must exist in the cluster for this service to run + - Resources - a list of k8s resources that the Operator interacts with + - Descriptors - annotate CRD spec and status fields to provide semantic information + +## OLM Operator + +The OLM Operator is responsible for deploying applications defined by ClusterServiceVersion resources once the required resources specified in the ClusterServiceVersion are present in the cluster. +The OLM Operator is not concerned with the creation of the required resources; users can choose to manually create these resources using `kubectl` or users can choose to create these resources using the Catalog Operator. +This separation of concern enables users incremental buy-in in terms of how much of the OLM framework they choose to leverage for their application. + +While the OLM Operator is often configured to watch all namespaces, it can also be operated alongside other OLM Operators so long as they all manage separate namespaces. + +### ClusterServiceVersion Control Loop + +``` + +------------------------------------------------------+ + | | + | +--> Succeeded -+ + v | | +None --> Pending --> InstallReady --> Installing -| | + ^ +--> Failed <--+ + | | + +----------------------------------------------+ +\ / + +---------------------------------------------------------------+ + | + v +Replacing --> Deleting +``` + +| Phase | Description | +|------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| None | initial phase, once seen by the Operator, it is immediately transitioned to `Pending` | +| Pending | requirements in the CSV are not met, once they are this phase transitions to `Installing` | +| InstallReady | all requirements in the CSV are present, the Operator will begin executing the install strategy | +| Installing | the install strategy is being executed and resources are being created, but not all components are reporting as ready | +| Succeeded | the execution of the Install Strategy was successful; if requirements disappear, or an APIService cert needs to be rotated this may transition back to `Pending`; if an installed component dissapears this may transition to `Failed`| +| Failed | upon failed execution of the Install Strategy, or an installed component dissapears the CSV transitions to this phase; if the component can be recreated by OLM, this may transition to `Pending` | +| Replacing | a newer CSV that replaces this one has been discovered in the cluster. This status means the CSV is marked for GC | +| Deleting | the GC loop has determined this CSV is safe to delete from the cluster. It will disappear soon. | +> Note: In order to transition, a CSV must first be an active member of an OperatorGroup + +## Catalog Operator + +The Catalog Operator is responsible for resolving and installing ClusterServiceVersions and the required resources they specify. It is also responsible for watching catalog sources for updates to packages in channels, and upgrading them (optionally automatically) to the latest available versions. +A user that wishes to track a package in a channel creates a Subscription resource configuring the desired package, channel, and the catalog source from which to pull updates. When updates are found, an appropriate InstallPlan is written into the namespace on behalf of the user. +Users can also create an InstallPlan resource directly, containing the names of the desired ClusterServiceVersions and an approval strategy and the Catalog Operator will create an execution plan for the creation of all of the required resources. +Once approved, the Catalog Operator will create all of the resources in an InstallPlan; this should then independently satisfy the OLM Operator, which will proceed to install the ClusterServiceVersions. + +### InstallPlan Control Loop + +``` +None --> Planning +------>------->------> Installing --> Complete + | ^ + v | + +--> RequiresApproval --+ +``` + +| Phase | Description | +|------------------|------------------------------------------------------------------------------------------------| +| None | initial phase, once seen by the Operator, it is immediately transitioned to `Planning` | +| Planning | dependencies between resources are being resolved, to be stored in the InstallPlan `Status` | +| RequiresApproval | occurs when using manual approval, will not transition phase until `approved` field is true | +| Installing | resolved resources in the InstallPlan `Status` block are being created | +| Complete | all resolved resources in the `Status` block exist | + +### Subscription Control Loop + +``` +None --> UpgradeAvailable --> UpgradePending --> AtLatestKnown -+ + ^ | | + | v v + +----------<---------------<--------+---------<--------+ +``` + +| Phase | Description | +|------------------|---------------------------------------------------------------------------------------------------------------| +| None | initial phase, once seen by the Operator, it is immediately transitioned to `UpgradeAvailable` | +| UpgradeAvailable | catalog contains a CSV which replaces the `status.installedCSV`, but no `InstallPlan` has been created yet | +| UpgradePending | `InstallPlan` has been created (referenced in `status.installplan`) to install a new CSV | +| AtLatestKnown | `status.installedCSV` matches the latest available CSV in catalog | + +## Catalog (Registry) Design + +The Catalog Registry stores CSVs and CRDs for creation in a cluster, and stores metadata about packages and channels. + +A package manifest is an entry in the catalog registry that associates a package identity with sets of ClusterServiceVersions. Within a package, channels point to a particular CSV. Because CSVs explicitly reference the CSV that they replace, a package manifest provides the catalog Operator all of the information that is required to update a CSV to the latest version in a channel (stepping through each intermediate version). + +``` +Package {name} + | + +-- Channel {name} --> CSV {version} (--> CSV {version - 1} --> ...) + | + +-- Channel {name} --> CSV {version} + | + +-- Channel {name} --> CSV {version} +``` diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/building-your-csv.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/building-your-csv.md new file mode 100644 index 000000000..52448d511 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/building-your-csv.md @@ -0,0 +1,377 @@ +# Building a Cluster Service Version (CSV) for the Operator Framework + +This guide is intended to guide an Operator author to package a version of their Operator to run with the [Operator Lifecycle Manager](https://github.com/operator-framework/operator-lifecycle-manager). This will be a manual method that will walk through each section of the file, what it’s used for and how to populate it. + +## What is a Cluster Service Version (CSV)? + +A CSV is the metadata that accompanies your Operator container image. It can be used to populate user interfaces with info like your logo/description/version and it is also a source of technical information needed to run the Operator, like the RBAC rules it requires and which Custom Resources it manages or depends on. + +The Lifecycle Manager will parse this and do all of the hard work to wire up the correct Roles and Role Bindings, ensure that the Operator is started (or updated) within the desired namespace and check for various other requirements, all without the end users having to do anything. + +You can read about the [full architecture in more detail](architecture.md#what-is-a-clusterserviceversion). + +## CSV Metadata + +The object has the normal Kubernetes metadata. Since the CSV pertains to the specific version, the naming scheme is the name of the Operator + the semantic version number, eg `mongodboperator.v0.3`. + +The namespace is used when a CSV will remain private to a specific namespace. Only users of that namespace will be able to view or instantiate the Operator. If you plan on distributing your Operator to many namespaces or clusters, you may want to explore bundling it into a [Catalog](architecture.md#catalog-registry-design). + +The namespace listed in the CSV within a catalog is actually a placeholder, so it is common to simply list `placeholder`. Otherwise, loading a CSV directly into a namespace requires that namespace, of course. + +```yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: mongodboperator.v0.3 + namespace: placeholder +``` + +## Your Custom Resource Definitions +There are two types of CRDs that your Operator may use, ones that are “owned” by it and ones that it depends on, which are “required”. +### Owned CRDs + +The CRDs owned by your Operator are the most important part of your CSV. This establishes the link between your Operator and the required RBAC rules, dependency management and other under-the-hood Kubernetes concepts. + +It’s common for your Operator to use multiple CRDs to link together concepts, such as top-level database configuration in one object and a representation of replica sets in another. List out each one in the CSV file. + +**DisplayName**: A human readable version of your CRD name, eg. “MongoDB Standalone” + +**Description**: A short description of how this CRD is used by the Operator or a description of the functionality provided by the CRD. + +**Group**: The API group that this CRD belongs to, eg. database.example.com + +**Kind**: The machine readable name of your CRD + +**Name**: The full name of your CRD + +The next two sections require more explanation. + +**Resources**: +Your CRDs will own one or more types of Kubernetes objects. These are listed in the resources section to inform your end-users of the objects they might need to troubleshoot or how to connect to the application, such as the Service or Ingress rule that exposes a database. + +It’s recommended to only list out the objects that are important to a human, not an exhaustive list of everything you orchestrate. For example, ConfigMaps that store internal state that shouldn’t be modified by a user shouldn’t appear here. + +**SpecDescriptors, StatusDescriptors, and ActionDescriptors**: +These are a way to hint UIs with certain inputs or outputs of your Operator that are most important to an end user. If your CRD contains the name of a Secret or ConfigMap that the user must provide, you can specify that here. These items will be linked and highlighted in compatible UIs. + +There are three types of descriptors: + +***SpecDescriptors***: A reference to fields in the `spec` block of an object. + +***StatusDescriptors***: A reference to fields in the `status` block of an object. + +***ActionDescriptors***: A reference to actions that can be performed on an object. + +All Descriptors accept the following fields: + +**DisplayName**: A human readable name for the Spec, Status, or Action. + +**Description**: A short description of the Spec, Status, or Action and how it is used by the Operator. + +**Path**: A dot-delimited path of the field on the object that this descriptor describes. + +**X-Descriptors**: Used to determine which "capabilities" this descriptor has and which UI component to use. A canonical list of React UI X-Descriptors for OpenShift can be found [here](https://github.com/openshift/console/blob/master/frontend/public/components/operator-lifecycle-manager/descriptors/types.ts#L5-L26). + +More information on Descriptors can be found [here](https://github.com/openshift/console/tree/master/frontend/public/components/operator-lifecycle-manager/descriptors). + +Below is an example of a MongoDB “standalone” CRD that requires some user input in the form of a Secret and ConfigMap, and orchestrates Services, StatefulSets, Pods and ConfigMaps. + +```yaml + - displayName: MongoDB Standalone + group: mongodb.com + kind: MongoDbStandalone + name: mongodbstandalones.mongodb.com + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + - kind: ConfigMap + name: '' + version: v1 + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:Secret' + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + statusDescriptors: + - description: The status of each of the Pods for the MongoDB cluster. + displayName: Pod Status + path: pods + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + version: v1 + description: >- + MongoDB Deployment consisting of only one host. No replication of + data. +``` + +### Required CRDs + +Relying on other “required” CRDs is completely optional and only exists to reduce the scope of individual Operators and provide a way to compose multiple Operators together to solve an end-to-end use case. An example of this is an Operator that might set up an application and install an etcd cluster (from an etcd Operator) to use for distributed locking and a Postgres database (from a Postgres Operator) for data storage. + +The Lifecycle Manager will check against the available CRDs and Operators in the cluster to fulfill these requirements. If suitable versions are found, the Operators will be started within the desired namespace and a Service Account created for each Operator to create/watch/modify the Kubernetes resources required. + +**Name**: The full name of the CRD you require + +**Version**: The version of that object API + +**Kind**: The Kubernetes object kind + +**DisplayName**: A human readable version of the CRD + +**Description**: A summary of how the component fits in your larger architecture + +```yaml + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. +``` +## CRD Templates +Users of your Operator will need to be aware of which options are required vs optional. You can provide templates for each of your CRDs with a minimum set of configuration as an annotation named `alm-examples`. Compatible UIs will pre-enter this template for users to further customize. + +The annotation consists of a list of the `kind`, eg. the CRD name, and the corresponding `metadata` and `spec` of the Kubernetes object. Here’s a full example that provides templates for `EtcdCluster`, `EtcdBackup` and `EtcdRestore`: + +```yaml +metadata: + annotations: + alm-examples: >- + [{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}] + +``` + +## Your API Services +As with CRDs, there are two types of APIServices that your Operator may use, “owned” and "required". + +### Owned APIServices + +When a CSV owns an APIService, it is responsible for describing the deployment of the extension api-server that backs it and the group-version-kinds it provides. + +An APIService is uniquely identified by the group-version it provides and can be listed multiple times to denote the different kinds it is expected to provide. + +**DisplayName**: A human readable version of your APIService name, eg. “MongoDB Standalone” + +**Description**: A short description of how this APIService is used by the Operator or a description of the functionality provided by the APIService. + +**Group**: Group that the APIService provides, eg. database.example.com . + +**Version**: Version of the APIService, eg v1alpha1 + +**Kind**: A kind that the APIService is expected to provide. + +**DeploymentName**: +Name of the deployment defined by your CSV that corresponds to your APIService (required for owned APIServices). During the CSV pending phase, the OLM Operator will search your CSV's InstallStrategy for a deployment spec with a matching name, and if not found, will not transition the CSV to the install ready phase. + +**Resources**: +Your APIServices will own one or more types of Kubernetes objects. These are listed in the resources section to inform your end-users of the objects they might need to troubleshoot or how to connect to the application, such as the Service or Ingress rule that exposes a database. + +It’s recommended to only list out the objects that are important to a human, not an exhaustive list of everything you orchestrate. For example, ConfigMaps that store internal state that shouldn’t be modified by a user shouldn’t appear here. + +**SpecDescriptors, StatusDescriptors, and ActionDescriptors**: +Essentially the same as for owned CRDs. + +### APIService Resource Creation +The Lifecycle Manager is responsible for creating or replacing the Service and APIService resources for each unique owned APIService. +* Service pod selectors are copied from the CSV deployment matching the APIServiceDescription's DeploymentName. +* A new CA key/cert pair is generated for for each installation and the base64 encoded CA bundle is embedded in the respective APIService resource. + +### APIService Serving Certs +The Lifecycle Manager handles generating a serving key/cert pair whenever an owned APIService is being installed. The serving cert has a CN containing the host name of the generated Service resource and is signed by the private key of the CA bundle embedded in the corresponding APIService resource. The cert is stored as a type `kubernetes.io/tls` Secret in the deployment namespace and a Volume named "apiservice-cert" is automatically appended to the Volumes section of the deployment in the CSV matching the APIServiceDescription's `DeploymentName` field. If one does not already exist, a VolumeMount with a matching name is also appended to all containers of that deployment. This allows users to define a VolumeMount with the expected name to accommodate any custom path requirements. The generated VolumeMount's path defaults to `/apiserver.local.config/certificates` and any existing VolumeMounts with the same path are replaced. + +### Required APIServices + +The Lifecycle Manager will ensure all required CSVs have an APIService that is available and all expected group-version-kinds are discoverable before attempting installation. This allows a CSV to rely on specific kinds provided by APIServices it does not own. + +**DisplayName**: A human readable version of your APIService name, eg. “MongoDB Standalone” + +**Description**: A short description of how this APIService is used by the Operator or a description of the functionality provided by the APIService. + +**Group**: Group that the APIService provides, eg. database.example.com . + +**Version**: Version of the APIService, eg v1alpha1 + +**Kind**: A kind that the APIService is expected to provide. + +## Operator Metadata +The metadata section contains general metadata around the name, version and other info that aids users in discovery of your Operator. + +**DisplayName**: Human readable name that describes your Operator and the CRDs that it implements + +**Keywords**: A list of categories that your Operator falls into. Used for filtering within compatible UIs. + +**Provider**: The name of the publishing entity behind the Operator + +**Maturity**: Level of maturity the Operator has achieved at this version, eg. planning, pre-alpha, alpha, beta, stable, mature, inactive, or deprecated. + +**Version**: The semanic version of the Operator. This value should be incremented each time a new Operator image is published. + +**Icon**: a base64 encoded image of the Operator logo or the logo of the publisher. The `base64data` parameter contains the data and the `mediatype` specifies the type of image, eg. `image/png` or `image/svg`. + +**Links**: A list of relevant links for the Operator. Common links include documentation, how-to guides, blog posts, and the company homepage. + +**Maintainers**: A list of names and email addresses of the maintainers of the Operator code. This can be a list of individuals or a shared email alias, eg. support@example.com. + +**Description**: A markdown blob that describes the Operator. Important information to include: features, limitations and common use-cases for the Operator. If your Operator manages different types of installs, eg. standalone vs clustered, it is useful to give an overview of how each differs from each other, or which ones are supported for production use. + +**MinKubeVersion**: A minimum version of Kubernetes that server is supposed to have so operator(s) can be deployed. The Kubernetes version must be in "Major.Minor.Patch" format (e.g: 1.11.0). + +**Labels** (optional): Any key/value pairs used to organize and categorize this CSV object. + +**Selectors** (optional): A label selector to identify related resources. Set this to select on current labels applied to this CSV object (if applicable). + +**InstallModes**: A set of `InstallMode`s that tell OLM which `OperatorGroup`s an Operator can belong to. Belonging to an `OperatorGroup` means that OLM provides the set of targeted namespaces as an annotation on the Operator's CSV and any deployments defined therein. These deployments can then utilize [the Downward API](https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api) to inject the list of namespaces into their container(s). An `InstallMode` consists of an `InstallModeType` field and a boolean `Supported` field. There are four `InstallModeTypes`: +* `OwnNamespace`: If supported, the operator can be a member of an `OperatorGroup` that selects its own namespace +* `SingleNamespace`: If supported, the operator can be a member of an `OperatorGroup` that selects one namespace +* `MultiNamespace`: If supported, the operator can be a member of an `OperatorGroup` that selects more than one namespace +* `AllNamespaces`: If supported, the operator can be a member of an `OperatorGroup` that selects all namespaces (target namespace set is the empty string "") + +Here's an example: + +```keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + icon: + - base64data: + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true +``` + +## Operator Install +The install block is how the Lifecycle Manager will instantiate the Operator on the cluster. There are two subsections within install: one to describe the `deployment` that will be started within the desired namespace and one that describes the Role `permissions` required to successfully run the Operator. + +Ensure that the `serviceAccountName` used in the `deployment` spec matches one of the Roles described under `permissions`. + +Multiple Roles should be described to reduce the scope of any actions needed containers that the Operator may run on the cluster. For example, if you have a component that generates a TLS Secret upon start up, a Role that allows `create` but not `list` on Secrets is more secure than using a single all-powerful Service Account. + +Here’s a full example: + +```yaml + install: + spec: + deployments: + - name: example-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: example-operator + template: + metadata: + labels: + k8s-app: example-operator + spec: + containers: + image: 'quay.io/example/example-operator:v0.0.1' + imagePullPolicy: Always + name: example-operator + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + imagePullSecrets: + - name: '' + nodeSelector: + beta.kubernetes.io/os: linux + serviceAccountName: example-operator + permissions: + - serviceAccountName: example-operator + rules: + - apiGroups: + - '' + resources: + - configmaps + - secrets + - services + verbs: + - get + - list + - create + - update + - delete + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - mongodb.com + resources: + - '*' + verbs: + - '*' + - serviceAccountName: example-operator-list + rules: + - apiGroups: + - '' + resources: + - services + verbs: + - get + - list + strategy: deployment +``` + +## Full Examples + +Several [complete examples of CSV files](https://github.com/operator-framework/community-operators) are stored in Github. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/debugging.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/debugging.md new file mode 100644 index 000000000..628d3f844 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/debugging.md @@ -0,0 +1,123 @@ +# Debugging a ClusterServiceVersion + +We have a ClusterServiceVersion that is failing to report as available. + +```sh +$ kubectl -n ci-olm-pr-188-gc-csvs get clusterserviceversions etcdoperator.v0.8.1 -o yaml +... + lastTransitionTime: 2018-01-22T15:48:13Z + lastUpdateTime: 2018-01-22T15:51:09Z + message: | + installing: Waiting: waiting for deployment etcd-operator to become ready: Waiting for rollout to finish: 0 of 1 updated replicas are available... + phase: Installing + reason: InstallWaiting +... +``` + +The message tells us install can't complete because the etcd-operator deployment isn't available yet. Now we check on that deployment: + +```sh +$ kubectl -n ci-olm-pr-188-gc-csvs get deployments etcd-operator -o yaml +... +spec: + template: + metadata: + labels: + name: etcd-operator-olm-owned +... +status: + unavailableReplicas: 1 +... +``` + +We see that 1 of the replicas is unavailable, and the spec tells us the label query to use to find the failing pods: + +```sh +$ kubectl -n ci-olm-pr-188-gc-csvs get pods -l name=etcd-operator-olm-owned 1 ↵ +NAME READY STATUS RESTARTS AGE +etcd-operator-6c7c8ccb56-9scrz 2/3 CrashLoopBackOff 820 2d + +$ kubectl -n ci-olm-pr-188-gc-csvs get pods etcd-operator-6c7c8ccb56-9scrz -o yaml +... + containerStatuses: + - containerID: docker://aa7ee0902228247c32b9198be13fc826dfaf4901a70ee84f31582c284721a110 + image: quay.io/coreos/etcd-operator@sha256:b85754eaeed0a684642b0886034742234d288132dc6439b8132e9abd7a199de0 + imageID: docker-pullable://quay.io/coreos/etcd-operator@sha256:b85754eaeed0a684642b0886034742234d288132dc6439b8132e9abd7a199de0 + lastState: + terminated: + containerID: docker://aa7ee0902228247c32b9198be13fc826dfaf4901a70ee84f31582c284721a110 + exitCode: 1 + finishedAt: 2018-01-22T15:55:16Z + reason: Error + startedAt: 2018-01-22T15:55:16Z + name: etcd-backup-operator + ready: false + restartCount: 820 + state: + waiting: + message: Back-off 5m0s restarting failed container=etcd-backup-operator pod=etcd-operator-6c7c8ccb56-9scrz_ci-olm-pr-188-gc-csvs(3084f195-fd38-11e7-b3ea-0aae23d78648) + reason: CrashLoopBackOff +... +``` + +One of the pods in the deployment, `etcd-backup-operator` is crash looping for some reason. Now we check the logs of that container: + +```sh +$ kubectl -n ci-olm-pr-188-gc-csvs logs etcd-operator-6c7c8ccb56-9scrz etcd-backup-operator 1 ↵ +time="2018-01-22T15:55:16Z" level=info msg="Go Version: go1.9.2" +time="2018-01-22T15:55:16Z" level=info msg="Go OS/Arch: linux/amd64" +time="2018-01-22T15:55:16Z" level=info msg="etcd-backup-operator Version: 0.8.1" +time="2018-01-22T15:55:16Z" level=info msg="Git SHA: b97d9305" +time="2018-01-22T15:55:16Z" level=info msg="Event(v1.ObjectReference{Kind:"Endpoints", Namespace:"ci-olm-pr-188-gc-csvs", Name:"etcd-backup-operator", UID:"328b063e-fd38-11e7-b021-122952f9fac4", APIVersion:"v1", ResourceVersion:"11570590", FieldPath:""}): type: 'Normal' reason: 'LeaderElection' etcd-operator-6c7c8ccb56-9scrz became leader" +time="2018-01-22T15:55:16Z" level=info msg="starting backup controller" pkg=controller +time="2018-01-22T15:55:16Z" level=fatal msg="unknown StorageType: " +``` + +And we can see the reason for the error and take action to craft a new CSV that doesn't cause this error. + +# Debugging an InstallPlan + +The primary way an InstallPlan can fail is by not resolving the resources needed to install a CSV. + +```yaml +apiVersion: app.coreos.com/v1alpha1 +kind: InstallPlan +metadata: + namespace: ci-olm-pr-188-gc-csvs + name: olm-testing +spec: + clusterServiceVersionNames: + - etcdoperator123 + approval: Automatic +``` + +This installplan will fail because `etcdoperator123` is not in the catalog. We can see this in its status: + +```sh +$ kubectl get -n ci-olm-pr-188-gc-csvs installplans olm-testing -o yaml +apiVersion: app.coreos.com/v1alpha1 +kind: InstallPlan +metadata: + ... +spec: + approval: Automatic + clusterServiceVersionNames: + - etcdoperator123 +status: + catalogSources: + - rh-operators + conditions: + - lastTransitionTime: 2018-01-22T16:05:09Z + lastUpdateTime: 2018-01-22T16:06:59Z + message: 'not found: ClusterServiceVersion etcdoperator123' + reason: DependenciesConflict + status: "False" + type: Resolved + phase: Planning +``` + +Error messages like this will displayed for any other inconsistency in the catalog. They can be resolved by either updating the catalog or choosing clusterservices that resolve correctly. + +# Debugging ALM operators + +Both the ALM and Catalog operators have `-debug` flags available that display much more useful information when diagnosing a problem. If necessary, add this flag to their deployments and perform the action that is showing undersired behavior. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/dependency-resolution.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/dependency-resolution.md new file mode 100644 index 000000000..cd610cca2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/dependency-resolution.md @@ -0,0 +1,74 @@ +# Dependency Resolution and Upgrades + +OLM manages the dependency resolution and upgrade lifecycle of running operators. In many ways, thes problems OLM faces are similar to other OS package managers like `apt`/`dkpg` and `yum`/`rpm`. + +However, there is one constraint that similar systems don't generally have that OLM does: because operators are always running, OLM attempts to ensure that at no point in time are you left with a set of operators that do not work with each other. + +This means that OLM needs to never: + + - install a set of operators that require APIs that can't be provided + - update an operator in a way that breaks another that depends upon it + +The following examples motivate why OLM's dependency resolution and upgrade strategy works as it does, followed by a description of the current algorithm. + +# Example: Deprecate dependant API + +A and B are APIs (e.g. CRDs) + +* A's provider depends on B +* B’s provider has a Subscription +* B’s provider updates to provide C but deprecates B + +This results in: + +* B no longer has a provider +* A no longer works + +This is a case we prevent with OLM's upgrade strategy. + + +# Example: Version deadlock + +A and B are APIs + +* A's provider requires B +* B's provider requires A +* A's provider updates to (provide A2, require B2) and deprecate A +* B's provider updates to (provide B2, require A2) and deprecate B + +If we attempt to update A without simultaneously updating B, or vice-versa, we won't be able to progress to new versions of the operators, even though a new compatible set can be found. + +This is another case we prevent with OLM's upgrade strategy. + + +# Dependency resolution + +A Provider is an operator which "Owns" a CRD or APIService. + +This algorithm will result in a successful update of a generation (in which as many operators which can be updated have been): + +``` +Consider the set of operators defined by running operators in a namespace: + + For each subscription in the namespace: + if the subscription hasn't been checked before, find the latest CSV in the source/package/channel + provisionally add the operator to the generation + else + check for a replacement in the source/package/channel + + // Generation resolution + For each required API with no provider in gen: + search through prioritized sources to pick a provider + provisionally add any new operators found to the generation, this could also add to the required APIs without providers + + // Downgrade + if there are still required APIs that can't be satisfied by sources: + downgrade the operator(s) that require the APIs that can't be satisfied + + // Apply + for each new operator required, install it into the cluster. Any newly resolved operator will be given a subscription to the channel/package/source it was discovered in. +``` + +The operator expansion loop is bounded by the total number of provided apis across sources (because a generation may not have multiple providers) + +The downgrade loop will eventually stop, though it may contract back down to the original generation in the namespace. Downgrading an operator means it was in the previous generation. By definition, either its required apis are satisfied, or will be satisfied by the downgrade of another operator. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/developing.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/developing.md new file mode 100644 index 000000000..e69e36709 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/developing.md @@ -0,0 +1,80 @@ + # Setting up a namespaced OLM for development + + * Disable global olm/catalog if the cluster is only for testing + * spin `tectonic-alm-operator` down to 0 + * delete `alm-operator` and `catalog-operator` deployments from `tectonic-system` + * Make any config customizations by editing `example-values.yaml` + * Deploy a namespaced copy of OLM +```sh +./scripts/package_release.sh 1.0.0-custom custom-olm ./Documentation/install/example-values.yaml +kubectl create ns olm-testing +kubectl get secrets -n tectonic-system -o yaml coreos-pull-secret | sed 's/tectonic-system/olm-testing/g' | kubectl create -f - +kubectl apply -f ./custom-olm +``` + +* ALM config + * `namespace` - namespace to run in + * `watchedNamespaces` - namespaces to watch and operate on + * `catalog_namespace` - namespace that catalog resources are created in + * ALM annotates the namespaces it's configured to watch and ignores namespaces annotated with another ALM instance + * taking control of an existing namespace (i.e. if you've left the global olm running) may require manually editing namespace annotations + +* Catalog generation + * Files in `deploy/chart/catalog_resources/` get collected into a configmap + * on startup, catalog operator reads the configmap and writes out a CatalogSource pointing to it + * hack because x-operator can't write out CatalogSource + * short term: catalogsource -> configmap, no generation + * medium term: stored in a seperate repo + * longer term: something registry-like + +# Updating a Service and testing updates + +* Install the initial version + * Create an installplan with the initial version if it's already in the catalog + * Create a CSV with the initial version if it's not in the catalog + +* Create the new version + * Copy old CSV + * Edit fields to update version + * name references (i.e. etcdoperator.0.5.6) + * `replaces` field pointing to previous version + * edit deployments + * same name - gets patched + * different name - gets created/deleted + * use sha256 references + * update any descriptions + * update any references to CRDs that are required + * update any permissions needed +* Save new CSV and kubectl create it +* Watch olm operator logs and verify state you want has happened + + +# Updating a catalog entry + +* Once the CSV is verified as correct and updates work properly, add it to `catalog_resources` + * do not overwrite the old one +* Add any new CRDs to `deploy/chart/catalog_resources/` +* run `make update-catalog` to regen the catalog configmap +* either apply the new configmap on its own and restart the catalog or, easier, just run: + +```sh +./scripts/package_release.sh 1.0.0-custom custom-olm ./Documentation/install/example-values.yaml +kubectl apply -f ./custom-olm +``` + +* You can validate the update process by creating an `InstallPlan` with the previous version, letting it install, and then creating an `InstallPlan` with the updated version and verifying the update succeeds. + + +# Example InstallPlan + +```yaml +apiVersion: app.coreos.com/v1alpha1 +kind: InstallPlan +metadata: + namespace: default + name: olm-testing +spec: + clusterServiceVersionNames: + - etcdoperator.v0.7.2 + approval: Automatic +``` diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/operatorgroups.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/operatorgroups.md new file mode 100644 index 000000000..2d07e1062 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/operatorgroups.md @@ -0,0 +1,217 @@ +# Operator Multitenancy with OperatorGroups + +An `OperatorGroup` is an OLM resource that provides rudimentary multitenant configuration to OLM installed operators. + +## OperatorGroup Overview + +* An `OperatorGroup` selects a set of target namespaces in which to generate required RBAC access for its member operators. +* The set of target namespaces is provided via a comma-delimited string stored in the `olm.targetNamespaces` annotation. This annotation is applied to member operator's `ClusterServiceVersion` (CSV) instances and is projected into their deployments. It is accessible to operator containers using [The Downward API](https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api) +* An operator is said to be a [member of an `OperatorGroup`](#operatorgroup-membership) if its CSV exists in the same namespace as the `OperatorGroup` and its CSV's [`InstallModes` support the set of namespaces targeted by the `OperatorGroup`](#installmodes-and-supported-operatorgroups) +* In order to transition, a CSV must be an active member of an `OperatorGroup` that has no [provided API conflicts with intersecting `OperatorGroups`](#operatorgroup-intersection) + +## OperatorGroup Membership + +An operator defined by CSV `csv-a` is said to be a _member_ of `OperatorGroup` `op-a` in namespace `ns-a` if both of the following hold: +* `op-a` is the only `OperatorGroup` in `ns-a` +* `csv-a`'s `InstallMode`s support `op-a`'s target namespace set + +### TooManyOperatorGroups + +If there exists more than one `OperatorGroup` in a single namespace, any CSV created in that namespace will transition to a failure state with reason `TooManyOperatorGroups`. CSVs in a failed state for this reason will transition to pending once the number of `OperatorGroup`s in their namespaces reaches one. + +### InstallModes and Supported OperatorGroups + +An `InstallMode` consists of an `InstallModeType` field and a boolean `Supported` field. A CSV's spec can contain a set of `InstallModes` of four distinct `InstallModeTypes`: +* `OwnNamespace`: If supported, the operator can be a member of an `OperatorGroup` that selects its own namespace +* `SingleNamespace`: If supported, the operator can be a member of an `OperatorGroup` that selects one namespace +* `MultiNamespace`: If supported, the operator can be a member of an `OperatorGroup` that selects more than one namespace +* `AllNamespaces`: If supported, the operator can be a member of an `OperatorGroup` that selects all namespaces (target namespace set is the empty string "") + +> Note: If a CSV's spec omits an entry of `InstallModeType`, that type is considered unsupported unless support can be inferred by an existing entry that implicitly supports it. + +### UnsupportedOperatorGroup + +If a CSV's `InstallMode`s do not support the target namespace selection of the `OperatorGroup` in its namespace, the CSV will transition to a failure state with reason `UnsupportedOperatorGroup`. CSVs in a failed state for this reason will transition to pending once either the `OperatorGroups`'s target namespace selection changes to a supported configuration, or the CSV's `InstallMode`s are modified to support the `OperatorGroup`'s target namespace selection. + +## Target Namespace Selection + +Select the set of namespaces by specifying a label selector with the `spec.selector` field: + +```yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: my-group + namespace: my-namespace +spec: + selector: + cool.io/prod: "true" +``` + +or by explicitly naming target namespaces with the `spec.targetNamespaces` field: + +```yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: my-group + namespace: my-namespace +spec: + targetNamespaces: + - my-namespace + - my-other-namespace + - my-other-other-namespace +``` + +> Note: If both `spec.targetNamespaces` and `spec.selector` are defined, `spec.selector` is ignored. + +Additionally, a _global_ `OperatorGroup` (which selects all namespaces) is specified by omitting both `spec.selector` and `spec.targetNamespaces`: + +```yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: my-group + namespace: my-namespace +``` + +The resolved set of selected namespaces is surfaced in an `OperatorGroup`'s `status.namespaces` field. A global `OperatorGroup`'s `status.namespace` is of length 1 and contains the empty string, `""`, which signals a consuming operator that it should watch all namespaces. + +> Note: The consuming operator must know to treat `""` as an all namespace configuration. + +## OperatorGroup CSV Annotations + +Member CSVs of an `OperatorGroup` get the following annotations: +* `olm.operatorGroup=` + * Contains the name of the `OperatorGroup` +* `olm.operatorGroupNamespace=` + * Contains the namespace of the `OperatorGroup` +* `olm.targetNamespaces=` + * Contains a comma-delimited string listing the `OperatorGroup`'s target namespace selection. This annotation is projected onto the pod template of a CSV's deployments and can be consumed by a pod instance via [The Downward API](https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api) + +> Note: All annotations except `olm.targetNamespaces` are included with [copied CSVs](#copied-csvs). Omitting the `olm.targetNamespaces` annotation on copied CSVs prevents the names of target namespaces from being leaked between tenants. + +## Provided APIs Annotation + +Information about what `GroupVersionKinds`s (GVK) are provided by an `OperatorGroup` are surfaced in an `olm.providedAPIs` annotation. The annotation's value is a string consisting of a set of `..`s delimited with commas. The GVKs of CRDs and APIServices provided by all active member CSVs of an `OperatorGroup` are included. + +Here's an example of an `OperatorGroup` with a single active member CSV providing the PackageManifests resource: + +```yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + annotations: + olm.providedAPIs: PackageManifest.v1alpha1.packages.apps.redhat.com + name: olm-operators + namespace: local + ... +spec: + selector: {} + serviceAccount: + metadata: + creationTimestamp: null + targetNamespaces: + - local +status: + lastUpdated: 2019-02-19T16:18:28Z + namespaces: + - local +``` + +## RBAC + +When an `OperatorGroup` is created, 3 ClusterRoles each containing a single AggregationRule are generated: +* `-admin` + * ClusterRoleSelector set to match the `olm.opgroup.permissions/aggregate-to-admin: ` label + +* `-edit` + * ClusterRoleSelector set to match the `olm.opgroup.permissions/aggregate-to-edit: ` label + +* `-view` + * ClusterRoleSelector set to match the `olm.opgroup.permissions/aggregate-to-view: ` label + +When a CSV becomes an active member of an `OperatorGroup` and is not in a failed state with reason InterOperatorGroupOwnerConflict, the following RBAC resources are generated: +* For each provided API resource from a CRD: + * A `` ClusterRole is generated with the `*` verb on `` `` with aggregation labels `rbac.authorization.k8s.io/aggregate-to-admin: true` and `olm.opgroup.permissions/aggregate-to-admin: ` + * A `` ClusterRole is generated with the `create, update, patch, release` verbs on `` `` with aggregation labels `rbac.authorization.k8s.io/aggregate-to-edit: true` and `olm.opgroup.permissions/aggregate-to-edit: ` + * A `` ClusterRole is generated with the `get, list, watch` verbs on `` `` with aggregation labels `rbac.authorization.k8s.io/aggregate-to-view: true` and `olm.opgroup.permissions/aggregate-to-view: ` + * A `` ClusterRole is generated with the `get` verb on `apiextensions.k8s.io` `customresourcedefinitions` `` with aggregation labels `rbac.authorization.k8s.io/aggregate-to-view: true` and `olm.opgroup.permissions/aggregate-to-view: ` + +* For each provided API resource from an APIService: + * A `` ClusterRole is generated with the `*` verb on `` `` with aggregation labels `rbac.authorization.k8s.io/aggregate-to-admin: true` and `olm.opgroup.permissions/aggregate-to-admin: ` + * A `` ClusterRole is generated with the `create, update, patch, release` verbs on `` `` with aggregation labels `rbac.authorization.k8s.io/aggregate-to-edit: true` and `olm.opgroup.permissions/aggregate-to-edit: ` + * A `` ClusterRole is generated with the `get, list, watch` verbs on `` `` with aggregation labels `rbac.authorization.k8s.io/aggregate-to-view: true` and `olm.opgroup.permissions/aggregate-to-view: ` + +* If |target namespaces| == 1 and contains `*`: + * A ClusterRole and corresponding ClusterRoleBinding are generated for each permission defined in the CSV's permissions field. All resources generated are given the `olm.owner: ` and `olm.owner.namespace: ` labels +* Else for each target namespace: + * All Roles and RoleBindings in the operator namespace with the `olm.owner: ` and `olm.owner.namespace: ` labels are copied into the target namespace. + +## Copied CSVs + +OLM will create copies of all active member CSVs of an `OperatorGroup` in each of that `OperatorGroup`'s target namespaces. The purpose of a Copied CSV is to tell users of a target namespace that a specific operator is configured to watch resources created there. Copied CSVs have a status reason _Copied_ and are updated to match the status of their source CSV. The `olm.targetNamespaces` annotation is stripped from copied CSVs before they are created on the cluster. Omitting the target namespace selection avoids an unnecessary information leak. Copied CSVs are deleted when their source CSV no longer exists or the operator group their source CSV belongs to no longer targets the copied CSV's namespace. + +## Static OperatorGroups + +An `OperatorGroup` is _static_ if it's `spec.staticProvidedAPIs` field is set to __true__. As a result, OLM does not modify the OperatorGroups's `olm.providedAPIs` annotation, which means that it can be set in advance. This is useful when a user wishes to use an `OperatorGroup` to prevent [resource contention](#what-can-go-wrong?) in a set of namespaces, but does not have active member CSVs that provide the APIs for those resources. + +Here's an example of an `OperatorGroup` that "protects" prometheus resources in all namespaces with the `something.cool.io/cluster-monitoring: "true"` annotation: + +```yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: cluster-monitoring + namespace: cluster-monitoring + annotations: + olm.providedAPIs: Alertmanager.v1.monitoring.coreos.com,Prometheus.v1.monitoring.coreos.com,PrometheusRule.v1.monitoring.coreos.com,ServiceMonitor.v1.monitoring.coreos.com +spec: + staticProvidedAPIs: true + selector: + matchLabels: + something.cool.io/cluster-monitoring: "true" +``` + +## OperatorGroup Intersection + +### OperatorGroup Intersection Terminology + +* Two `OperatorGroup`s are said to be _intersecting_ if the intersection of their target namespace sets __is not the empty set__ +* Two `OperatorGroup`s are said to have _intersecting provided APIs_ if they are __intersecting__ and the intersection of their provided API sets (defined by `olm.providedAPIs` annotations) __is not the empty set__ + +### What Can Go Wrong? + +`OperatorGroup`s with _intersecting provided APIs_ can compete for the same resources in the set of intersecting namespaces. + +### Rules for Intersection + +Each time an active member CSV syncs, OLM queries the cluster for the set of _intersecting provided APIs_ between the CSV's `OperatorGroup` and all others. OLM then checks if that set __is the empty set__: +* If __true__ and the CSV's provided APIs __are a subset__ of the `OperatorGroup`'s: + * Continue transitioning +* If __true__ and the CSV's provided APIs __are not a subset__ of the `OperatorGroup`'s: + * If the `OperatorGroup` [__is static__](#static-operatorgroups): + * Clean up any deployments that belong to the CSV + * Transition the CSV to a failed state with status reason CannotModifyStaticOperatorGroupProvidedAPIs + * Else: + * Replace the `OperatorGroup`'s `olm.providedAPIs` annotation with the union of itself and the CSV's provided APIs +* If __false__ and the CSV's provided APIs __are not a subset__ of the `OperatorGroup`'s: + * Clean up any deployments that belong to the CSV + * Transition the CSV to a failed state with status reason InterOperatorGroupOwnerConflict +* If __false__ and the CSV's provided APIs __are a subset__ of the `OperatorGroup`'s: + * If the `OperatorGroup` [__is static__](#static-operatorgroups): + * Clean up any deployments that belong to the CSV + * Transition the CSV to a failed state with status reason CannotModifyStaticOperatorGroupProvidedAPIs + * Else: + * Replace the `OperatorGroup`'s `olm.providedAPIs` annotation with the difference between itself and the CSV's provided APIs + +> Note: Failure states caused by `OperatorGroup`s are non-terminal. + +> Note: When checking intersection rules, an `OperatorGroup`'s namespace is always included as part of its selected target namespaces. + +Each time an `OperatorGroup` syncs: +* The set of provided APIs from active member CSV's is calculated from the cluster (ignoring [copied CSVs](#copied-csvs)) +* The cluster set is compared to `olm.providedAPIs`: + * If `olm.providedAPIs` contains any extraneous provided APIs: + * `olm.providedAPIs` is pruned of any extraneous provided APIs (not provided on cluster) +* All CSVs that provide the same APIs across all namespaces (including those removed) are requeued. This notifies conflicting CSVs in intersecting groups that their conflict has possibly been resolved, either through resizing or through deletion of the conflicting CSV. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/philosophy.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/philosophy.md new file mode 100644 index 000000000..c4b7b8ea9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/philosophy.md @@ -0,0 +1,188 @@ +# Goals + +The goal of the Operator Lifecycle Manager and Cloud Service Catalog is to manage common aspects of open cloud services, including: + +**Lifecycle** + + * Managing the upgrades and lifecycle for operators (much as operators manage the upgrades and lifecycle for the resources they operate) + +**Discovery** + + * What operators exist on the cluster? What are the things they operate? What operators are available for installing into a cluster? + +**Packaging** + + * A standard way to distribute, install and upgrade an operator and its dependencies + +**Interaction** + + * By standardizing the other three, provide a standard way to interact with cloud services and user-defined open cloud services via both the CLI and the Tectonic Console + +# Design + +We achieve the desired goals by standardizing packaging and being opinionated about the way a user interacts with an operator. + +These are our requirements: + +**Namespacing** + + * An operator and the resources it operates *must* be restricted to one namespace. This is the only reasonable way to manage a multi-tenant cluster and enforce RBAC and chargeback on operator resources. + +**Custom Resources** + + * The primary way a user should interact with an operator must be via writing and reading Custom Resources + + * An operator should declare the CRDs it owns and manages, as well as those that it expects to exist (but be managed by other operators). + + * Configuration of operator behavior should be represented as fields on a CRD + +**Dependency Resolution** + + * Operators will only need to worry about packaging themselves and the resources they manage, not linking in the world in order to run. + + * Dynamic libraries, not fat binaries. As an example, the vault operator container should not also include the etcd operator container, but should rather take a dependency on Etcd that OLM will resolve. This is analogous to dynamic vs. static linking. + + * To achieve this, operators will need to define their dependencies. + +**Repeatable/Recoverable Deployment** + + * Resolving dependencies and installing a set of resources into the cluster should be repeatable. (think glide.lock) + + * It shouldn't matter if any critical software fails during the install process (recoverable). + +**Garbage Collection** + + * We should rely on kubernetes garbage collection where possible. + + * Deleting a top level ClusterService should remove all running resources related to it + + * Deleting a top level ClusterService should **not** remove any resources managed by another ClusterService (i.e. even if Etcd ClusterService is installed because it's a Vault dependency, we don't remove the Etcd ClusterService when Vault is deleted, only the EtcdClusters managed by any VaultService) + +**Labelling / Resource Discovery** + + * ClusterService resources should provide: + + * Labels, which will be propagated to sub-resources + + * Label selectors, which can be used to find related sub-resources + + * This labelling pattern is taken directly from the label and selector fields of Deployment + +# Implementation + +OLM defines packaging formats for operators. These are: + +## ClusterServiceVersion + + * Represents a particular version of the ClusterService and the operator managing it + + * References global named identity (e.g. "etcd") for the ClusterService + + * `apt-get install ruby` actually installs `mruby-2.3` + + * Has metadata about the package (maintainers, icon, etc) + + * Declares managed CRDs + + * These are the CRDs directly managed by the Operator. `EtcdCluster` is managed by the Etcd `ClusterServiceVersion` but not the Vault `ClusterServiceVersion` + + * Declares required CRDs + + * These are CRDs required by the Operator but not directly managed by it. `EtcdCluster` is required by the Vault `ClusterServiceVersion` but not managed by it. + + * Declares cluster requirements + + * An operator may require a pull secret, a config map, the availability of a cluster feature. + + * Provides an Install Strategy + + * The install strategy tells OLM how to actually create resources in the cluster. + + * Currently the only strategy is "deployment", but planned are: image, helm, and + + * Roughly equivalent to dpkg - you can install a dpkg manually, but if you do, dependency resolution is up to you. + +## InstallPlan + + * An install plan is a declaration by a user that they want a particular ClusterService in a namespace. (i.e. `apt-get install midori`) + + * The install plan gets "resolved" to a concrete set of resources + + * Much like apt reads the dependency information from dpkgs to come up with a set of things to install, OLM reads the dependency graph from ClusterServiceVersions to come up with a set of resources to install + + * The resolved set of resources is written back to the InstallPlan + + * Users can set these to auto-approve (apt-get install -y) or require manual review + + * The record of these resources is kept in cluster so that installs are repeatable/recoverable/inspectable, but can be cleaned up once completed if desired. + +## CatalogSource + + * A catalog source binds a name to a url where ClusterServices can be downloaded + + * The ClusterService cache is updated from this URL + +## Subscription + + * A subscription configures when and how to update a ClusterService + + * Binds a ClusterService to a channel in a CatalogSource + + * Configures the update strategy for a ClusterService (automatic, manual approval, etc) + +# Components + +We have two major components that handle the resources described above + + **OLM Operator** + + * Watches for ClusterServiceVersions in a namespace and checks that requirements are met. If so, runs the service install strategy for the ClusterServiceVersion (e.g: installs deployment) + + **Service Catalog Operator** + + * Has a cache of CRDs and ClusterServiceVersions, indexed by name + + * Watches for InstallPlans created by a user (unresolved) + + 1. Finds the ClusterServiceVersion matching the cluster service name requested, adds it as a resolved resource. + + 2. For each managed or required CRD, adds it as a resolved resource. + + 3. For each required CRD, finds the ClusterServiceVersion that manages it + + 4. Goto 1 + + * Watches for resolved InstallPlans and creates all of the discovered resources for it (if approved by a user or automatically) + + * Watches for CatalogSources / Subscriptions and creates InstallPlans based on them + +# FAQ + +**What if I want lifecycle/packaging/discovery for kubernetes, but don't want to write an operator?** + +If you don't want to write an operator, the thing you want to package probably fits one of the standard shapes of software that can be deployed on a cluster. You can take advantage of OLM by writing a package that binds your application to one of our standard operators, like [helm-app-operator-kit](https://github.com/coreos/helm-app-operator-kit). + +If your use-case doesn't fit one of our standard operators, that means you have domain-specific operational knowledge you need to encode into an operator, and you can take advantage of our Operator SDK for common operator tasks. + +**Why are dependencies between operators expressed as a dependency on a CRD?** + +This decouples the actual dependency from the operation of the dependency. For example, Vault requires an EtcdCluster, but we should be able to update the etcd operator out of step with the vault operator. + +**Who installs the CRDs that get managed by operators?** + +The CRD definitions are kept in the service catalog cache. During InstallPlan resolution, they are pulled from the cache and added as resources to be created in the installplan's status block. An operator writer only needs to write the name (name/group/version) of the CRD they depend on and it will exist in the cluster before the operator starts. + +(This ignores the publishing aspect of this, which is TBD) + +**How are updates handled?** + +An operator can be updated by updating the service catalog cache and running a new install plan. ClusterServiceVersions specify the version they replace, so that OLM knows to run both old and new simultaneously while resource ownership is transitioned. This is done with OwnerReferences in kubernetes. OLM garbage collects old versions of the operator. + +This requires operators being aware of owner references, and in particular the `controller` flag and gc policy options. + +Updates are discovered by either updating the service cache and running a new InstallPlan, or by configuring "subscriptions" for particular ClusterServices. + +**What if there are multiple operators that "own" or "manage" a CRD?** + +Initially, we require that there be only one owner package for a CRD in the service catalog cache. If there is a use case for multiple owners, the option will be surfaced on the InstallPlan, and a user will manually resolve the choice. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/release.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/release.md new file mode 100644 index 000000000..ef62769c5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/design/release.md @@ -0,0 +1,32 @@ +# Steps to create a new release + +1. Bump version in OLM_VERSION file. Make a PR and wait until it has been merged. + +1. Pull change from above and make new tag with matching version. Push tag directly to this repo. + +1. Confirm that new images have been built here: . + +1. Run `make release` on master branch (easiest if done with a clean working directory). Make a PR and ensure all tests pass for merging. + +## Changelog Generation + +Changelogs for OLM are generated using [GitHub Changelog Generator](https://github.com/github-changelog-generator/github-changelog-generator). + +If the gem command is available, one can install via `gem install github_changelog_generator`. Afterward installing it may be worth modifying the MAX_THREAD_NUMBER to something lower similar to what is done here: . Note that the referenced PR has been merged, but the number is still too high. Although 1 is a very low value, it does seem to work more reliably. (On Fedora, the install location for the gem is ~/.gem/ruby/gems/github_changelog_generator-1.14.3/lib/github_changelog_generator/octo_fetcher.rb.) + +Now the changelog can be generated: + +```bash +github_changelog_generator -u operator-framework -p operator-lifecycle-manager --since-tag= \ + --token= --future-release= --pr-label="**Other changes:**" +``` + +The resulting CHANGELOG.md file can be copied into a new release created via . Also, make sure to commit the new changes to CHANGELOG.md as well. + +## QuickStart + +Edit the GitHub Release and upload the files in `deploy/upstream/quickstart` as release artifacts. + +Then, add instructions to the GitHub release page to install referencing those manifests. + +See an [example here](https://github.com/operator-framework/operator-lifecycle-manager/releases/tag/0.10.0#Install). diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/install/install.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/install/install.md new file mode 100644 index 000000000..50585afec --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/install/install.md @@ -0,0 +1,116 @@ +# Installing OLM + +OLM deployment resources are templated so that they can be easily configured for different deployment environments. + +Check out the latest [releases on github](https://github.com/operator-framework/operator-lifecycle-manager/releases) for release-specific install instructions. + +## Manual installation + +Installing the CRDs first gives them a chance to register before installing the rest, which requires the CRDs exist. +```bash +kubectl create -f deploy/upstream/quickstart/crds.yaml +kubectl create -f deploy/upstream/quickstart/olm.yaml +``` + +## OpenShift + +OLM is installed by default in OpenShift 4.0 and above. + +## Run locally with minikube + +This command starts minikube, builds the OLM containers locally with the minikube-provided docker, and uses the local configuration in [local-values.yaml](local-values.yaml) to build localized deployment resources for OLM. + +``` +make run-local +``` + +You can verify that the OLM components have been successfully deployed by running `kubectl -n local get deployments` + +## Customizing OLM installation + +Deployments of OLM can be stamped out with different configurations by writing a `values.yaml` file and running commands to generate resources. + +Here's an example `values.yaml` + +```yaml +# sets the apiversion to use for rbac-resources. Change to `authorization.openshift.io` for openshift +rbacApiVersion: rbac.authorization.k8s.io +# namespace is the namespace the operators will _run_ +namespace: local +# watchedNamespaces is a comma-separated list of namespaces the operators will _watch_ for OLM resources. +# Omit to enable OLM in all namespaces +watchedNamespaces: local +# catalog_namespace is the namespace where the catalog operator will look for global catalogs. +# entries in global catalogs can be resolved in any watched namespace +catalog_namespace: local +# operator_namespace is the namespace where the operator runs +operator_namespace: local + +# OLM operator run configuration +olm: + # OLM operator doesn't do any leader election (yet), set to 1 + replicaCount: 1 + # The image to run. If not building a local image, use sha256 image references + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + # port for readiness/liveness probes + internalPort: 8080 + +# catalog operator run configuration +catalog: + # Catalog operator doesn't do any leader election (yet), set to 1 + replicaCount: 1 + # The image to run. If not building a local image, use sha256 image references + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + # port for readiness/liveness probes + internalPort: 8080 +``` + +To configure a release of OLM for installation in a cluster: + +1. Create a `my-values.yaml` like the example above with the desired configuration or choose an existing one from this repository. The latest production values can be found in [deploy/tectonic-alm-operator/values.yaml](../../deploy/tectonic-alm-operator/values.yaml). +1. Generate deployment files from the templates and the `my-values.yaml` using `package_release.sh` + + ```bash + # first arg must be a semver-compatible version string + # second arg is the output directory + # third arg is the values.yaml file + ./scripts/package_release.sh 1.0.0-myolm ./my-olm-deployment my-values.yaml + ``` + +1. Deploy to kubernetes: `kubectl apply -f ./my-olm-deployment/templates/` + +The above steps are automated for official releases with `make ver=0.3.0 release`, which will output new versions of manifests in `deploy/tectonic-alm-operator/manifests/$(ver)`. + +## Subscribe to a Package and Channel + +Cloud Services can be installed from the catalog by subscribing to a channel in the corresponding package. + +If using one of the `local` run options, this will subscribe to `etcd`, `vault`, and `prometheus` operators. Subscribing to a service that doesn't exist yet will install the operator and related CRDs in the namespace. + +```yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: etcd + namespace: local +spec: + channel: alpha + name: etcd + source: rh-operators +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: prometheus + namespace: local +spec: + channel: alpha + name: prometheus + source: rh-operators +``` diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/install/local-values.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/install/local-values.yaml new file mode 100644 index 000000000..1ca463bb7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Documentation/install/local-values.yaml @@ -0,0 +1,46 @@ +installType: upstream +rbacApiVersion: rbac.authorization.k8s.io +namespace: local +writeStatusName: '""' +catalog_namespace: local +operator_namespace: local-operators +debug: true + +olm: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 8080 + +catalog: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 8080 + +package: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 5443 + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: "NoSchedule" + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 120 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 120 + +catalog_sources: + - rh-operators diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/LICENSE b/vendor/github.com/operator-framework/operator-lifecycle-manager/LICENSE new file mode 100644 index 000000000..261eeb9e9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/Makefile b/vendor/github.com/operator-framework/operator-lifecycle-manager/Makefile new file mode 100644 index 000000000..8b4dfda31 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/Makefile @@ -0,0 +1,223 @@ +########################## +# OLM - Build and Test # +########################## + +SHELL := /bin/bash +PKG := github.com/operator-framework/operator-lifecycle-manager +MOD_FLAGS := $(shell (go version | grep -q -E "1\.(11|12)") && echo -mod=vendor) +CMDS := $(addprefix bin/, $(shell go list $(MOD_FLAGS) ./cmd/... | xargs -I{} basename {})) +CODEGEN_INTERNAL := ./vendor/k8s.io/code-generator/generate_internal_groups.sh +MOCKGEN := ./scripts/generate_mocks.sh +# counterfeiter := $(GOBIN)/counterfeiter +# mockgen := $(GOBIN)/mockgen +IMAGE_REPO := quay.io/operator-framework/olm +IMAGE_TAG ?= "dev" +KUBE_DEPS := api apiserver apimachinery apiextensions-apiserver kube-aggregator code-generator cli-runtime +KUBE_RELEASE := release-1.14 +SPECIFIC_UNIT_TEST := $(if $(TEST),-run $(TEST),) +export GO111MODULE=on + +.PHONY: build test run clean vendor schema-check \ + vendor-update coverage coverage-html e2e .FORCE + +all: test build + +test: clean cover.out + +unit: + go test $(MOD_FLAGS) $(SPECIFIC_UNIT_TEST) -v -race -tags=json1 -count=1 ./pkg/... + +schema-check: + +cover.out: schema-check + go test $(MOD_FLAGS) -v -race -tags=json1 -coverprofile=cover.out -covermode=atomic \ + -coverpkg ./pkg/controller/... ./pkg/... + +coverage: cover.out + go tool cover -func=cover.out + +coverage-html: cover.out + go tool cover -html=cover.out + +build: build_cmd=build +build: clean $(CMDS) + +# build versions of the binaries with coverage enabled +build-coverage: build_cmd=test -c -covermode=count -coverpkg ./pkg/controller/... +build-coverage: clean $(CMDS) + +build-linux: build_cmd=build +build-linux: arch_flags=GOOS=linux GOARCH=386 +build-linux: clean $(CMDS) + +$(CMDS): version_flags=-ldflags "-w -X $(PKG)/pkg/version.GitCommit=`git rev-parse --short HEAD` -X $(PKG)/pkg/version.OLMVersion=`cat OLM_VERSION`" +$(CMDS): + CGO_ENABLED=0 $(arch_flags) go $(build_cmd) $(MOD_FLAGS) $(version_flags) -o $@ $(PKG)/cmd/$(shell basename $@); + +run-local: build-linux + rm -rf build + . ./scripts/build_local.sh + mkdir -p build/resources + . ./scripts/package_release.sh 1.0.0 build/resources Documentation/install/local-values.yaml + . ./scripts/install_local.sh local build/resources + rm -rf build + +deploy-local: + mkdir -p build/resources + . ./scripts/package_release.sh 1.0.0 build/resources Documentation/install/local-values.yaml + . ./scripts/install_local.sh local build/resources + rm -rf build + +e2e.namespace: + @printf "e2e-tests-$(shell date +%s)-$$RANDOM" > e2e.namespace + +# useful if running e2e directly with `go test -tags=bare` +setup-bare: clean e2e.namespace + . ./scripts/build_bare.sh + . ./scripts/package_release.sh 1.0.0 test/e2e/resources test/e2e/e2e-bare-values.yaml + . ./scripts/install_bare.sh $(shell cat ./e2e.namespace) test/e2e/resources + +e2e: + go test -v -failfast -timeout 70m ./test/e2e/... -namespace=openshift-operators -kubeconfig=${KUBECONFIG} -olmNamespace=openshift-operator-lifecycle-manager + +e2e-local: build-linux + . ./scripts/build_local.sh + . ./scripts/run_e2e_local.sh $(TEST) + +e2e-bare: setup-bare + . ./scripts/run_e2e_bare.sh $(TEST) + +e2e-local-docker: + . ./scripts/build_local.sh + . ./scripts/run_e2e_docker.sh $(TEST) + +# kube dependencies all should be at the same release and should match up with client go +# go.mod currently doesn't support specifying a branch name to track, and kube isn't publishing good version tags +$(KUBE_DEPS): + go get -m k8s.io/kubernetes@v`echo $(KUBE_RELEASE) | cut -d "-" -f2` + go get -m k8s.io/$@@$(KUBE_RELEASE) + +vendor: $(KUBE_DEPS) + go mod tidy + go mod vendor + +container: + docker build -t $(IMAGE_REPO):$(IMAGE_TAG) . + +clean-e2e: + kubectl delete crds --all + kubectl delete apiservices.apiregistration.k8s.io v1.packages.operators.coreos.com || true + kubectl delete -f test/e2e/resources/0000_50_olm_00-namespace.yaml + +clean: + @rm -rf cover.out + @rm -rf bin + @rm -rf test/e2e/resources + @rm -rf test/e2e/test-resources + @rm -rf test/e2e/log + @rm -rf e2e.namespace + +CI := $(shell find . -iname "*.jsonnet") $(shell find . -iname "*.libsonnet") +$(CI): + jsonnet fmt -i -n 4 $@ + +gen-ci: $(CI) + ffctl gen + +# Must be run in gopath: https://github.com/kubernetes/kubernetes/issues/67566 +# use container-codegen +codegen: export GO111MODULE := off +codegen: + cp scripts/generate_internal_groups.sh vendor/k8s.io/code-generator/generate_internal_groups.sh + mkdir -p vendor/k8s.io/code-generator/hack + cp boilerplate.go.txt vendor/k8s.io/code-generator/hack/boilerplate.go.txt + go run vendor/k8s.io/kube-openapi/cmd/openapi-gen/openapi-gen.go --logtostderr -i ./vendor/k8s.io/apimachinery/pkg/runtime,./vendor/k8s.io/apimachinery/pkg/apis/meta/v1,./vendor/k8s.io/apimachinery/pkg/version,./pkg/package-server/apis/operators/v1,./pkg/package-server/apis/apps/v1alpha1,./pkg/api/apis/operators/v1alpha1,./pkg/lib/version -p $(PKG)/pkg/package-server/apis/openapi -O zz_generated.openapi -h boilerplate.go.txt -r /dev/null + $(CODEGEN_INTERNAL) deepcopy,conversion,client,lister,informer $(PKG)/pkg/api/client $(PKG)/pkg/api/apis $(PKG)/pkg/api/apis "operators:v1alpha1,v1" + $(CODEGEN_INTERNAL) all $(PKG)/pkg/package-server/client $(PKG)/pkg/package-server/apis $(PKG)/pkg/package-server/apis "operators:v1 apps:v1alpha1" + +container-codegen: + docker build -t olm:codegen -f codegen.Dockerfile . + docker run --name temp-codegen olm:codegen /bin/true + docker cp temp-codegen:/go/src/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/. ./pkg/api/client + docker cp temp-codegen:/go/src/github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/. ./pkg/api/apis + docker cp temp-codegen:/go/src/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/. ./pkg/package-server/apis + docker cp temp-codegen:/go/src/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/. ./pkg/package-server/client + docker rm temp-codegen + +container-mockgen: + docker build -t olm:mockgen -f mockgen.Dockerfile . --no-cache + docker run --name temp-mockgen olm:mockgen /bin/true + docker cp temp-mockgen:/operator-lifecycle-manager/pkg/api/wrappers/wrappersfakes/. ./pkg/api/wrappers/wrappersfakes + docker cp temp-mockgen:/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/. ./pkg/lib/operatorlister/operatorlisterfakes + docker cp temp-mockgen:/operator-lifecycle-manager/pkg/lib/operatorclient/operatorclientmocks/. ./pkg/lib/operatorclient/operatorclientmocks + docker cp temp-mockgen:/operator-lifecycle-manager/pkg/fakes/. ./pkg/fakes + docker cp temp-mockgen:/operator-lifecycle-manager/pkg/controller/registry/resolver/fakes/. ./pkg/controller/registry/resolver/fakes + docker cp temp-mockgen:/operator-lifecycle-manager/pkg/package-server/client/fakes/. ./pkg/package-server/client/fakes + docker rm temp-mockgen + +verify: verify-codegen verify-manifests + +# Must be run in gopath: https://github.com/kubernetes/kubernetes/issues/67566 +verify-codegen: codegen + git diff --exit-code + +# this is here for backwards compatibility with the ci job that calls verify-catalog +verify-catalog: + +# this is here for backwards compatibility with the ci job that calls verify-manifests +verify-manifests: + +verify-release: ver=$(shell cat OLM_VERSION) +verify-release: + rm -rf manifests + mkdir manifests + ./scripts/package_release.sh $(ver) manifests deploy/ocp/values.yaml + # requires gnu sed if on mac + find ./manifests -type f -exec sed -i "/^#/d" {} \; + find ./manifests -type f -exec sed -i "1{/---/d}" {} \; + git diff --exit-code + +mockgen: + $(MOCKGEN) + +gen-all: gen-ci container-codegen container-mockgen + +# before running release, bump the version in OLM_VERSION and push to master, +# then tag those builds in quay with the version in OLM_VERSION +release: ver=$(shell cat OLM_VERSION) +release: + docker pull quay.io/operator-framework/olm:$(ver) + $(MAKE) target=upstream ver=$(ver) quickstart=true package + $(MAKE) target=ocp ver=$(ver) package + rm -rf manifests + mkdir manifests + cp -R deploy/ocp/manifests/$(ver)/. manifests + # requires gnu sed if on mac + find ./manifests -type f -exec sed -i "/^#/d" {} \; + find ./manifests -type f -exec sed -i "1{/---/d}" {} \; + +package: olmref=$(shell docker inspect --format='{{index .RepoDigests 0}}' quay.io/operator-framework/olm:$(ver)) +package: +ifndef target + $(error target is undefined) +endif +ifndef ver + $(error ver is undefined) +endif + yq w -i deploy/$(target)/values.yaml olm.image.ref $(olmref) + yq w -i deploy/$(target)/values.yaml catalog.image.ref $(olmref) + yq w -i deploy/$(target)/values.yaml package.image.ref $(olmref) + ./scripts/package_release.sh $(ver) deploy/$(target)/manifests/$(ver) deploy/$(target)/values.yaml + ln -sfFn ./$(ver) deploy/$(target)/manifests/latest +ifeq ($(quickstart), true) + ./scripts/package_quickstart.sh deploy/$(target)/manifests/$(ver) deploy/$(target)/quickstart/olm.yaml deploy/$(target)/quickstart/crds.yaml deploy/$(target)/quickstart/install.sh +endif + +########################## +# OLM - Commands # +########################## + +.PHONY: run-console-local +run-console-local: + @echo Running script to run the OLM console locally: + . ./scripts/run_console_local.sh diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/OLM_VERSION b/vendor/github.com/operator-framework/operator-lifecycle-manager/OLM_VERSION new file mode 100644 index 000000000..571215736 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/OLM_VERSION @@ -0,0 +1 @@ +0.10.1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/OWNERS b/vendor/github.com/operator-framework/operator-lifecycle-manager/OWNERS new file mode 100644 index 000000000..159e0763a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/OWNERS @@ -0,0 +1,13 @@ + +# approval == this is a good idea /approve +approvers: + - ecordell + - alecmerdler + - njhale + - jpeeler +# review == this code is good /lgtm +reviewers: + - ecordell + - alecmerdler + - njhale + - jpeeler diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/README.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/README.md new file mode 100644 index 000000000..ef1e7c509 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/README.md @@ -0,0 +1,123 @@ +[![Docker Repository on Quay](https://quay.io/repository/coreos/alm/status?token=ccfd2fde-446d-4d82-88a8-4386f8deaab0 "Docker Repository on Quay")](https://quay.io/repository/coreos/alm) [![Docker Repository on Quay](https://quay.io/repository/coreos/catalog/status?token=b5fc43ed-9f5f-408b-961b-c8493e983da5 "Docker Repository on Quay")](https://quay.io/repository/coreos/catalog)[![pipeline status](https://gitlab.com/operator-framework/operator-framework_operator-lifecycle-manager/badges/master/pipeline.svg)](https://gitlab.com/operator-framework/operator-framework_operator-lifecycle-manager/pipelines) + +Operator Lifecycle Manager + +This project is a component of the [Operator Framework](https://github.com/operator-framework), an open source toolkit to manage Kubernetes native applications, called Operators, in an effective, automated, and scalable way. Read more in the [introduction blog post](https://coreos.com/blog/introducing-operator-framework). + +OLM extends Kubernetes to provide a declarative way to install, manage, and upgrade operators and their dependencies in a cluster. + +It also enforces some constraints on the components it manages in order to ensure a good user experience. + +This project enables users to do the following: + +* Define applications as a single Kubernetes resource that encapsulates requirements and metadata +* Install applications automatically with dependency resolution or manually with nothing but `kubectl` +* Upgrade applications automatically with different approval policies + +This project does not: + +* Replace [Helm](https://github.com/kubernetes/helm) +* Turn Kubernetes into a [PaaS](https://en.wikipedia.org/wiki/Platform_as_a_service) + +## Getting Started + +#### Installation + +Install OLM on a Kubernetes or OpenShift cluster by following the [installation guide]. + +For a complete end-to-end example of how OLM fits into the Operator Framework, see the [Operator Framework Getting Started Guide](https://github.com/operator-framework/getting-started). + +#### Kubernetes-native Applications + +An Operator is an application-specific controller that extends the Kubernetes API to create, configure, manage, and operate instances of complex applications on behalf of a user. + +OLM requires that applications be managed by an operator, but that doesn't mean that each application must write one from scratch. Depending on the level of control required you may: + +- Package up an existing set of resources for OLM with [helm-app-operator-kit](https://github.com/operator-framework/helm-app-operator-kit) without writing a single line of go. +- Use the [operator-sdk](https://github.com/operator-framework/operator-sdk) to quickly build an operator from scratch. + +The primary vehicle for describing operator requirements with OLM is a [`ClusterServiceVersion`](https://github.com/operator-framework/operator-lifecycle-manager/blob/master/Documentation/design/building-your-csv.md). Once you have an application packaged for OLM, you can deploy it with OLM by creating its `ClusterServiceVersion` in a namespace with a supporting [`OperatorGroup`](https://github.com/operator-framework/operator-lifecycle-manager/blob/master/Documentation/design/operatorgroups.md). + +ClusterServiceVersions can be collected into `CatalogSource`s which will allow automated installation and dependency resolution via an `InstallPlan`, and can be kept up-to-date with a `Subscription`. + +Learn more about the components used by OLM by reading about the [architecture] and [philosophy]. + +[architecture]: /Documentation/design/architecture.md +[philosophy]: /Documentation/design/philosophy.md +[installation guide]: /Documentation/install/install.md + + +# Key Concepts + +## CustomResourceDefinitions + +OLM standardizes interactions with operators by requiring that the interface to an operator be via the Kubernetes API. Because we expect users to define the interfaces to their applications, OLM currently uses CRDs to define the Kubernetes API interactions. + +Examples: [EtcdCluster CRD](https://github.com/operator-framework/community-operators/blob/master/community-operators/etcd/etcdcluster.crd.yaml), [EtcdBackup CRD](https://github.com/operator-framework/community-operators/blob/master/community-operators/etcd/etcdbackup.crd.yaml) + +## Descriptors + +OLM introduces the notion of “descriptors” of both `spec` and `status` fields in kubernetes API responses. Descriptors are intended to indicate various properties of a field in order to make decisions about their content. For example, this can drive connecting two operators together (e.g. connecting the connection string from a mysql instance to a consuming application) and be used to drive rich interactions in a UI. + +[See an example of a ClusterServiceVersion with descriptors](https://github.com/operator-framework/community-operators/blob/master/community-operators/etcd/etcdoperator.v0.9.2.clusterserviceversion.yaml) + +## Dependency Resolution + +To minimize the effort required to run an application on kubernetes, OLM handles dependency discovery and resolution of applications running on OLM. + +This is achieved through additional metadata on the application definition. Each operator must define: + + - The CRDs that it is responsible for managing. + - e.g., the etcd operator manages `EtcdCluster`. + - The CRDs that it depends on. + - e.g., the vault operator depends on `EtcdCluster`, because Vault is backed by etcd. + +Basic dependency resolution is then possible by finding, for each “required” CRD, the corresponding operator that manages it and installing it as well. Dependency resolution can be further constrained by the way a user interacts with catalogs. + +### Granularity + +Dependency resolution is driven through the `(Group, Version, Kind)` of CRDs. This means that no updates can occur to a given CRD (of a particular Group, Version, Kind) unless they are completely backward compatible. + +There is no way to express a dependency on a particular version of an operator (e.g. `etcd-operator v0.9.0`) or application instance (e.g. `etcd v3.2.1`). This encourages application authors to depend on the interface and not the implementation. + +## Discovery, Catalogs, and Automated Upgrades +OLM has the concept of catalogs, which are repositories of application definitions and CRDs. + +Catalogs contain a set of Packages, which map “channels” to a particular application definition. Channels allow package authors to write different upgrade paths for different users (e.g. alpha vs. stable). + +Example: [etcd package](https://github.com/operator-framework/community-operators/blob/master/community-operators/etcd/etcd.package.yaml) + +Users can subscribe to channels and have their operators automatically updated when new versions are released. + +Here's an example of a subscription: + +```yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: etcd + namespace: local +spec: + channel: alpha + name: etcd + source: rh-operators +``` + +This will keep the etcd `ClusterServiceVersion` up to date as new versions become available in the catalog. + +Catalogs are served internally over a grpc interface to OLM from [operator-registry](https://github.com/operator-framework/operator-registry) pods. + +### User Interface + +Use the OpenShift admin console (compatible with upstream Kubernetes) to interact with and visualize the resources managed by OLM. Create subscriptions, approve install plans, identify Operator-managed resources, and more. + +Ensure `kubectl` is pointing at a cluster and run: + +```shell +$ make run-console-local +``` + +Then visit `http://localhost:9000` to view the console. + +**Subscription detail view:** +![screenshot_20180628_165240](https://user-images.githubusercontent.com/11700385/42060125-c3cde42c-7af3-11e8-87ec-e5910a554902.png) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/base.Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/base.Dockerfile new file mode 100644 index 000000000..ac14e7139 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/base.Dockerfile @@ -0,0 +1,12 @@ +FROM golang:1.10 as builder +WORKDIR /go/src/github.com/operator-framework/operator-lifecycle-manager + +# SSH key to fetch operator-client dependency. should be base64 encoded +# "--build-arg sshkey=`cat ~/.ssh/robot_rsa | base64 -w0`" +ARG sshkey +RUN mkdir -p ~/.ssh +RUN apt-get install make git openssh-client gcc g++ + +RUN echo $sshkey | base64 -d > ~/.ssh/id_rsa \ + && chmod 400 ~/.ssh/id_rsa \ + && ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/bill-of-materials.json b/vendor/github.com/operator-framework/operator-lifecycle-manager/bill-of-materials.json new file mode 100644 index 000000000..9574c09fd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/bill-of-materials.json @@ -0,0 +1,388 @@ +[ + { + "project": "github.com/PuerkitoBio/purell", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9916666666666667 + } + ] + }, + { + "project": "github.com/PuerkitoBio/urlesc", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "github.com/coreos/go-semver/semver", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/davecgh/go-spew/spew", + "licenses": [ + { + "type": "ISC License", + "confidence": 0.9850746268656716 + } + ] + }, + { + "project": "github.com/emicklei/go-restful", + "licenses": [ + { + "type": "MIT License", + "confidence": 1 + } + ] + }, + { + "project": "github.com/ghodss/yaml", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.8357142857142857 + } + ] + }, + { + "project": "github.com/go-openapi/jsonpointer", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/go-openapi/jsonreference", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/go-openapi/spec", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + }, + { + "type": "The Unlicense", + "confidence": 0.3422459893048128 + } + ] + }, + { + "project": "github.com/go-openapi/swag", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/gogo/protobuf", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9090909090909091 + } + ] + }, + { + "project": "github.com/golang/glog", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 0.9966703662597114 + } + ] + }, + { + "project": "github.com/golang/groupcache/lru", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 0.9966703662597114 + } + ] + }, + { + "project": "github.com/golang/mock/gomock", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/golang/protobuf", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.92 + } + ] + }, + { + "project": "github.com/google/btree", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/google/gofuzz", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/googleapis/gnostic", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/gregjones/httpcache", + "licenses": [ + { + "type": "MIT License", + "confidence": 0.9891304347826086 + } + ] + }, + { + "project": "github.com/hashicorp/golang-lru", + "licenses": [ + { + "type": "Mozilla Public License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "github.com/howeyc/gopass", + "licenses": [ + { + "type": "ISC License", + "confidence": 0.9850746268656716 + } + ] + }, + { + "project": "github.com/imdario/mergo", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "github.com/json-iterator/go", + "licenses": [ + { + "type": "MIT License", + "confidence": 1 + } + ] + }, + { + "project": "github.com/juju/ratelimit", + "licenses": [ + { + "type": "GNU Lesser General Public License v3.0", + "confidence": 0.9409937888198758 + } + ] + }, + { + "project": "github.com/mailru/easyjson", + "licenses": [ + { + "type": "MIT License", + "confidence": 0.9891304347826086 + } + ] + }, + { + "project": "github.com/peterbourgon/diskv", + "licenses": [ + { + "type": "MIT License", + "confidence": 0.9891304347826086 + } + ] + }, + { + "project": "github.com/pkg/errors", + "licenses": [ + { + "type": "BSD 2-clause \"Simplified\" License", + "confidence": 1 + } + ] + }, + { + "project": "github.com/sirupsen/logrus", + "licenses": [ + { + "type": "MIT License", + "confidence": 1 + } + ] + }, + { + "project": "github.com/spf13/pflag", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "github.com/v2pro/plz", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "golang.org/x/crypto/ssh/terminal", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "golang.org/x/net", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "golang.org/x/oauth2", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "golang.org/x/sys/unix", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "golang.org/x/text", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9663865546218487 + } + ] + }, + { + "project": "gopkg.in/inf.v0", + "licenses": [ + { + "type": "BSD 3-clause \"New\" or \"Revised\" License", + "confidence": 0.9752066115702479 + } + ] + }, + { + "project": "gopkg.in/yaml.v2", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + }, + { + "type": "MIT License", + "confidence": 0.8975609756097561 + } + ] + }, + { + "project": "k8s.io/api", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "k8s.io/apiextensions-apiserver/pkg", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "k8s.io/apimachinery", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "k8s.io/client-go", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + }, + { + "project": "k8s.io/kube-openapi/pkg", + "licenses": [ + { + "type": "Apache License 2.0", + "confidence": 1 + } + ] + } +] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/boilerplate.go.txt b/vendor/github.com/operator-framework/operator-lifecycle-manager/boilerplate.go.txt new file mode 100644 index 000000000..dc48e7ab7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/boilerplate.go.txt @@ -0,0 +1,15 @@ +/* +Copyright YEAR Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/catalog/main.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/catalog/main.go new file mode 100644 index 000000000..24c9e01a7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/catalog/main.go @@ -0,0 +1,162 @@ +package main + +import ( + "context" + "flag" + "fmt" + "net/http" + "os" + "strings" + "time" + + configv1client "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus" + "github.com/prometheus/client_golang/prometheus/promhttp" + log "github.com/sirupsen/logrus" + v1 "k8s.io/api/core/v1" + utilclock "k8s.io/apimachinery/pkg/util/clock" + "k8s.io/client-go/tools/clientcmd" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/signals" + "github.com/operator-framework/operator-lifecycle-manager/pkg/metrics" + olmversion "github.com/operator-framework/operator-lifecycle-manager/pkg/version" +) + +const ( + defaultWakeupInterval = 15 * time.Minute + defaultCatalogNamespace = "openshift-operator-lifecycle-manager" + defaultConfigMapServerImage = "quay.io/operatorframework/configmap-operator-registry:latest" + defaultOperatorName = "" +) + +// config flags defined globally so that they appear on the test binary as well +var ( + kubeConfigPath = flag.String( + "kubeconfig", "", "absolute path to the kubeconfig file") + + wakeupInterval = flag.Duration( + "interval", defaultWakeupInterval, "wakeup interval") + + watchedNamespaces = flag.String( + "watchedNamespaces", "", "comma separated list of namespaces that catalog watches, leave empty to watch all namespaces") + + catalogNamespace = flag.String( + "namespace", defaultCatalogNamespace, "namespace where catalog will run and install catalog resources") + + configmapServerImage = flag.String( + "configmapServerImage", defaultConfigMapServerImage, "the image to use for serving the operator registry api for a configmap") + + writeStatusName = flag.String( + "writeStatusName", defaultOperatorName, "ClusterOperator name in which to write status, set to \"\" to disable.") + + debug = flag.Bool( + "debug", false, "use debug log level") + + version = flag.Bool("version", false, "displays olm version") + + tlsKeyPath = flag.String( + "tls-key", "", "Path to use for private key (requires tls-cert)") + + tlsCertPath = flag.String( + "tls-cert", "", "Path to use for certificate key (requires tls-key)") +) + +func init() { + metrics.RegisterCatalog() +} + +func main() { + // Get exit signal context + ctx, cancel := context.WithCancel(signals.Context()) + defer cancel() + + // Parse the command-line flags. + flag.Parse() + + // Check if version flag was set + if *version { + fmt.Print(olmversion.String()) + + // Exit early + os.Exit(0) + } + + // `namespaces` will always contain at least one entry: if `*watchedNamespaces` is + // the empty string, the resulting array will be `[]string{""}`. + namespaces := strings.Split(*watchedNamespaces, ",") + for _, ns := range namespaces { + if ns == v1.NamespaceAll { + namespaces = []string{v1.NamespaceAll} + break + } + } + + logger := log.New() + if *debug { + logger.SetLevel(log.DebugLevel) + } + logger.Infof("log level %s", logger.Level) + + var useTLS bool + if *tlsCertPath != "" && *tlsKeyPath == "" || *tlsCertPath == "" && *tlsKeyPath != "" { + logger.Warn("both --tls-key and --tls-crt must be provided for TLS to be enabled, falling back to non-https") + } else if *tlsCertPath == "" && *tlsKeyPath == "" { + logger.Info("TLS keys not set, using non-https for metrics") + } else { + logger.Info("TLS keys set, using https for metrics") + useTLS = true + } + + // Serve a health check. + healthMux := http.NewServeMux() + healthMux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + }) + go http.ListenAndServe(":8080", healthMux) + + metricsMux := http.NewServeMux() + metricsMux.Handle("/metrics", promhttp.Handler()) + if useTLS { + go func() { + err := http.ListenAndServeTLS(":8081", *tlsCertPath, *tlsKeyPath, metricsMux) + if err != nil { + logger.Errorf("Metrics (https) serving failed: %v", err) + } + }() + } else { + go func() { + err := http.ListenAndServe(":8081", metricsMux) + if err != nil { + logger.Errorf("Metrics (http) serving failed: %v", err) + } + }() + } + + // create a config client for operator status + config, err := clientcmd.BuildConfigFromFlags("", *kubeConfigPath) + if err != nil { + log.Fatalf("error configuring client: %s", err.Error()) + } + configClient, err := configv1client.NewForConfig(config) + if err != nil { + log.Fatalf("error configuring client: %s", err.Error()) + } + opClient := operatorclient.NewClientFromConfig(*kubeConfigPath, logger) + + // Create a new instance of the operator. + op, err := catalog.NewOperator(ctx, *kubeConfigPath, utilclock.RealClock{}, logger, *wakeupInterval, *configmapServerImage, *catalogNamespace, namespaces...) + if err != nil { + log.Panicf("error configuring operator: %s", err.Error()) + } + + op.Run(ctx) + <-op.Ready() + + if *writeStatusName != "" { + operatorstatus.MonitorClusterStatus(*writeStatusName, op.AtLevel(), op.Done(), opClient, configClient) + } + + <-op.Done() +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/catalog/main_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/catalog/main_test.go new file mode 100644 index 000000000..b9e6aaf83 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/catalog/main_test.go @@ -0,0 +1,10 @@ +package main + +import ( + "testing" +) + +// Test started when the test binary is started. Only calls main. +func TestCatalogMain(t *testing.T) { + main() +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/olm/main.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/olm/main.go new file mode 100644 index 000000000..0f7b31330 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/olm/main.go @@ -0,0 +1,191 @@ +package main + +import ( + "context" + "flag" + "fmt" + "net/http" + "os" + "strings" + "time" + + configv1client "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus" + "github.com/prometheus/client_golang/prometheus/promhttp" + log "github.com/sirupsen/logrus" + v1 "k8s.io/api/core/v1" + "k8s.io/client-go/tools/clientcmd" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/signals" + "github.com/operator-framework/operator-lifecycle-manager/pkg/metrics" + olmversion "github.com/operator-framework/operator-lifecycle-manager/pkg/version" +) + +const ( + defaultWakeupInterval = 5 * time.Minute + defaultOperatorName = "" + defaultPackageServerStatusName = "" +) + +// config flags defined globally so that they appear on the test binary as well +var ( + kubeConfigPath = flag.String( + "kubeconfig", "", "absolute path to the kubeconfig file") + + wakeupInterval = flag.Duration( + "interval", defaultWakeupInterval, "wake up interval") + + watchedNamespaces = flag.String( + "watchedNamespaces", "", "comma separated list of namespaces for olm operator to watch. "+ + "If not set, or set to the empty string (e.g. `-watchedNamespaces=\"\"`), "+ + "olm operator will watch all namespaces in the cluster.") + + writeStatusName = flag.String( + "writeStatusName", defaultOperatorName, "ClusterOperator name in which to write status, set to \"\" to disable.") + + writePackageServerStatusName = flag.String( + "writePackageServerStatusName", defaultPackageServerStatusName, "ClusterOperator name in which to write status for package API server, set to \"\" to disable.") + + debug = flag.Bool( + "debug", false, "use debug log level") + + version = flag.Bool("version", false, "displays olm version") + + tlsKeyPath = flag.String( + "tls-key", "", "Path to use for private key (requires tls-cert)") + + tlsCertPath = flag.String( + "tls-cert", "", "Path to use for certificate key (requires tls-key)") +) + +func init() { + metrics.RegisterOLM() +} + +// main function - entrypoint to OLM operator +func main() { + // Get exit signal context + ctx, cancel := context.WithCancel(signals.Context()) + defer cancel() + + // Parse the command-line flags. + flag.Parse() + + // Check if version flag was set + if *version { + fmt.Print(olmversion.String()) + + // Exit early + os.Exit(0) + } + + // `namespaces` will always contain at least one entry: if `*watchedNamespaces` is + // the empty string, the resulting array will be `[]string{""}`. + namespaces := strings.Split(*watchedNamespaces, ",") + for _, ns := range namespaces { + if ns == v1.NamespaceAll { + namespaces = []string{v1.NamespaceAll} + break + } + } + + // Set log level to debug if `debug` flag set + logger := log.New() + if *debug { + logger.SetLevel(log.DebugLevel) + } + logger.Infof("log level %s", logger.Level) + + var useTLS bool + if *tlsCertPath != "" && *tlsKeyPath == "" || *tlsCertPath == "" && *tlsKeyPath != "" { + logger.Warn("both --tls-key and --tls-crt must be provided for TLS to be enabled, falling back to non-https") + } else if *tlsCertPath == "" && *tlsKeyPath == "" { + logger.Info("TLS keys not set, using non-https for metrics") + } else { + logger.Info("TLS keys set, using https for metrics") + useTLS = true + } + + // Serve a health check. + healthMux := http.NewServeMux() + healthMux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + }) + go func() { + err := http.ListenAndServe(":8080", healthMux) + if err != nil { + logger.Errorf("Health serving failed: %v", err) + } + }() + + metricsMux := http.NewServeMux() + metricsMux.Handle("/metrics", promhttp.Handler()) + if useTLS { + go func() { + err := http.ListenAndServeTLS(":8081", *tlsCertPath, *tlsKeyPath, metricsMux) + if err != nil { + logger.Errorf("Metrics (https) serving failed: %v", err) + } + }() + } else { + go func() { + err := http.ListenAndServe(":8081", metricsMux) + if err != nil { + logger.Errorf("Metrics (http) serving failed: %v", err) + } + }() + } + + // create a config client for operator status + config, err := clientcmd.BuildConfigFromFlags("", *kubeConfigPath) + if err != nil { + log.Fatalf("error configuring client: %s", err.Error()) + } + configClient, err := configv1client.NewForConfig(config) + if err != nil { + log.Fatalf("error configuring client: %s", err.Error()) + } + opClient := operatorclient.NewClientFromConfig(*kubeConfigPath, logger) + crClient, err := client.NewClient(*kubeConfigPath) + if err != nil { + log.Fatalf("error configuring client: %s", err.Error()) + } + + // Create a new instance of the operator. + op, err := olm.NewOperator( + ctx, + olm.WithLogger(logger), + olm.WithWatchedNamespaces(namespaces...), + olm.WithResyncPeriod(*wakeupInterval), + olm.WithExternalClient(crClient), + olm.WithOperatorClient(opClient), + ) + if err != nil { + log.Fatalf("error configuring operator: %s", err.Error()) + } + + op.Run(ctx) + <-op.Ready() + + if *writeStatusName != "" { + operatorstatus.MonitorClusterStatus(*writeStatusName, op.AtLevel(), ctx.Done(), opClient, configClient) + } + + if *writePackageServerStatusName != "" { + logger.Info("Initializing cluster operator monitor for package server") + + names := *writePackageServerStatusName + discovery := opClient.KubernetesInterface().Discovery() + monitor, sender := operatorstatus.NewMonitor(names, logger, discovery, configClient) + + handler := operatorstatus.NewCSVWatchNotificationHandler(logger, op.GetCSVSetGenerator(), op.GetReplaceFinder(), sender) + op.RegisterCSVWatchNotification(handler) + + go monitor.Run(op.Done()) + } + + <-op.Done() +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/olm/main_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/olm/main_test.go new file mode 100644 index 000000000..b37e16c75 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/olm/main_test.go @@ -0,0 +1,10 @@ +package main + +import ( + "testing" +) + +// Test started when the test binary is started. Only calls main. +func TestALMMain(t *testing.T) { + main() +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/apiserver.local.config/certificates/apiserver.crt b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/apiserver.local.config/certificates/apiserver.crt new file mode 100644 index 000000000..878fa6ae1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/apiserver.local.config/certificates/apiserver.crt @@ -0,0 +1,37 @@ +-----BEGIN CERTIFICATE----- +MIIDGDCCAgCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQDDBdsb2Nh +bGhvc3QtY2FAMTU1MjQyMzAyMDAeFw0xOTAzMTIyMDM3MDFaFw0yMDAzMTEyMDM3 +MDFaMB8xHTAbBgNVBAMMFGxvY2FsaG9zdEAxNTUyNDIzMDIxMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubkXRqN2xYxJiVhMjHnOtPCkU44QcLosVpIj +tbUgzjJt0BDv/XNCMhbpD3dfKjMKZiKXt1dKDK2Tl52AceWqipVQlCf7kiX+CjuO +gTAIEbVC7FWdu/sDI8BWbhs5knT+8Y7a5uGVexclZifvcbASuVtedLH47XI25Ak4 +s103Usy5Z2WXOLd79w/tsAr1kvQzveIdbn+upMu4to2wmfXhiLaU2qMhGoz+2hzm +z+SXkB7uCgFbGuLIUj99/faSZ3CAH6EwPIerAKtY+1hdVmsjqpIrSs4jD7YyfmVN +3+/MLTSMyHrghHYKt/SiRdCuVrbMhCylU8NFry+iuBIsOA202QIDAQABo1wwWjAO +BgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIw +ADAlBgNVHREEHjAcgglsb2NhbGhvc3SCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG +9w0BAQsFAAOCAQEAacr9G8nNsHQpLCW+0meGmDz9deTfLYldFCbCjsPiUDWs9tUn +O+04ykac2tEqZt2Ovkp6gntRPBCOKpgwHYvo0CJtCaL4yh6wYMvlbjHmHR/y+Ioy +HymMmaQ06iVIhb2KoKFJvFtFUVNg6QE9w7dm9/C73eHcv3JhqYhGw3qBfUI6lmIc +lWGj6WGVNfslofTYMkshbRGNZ3gFGkvcQvPOhKb/K4A3X9ZTGy9XyydVAOpdk/5n +FBD4gOJJVSq2jJ5SOTJd5Z/YrY2tbCfZeuuPuxBK4XG3hnLN2fk9URwfCDc9EUQg +aYagxskTB6jaDkFD5lfXxEc3W+/mP62i7mH/fQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC4jCCAcqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQDDBdsb2Nh +bGhvc3QtY2FAMTU1MjQyMzAyMDAeFw0xOTAzMTIyMDM3MDBaFw0yMDAzMTEyMDM3 +MDBaMCIxIDAeBgNVBAMMF2xvY2FsaG9zdC1jYUAxNTUyNDIzMDIwMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQb0E1iZ/R1J8bdzDP/EFx73JpU6fw6T +aTY9QTWWgt4EcamLpJK5Z+dOLhj/i6rQbe/vKpI6BbBo+S6MuBemyUbc4VpoTde6 +Hn26uWSlkQA72GLHYWvD+ahdRpLxOFddog9xcfEoYN/rlpwMp030y6clQhrb4WML +x1uQzqyOvzRHAN4NqxmLXbepTyWqiM3tLe2f4mPfcg/vhwQ5TSqR/Rm3FPh3rDdA +zvk9bGkvyX8iAUoLw/0aHe2dzTfnvBvkTJFEaLq61FLQ/zfMVRhPI2Fwljxq+jSq +FoYju/vr1sWxKc+AFxDdAZdRey2Afi1bVf8JHiDU8FSe9UcfqBUoyQIDAQABoyMw +ITAOBgNVHQ8BAf8EBAMCAqQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsF +AAOCAQEAmrIS4kJNVjKj4vSj0lNWzOjk31CI26rKwPo+cFhvnPh+eg6wI+3I/gLC +yf9X5KIPaNS5MGzNEmpr7Ml7IviqUn8rSoVryoQwKtqnMhsGr3/Y/Rrd27OIYEW+ +6/phRyI2rM8Vzo0RVdqcQT+6qvknbZ4fr/3Or3YbjycyfqNeL0SzXff+c8s9skDw +r9OV5uMvmVJv3VNBhAEX83I4zJsfrH9XtAmz255aw24vBGMUHYEdH15K/IBxh4LZ +Y5AXZhVazjlzwWwnUpu8k88vesCUay8c4VtXfXHQTk/oS/ZDn7eQ7hTvzqYfEH2k +znJYRthnuUZo6M/rtMWzXK6QuunRtg== +-----END CERTIFICATE----- diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/apiserver.local.config/certificates/apiserver.key b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/apiserver.local.config/certificates/apiserver.key new file mode 100644 index 000000000..783945ec5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/apiserver.local.config/certificates/apiserver.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAubkXRqN2xYxJiVhMjHnOtPCkU44QcLosVpIjtbUgzjJt0BDv +/XNCMhbpD3dfKjMKZiKXt1dKDK2Tl52AceWqipVQlCf7kiX+CjuOgTAIEbVC7FWd +u/sDI8BWbhs5knT+8Y7a5uGVexclZifvcbASuVtedLH47XI25Ak4s103Usy5Z2WX +OLd79w/tsAr1kvQzveIdbn+upMu4to2wmfXhiLaU2qMhGoz+2hzmz+SXkB7uCgFb +GuLIUj99/faSZ3CAH6EwPIerAKtY+1hdVmsjqpIrSs4jD7YyfmVN3+/MLTSMyHrg +hHYKt/SiRdCuVrbMhCylU8NFry+iuBIsOA202QIDAQABAoIBAEqc4o39c+TvdEea +Ur6I3RNyLgJna5FuKgvpkDEbAH/2YImblF7VZD2tWJpfEbtpX/8iXKNKjTREs6vQ +md6oLviX/hRXb8kKPGIuBRU/j65VjPpXdxQjRuKhDdgUVe/R0u6GvsjMzfnylZLR +7m9VFmCjJXJqYaA7J3Q7hC0DAQvhBiWk0lZHR7cjGeG37fIT2yzH7gf8M4VeYjCn +asatNUuAOORVfGudtKLCgFk/bmO1Nb5UwCYcz4OXVEpDBWrcg1SsvYwKxyUDxO8a +8A7TAWWEXjWK+sPmaJkUzRfnd/1chvlzcaawXfgfXRHcAaLWRaBu4fdYS7fwMYy6 ++/0Pa5ECgYEA0GCkaAl7qicfHTY6xTkBvJwkXu/rDIfzJCRVtdlXOhPmJ+F3+0Rj +0d+O6LMNSyJpYdOYeWOJbjHMJ92XIRJVxqF+K2O6dToEMTG2XbqMm2gtyn16BoTt +ngzcWqeo+zqwvHxLcM6L/tjivnbsI7mVDpdcBJZwVd6VwrR2NgRh0tUCgYEA5CsF +rJUlOR3JJ1CUTrT1G4smBES00lL3QFlhkiF4zWOW6NwhswZlYPkzqe6tgxmtGAuQ +mJINMcqWUkU18BWLh8RRTH+oKcUbmZkTqP9k/bqe6foIm8UyxVsSF80S4tRtMcWm +87Nd2h+FbYY2MP9RFscdDDd5FHf+weSCbnn0s/UCgYEAz05WQeqtTSp+meFJtsxw +HeR5irnFbkIScvJzEueXEACcCTEW3LO9Wx6+XmND5mvly51nI90S7L4+Das2n4BO +Nb6UdzZQWi/N2+NJOxZMrI+Ifts2eyXkAElrMAV85/QLwHkn1KKoRHIhortNUn1e +/ZU3xpikScmX1I0UzciuScECgYAbWrEOdL8GrvR7uyRcn0M3byI6psYK5RlxZIXX +EB48eXERL7r2jJDA5H92IwA4VG61EEXglLnyOzh0WonR47NbroSUqEVP5KqfaoO5 +4gyIgsQkhu5bRnQExxtPMS3Pdeo1al3On7Vjvh2v+MQscZ+WHH72BPyGILCxLCUa ++5IDtQKBgGE1Wl2dmdAyedzCX93oOjnVQ2xdH4s+4k7yHBYEt9AIzbuZCSZLMsf+ +hDoU/TokDRXkrHnRvZvhpljgjRJULktnmZxRWW8e/YXrp+gTvSq7/bZCob8Dgs80 +w21YuIgo6sXV2uvqGUbZ3YvJQU0GnoFB/GztGlmuVyU0jpsJKq5P +-----END RSA PRIVATE KEY----- diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/main.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/main.go new file mode 100644 index 000000000..95595ada4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/main.go @@ -0,0 +1,61 @@ +package main + +import ( + "flag" + "os" + "time" + + log "github.com/sirupsen/logrus" + "github.com/spf13/cobra" + "k8s.io/apiserver/pkg/util/logs" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/signals" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/server" +) + +const ( + defaultWakeupInterval = 5 * time.Minute +) + +// config flags defined globally so that they appear on the test binary as well +var ( + ctx = signals.Context() + options = server.NewPackageServerOptions(os.Stdout, os.Stderr) + cmd = &cobra.Command{ + Short: "Launch a package-server", + Long: "Launch a package-server", + RunE: func(c *cobra.Command, args []string) error { + if err := options.Run(ctx); err != nil { + return err + } + return nil + }, + } +) + +func init() { + flags := cmd.Flags() + + flags.DurationVar(&options.WakeupInterval, "interval", options.WakeupInterval, "Interval at which to re-sync CatalogSources") + flags.StringVar(&options.GlobalNamespace, "global-namespace", options.GlobalNamespace, "Name of the namespace where the global CatalogSources are located") + flags.StringSliceVar(&options.WatchedNamespaces, "watched-namespaces", options.WatchedNamespaces, "List of namespaces the package-server will watch watch for CatalogSources") + flags.StringVar(&options.Kubeconfig, "kubeconfig", options.Kubeconfig, "The path to the kubeconfig used to connect to the Kubernetes API server and the Kubelets (defaults to in-cluster config)") + flags.BoolVar(&options.Debug, "debug", options.Debug, "use debug log level") + + options.SecureServing.AddFlags(flags) + options.Authentication.AddFlags(flags) + options.Authorization.AddFlags(flags) + options.Features.AddFlags(flags) + + flags.AddGoFlagSet(flag.CommandLine) + flags.Parse(flag.Args()) +} + +func main() { + logs.InitLogs() + defer logs.FlushLogs() + + if err := cmd.Execute(); err != nil { + log.Fatal(err) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/main_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/main_test.go new file mode 100644 index 000000000..e63fc9211 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/cmd/package-server/main_test.go @@ -0,0 +1,10 @@ +package main + +import ( + "testing" +) + +// Test started when the test binary is started. Only calls main. +func TestPackageServerMain(t *testing.T) { + main() +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/code-of-conduct.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/code-of-conduct.md new file mode 100644 index 000000000..af9e9a79b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/code-of-conduct.md @@ -0,0 +1,61 @@ +## CoreOS Community Code of Conduct + +### Contributor Code of Conduct + +As contributors and maintainers of this project, and in the interest of +fostering an open and welcoming community, we pledge to respect all people who +contribute through reporting issues, posting feature requests, updating +documentation, submitting pull requests or patches, and other activities. + +We are committed to making participation in this project a harassment-free +experience for everyone, regardless of level of experience, gender, gender +identity and expression, sexual orientation, disability, personal appearance, +body size, race, ethnicity, age, religion, or nationality. + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery +* Personal attacks +* Trolling or insulting/derogatory comments +* Public or private harassment +* Publishing others' private information, such as physical or electronic addresses, without explicit permission +* Other unethical or unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct. By adopting this Code of Conduct, +project maintainers commit themselves to fairly and consistently applying these +principles to every aspect of managing this project. Project maintainers who do +not follow or enforce the Code of Conduct may be permanently removed from the +project team. + +This code of conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting a project maintainer, Brandon Philips +, and/or Rithu John . + +This Code of Conduct is adapted from the Contributor Covenant +(http://contributor-covenant.org), version 1.2.0, available at +http://contributor-covenant.org/version/1/2/0/ + +### CoreOS Events Code of Conduct + +CoreOS events are working conferences intended for professional networking and +collaboration in the CoreOS community. Attendees are expected to behave +according to professional standards and in accordance with their employer’s +policies on appropriate workplace behavior. + +While at CoreOS events or related social networking opportunities, attendees +should not engage in discriminatory or offensive speech or actions including +but not limited to gender, sexuality, race, age, disability, or religion. +Speakers should be especially aware of these concerns. + +CoreOS does not condone any statements by speakers contrary to these standards. +CoreOS reserves the right to deny entrance and/or eject from an event (without +refund) any individual found to be engaging in discriminatory or offensive +speech or actions. + +Please bring any concerns to the immediate attention of designated on-site +staff, Brandon Philips , and/or Rithu John . \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/codegen.Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/codegen.Dockerfile new file mode 100644 index 000000000..839b78046 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/codegen.Dockerfile @@ -0,0 +1,8 @@ +FROM golang:1.10 +WORKDIR /go/src/github.com/operator-framework/operator-lifecycle-manager +COPY Makefile Makefile +COPY pkg pkg +COPY vendor vendor +COPY scripts/generate_internal_groups.sh scripts/generate_internal_groups.sh +COPY boilerplate.go.txt boilerplate.go.txt +RUN make codegen \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/.helmignore b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/.helmignore new file mode 100644 index 000000000..f0c131944 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/Chart.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/Chart.yaml new file mode 100644 index 000000000..3941d42cc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/Chart.yaml @@ -0,0 +1,3 @@ +apiVersion: v1 +description: A Helm chart for Kubernetes +name: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..ffc148584 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_00-namespace.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.namespace }} + {{ if and .Values.installType (eq .Values.installType "ocp") }} + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + openshift.io/cluster-monitoring: "true" + {{ end }} +--- +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.operator_namespace }} + {{ if and .Values.installType (eq .Values.installType "ocp") }} + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + {{ end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..40323a8c9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,29 @@ +apiVersion: {{ .Values.rbacApiVersion }}/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: {{ .Values.namespace }} +--- +apiVersion: {{ .Values.rbacApiVersion }}/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-{{ .Values.namespace }} +roleRef: + apiGroup: {{ .Values.rbacApiVersion }} + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: {{ .Values.namespace }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_02-services.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_02-services.yaml new file mode 100644 index 000000000..dfbc1a0eb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_02-services.yaml @@ -0,0 +1,39 @@ +{{ if and .Values.installType (eq .Values.installType "ocp") }} +apiVersion: v1 +kind: Service +metadata: + name: olm-operator-metrics + namespace: {{ .Values.namespace }} + annotations: + service.alpha.openshift.io/serving-cert-secret-name: olm-operator-serving-cert + labels: + app: olm-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: olm-operator +--- +apiVersion: v1 +kind: Service +metadata: + name: catalog-operator-metrics + namespace: {{ .Values.namespace }} + annotations: + service.alpha.openshift.io/serving-cert-secret-name: catalog-operator-serving-cert + labels: + app: catalog-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: catalog-operator +{{ end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..613893753 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,766 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..d406d57c8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,78 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..f9aaf7ac6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,73 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subscribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Subscribes service catalog to a source and channel to recieve updates for packages. + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..17bdd214c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,128 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A source configured to find packages and updates. + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..e66980658 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,104 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: {{ .Values.namespace }} + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: {{ .Values.olm.replicaCount }} + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + {{- if and .Values.installType (eq .Values.installType "ocp") }} + priorityClassName: "system-cluster-critical" + {{- end }} + containers: + - name: olm-operator + command: + - /bin/olm + args: + {{- if .Values.watchedNamespaces }} + - -watchedNamespaces + - {{ .Values.watchedNamespaces }} + {{- end }} + {{- if .Values.olm.commandArgs }} + - {{ .Values.olm.commandArgs }} + {{- end }} + {{- if .Values.debug }} + - -debug + {{- end }} + {{- if .Values.writeStatusName }} + - -writeStatusName + - {{ .Values.writeStatusName }} + {{- end }} + {{- if .Values.writePackageServerStatusName }} + - -writePackageServerStatusName + - {{ .Values.writePackageServerStatusName }} + {{- end }} + {{- if .Values.olm.tlsCertPath }} + - -tls-cert + - {{ .Values.olm.tlsCertPath }} + {{- end }} + {{- if .Values.olm.tlsKeyPath }} + - -tls-key + - {{ .Values.olm.tlsKeyPath }} + {{- end }} + image: {{ .Values.olm.image.ref }} + imagePullPolicy: {{ .Values.olm.image.pullPolicy }} + ports: + - containerPort: {{ .Values.olm.service.internalPort }} + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.olm.service.internalPort }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.olm.service.internalPort }} + terminationMessagePolicy: FallbackToLogsOnError + env: + {{ if and .Values.installType (eq .Values.installType "ocp") }} + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + {{ end }} + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + {{- if .Values.olm.resources }} + resources: +{{ toYaml .Values.olm.resources | indent 12 }} + {{- end}} + {{ if and .Values.installType (eq .Values.installType "ocp") }} + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + {{ end }} + {{ if and .Values.installType (eq .Values.installType "ocp") }} + volumes: + - name: serving-cert + secret: + secretName: olm-operator-serving-cert + {{ end }} + {{- if .Values.olm.nodeSelector }} + nodeSelector: +{{ toYaml .Values.olm.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.olm.tolerations }} + tolerations: +{{ toYaml .Values.olm.tolerations | indent 6 }} + {{- end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..bc593a787 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,96 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: {{ .Values.namespace }} + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: {{ .Values.catalog.replicaCount }} + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + {{- if and .Values.installType (eq .Values.installType "ocp") }} + priorityClassName: "system-cluster-critical" + {{- end }} + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + {{- if .Values.watchedNamespaces }} + - -watchedNamespaces + - {{ .Values.watchedNamespaces }} + {{- end }} + - '-namespace' + - {{ .Values.catalog_namespace }} + {{- if .Values.debug }} + - '-debug' + {{- end }} + {{- if .Values.catalog.commandArgs }} + - {{ .Values.catalog.commandArgs }} + {{- end }} + {{- if .Values.writeStatusNameCatalog }} + - -writeStatusName + - {{ .Values.writeStatusNameCatalog }} + {{- end }} + {{- if .Values.olm.tlsCertPath }} + - -tls-cert + - {{ .Values.olm.tlsCertPath }} + {{- end }} + {{- if .Values.olm.tlsKeyPath }} + - -tls-key + - {{ .Values.olm.tlsKeyPath }} + {{- end }} + image: {{ .Values.catalog.image.ref }} + imagePullPolicy: {{ .Values.catalog.image.pullPolicy }} + ports: + - containerPort: {{ .Values.catalog.service.internalPort }} + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.catalog.service.internalPort }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.catalog.service.internalPort }} + terminationMessagePolicy: FallbackToLogsOnError + env: + {{ if and .Values.installType (eq .Values.installType "ocp") }} + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + {{ end }} + {{- if .Values.catalog.resources }} + resources: +{{ toYaml .Values.catalog.resources | indent 12 }} + {{- end}} + {{ if and .Values.installType (eq .Values.installType "ocp") }} + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + {{ end }} + {{ if and .Values.installType (eq .Values.installType "ocp") }} + volumes: + - name: serving-cert + secret: + secretName: catalog-operator-serving-cert + {{ end }} + {{- if .Values.catalog.nodeSelector }} + nodeSelector: +{{ toYaml .Values.catalog.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.catalog.tolerations }} + tolerations: +{{ toYaml .Values.catalog.tolerations | indent 6 }} + {{- end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..459092c39 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,32 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["subscriptions"] + verbs: ["create", "update", "patch", "delete"] +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] + verbs: ["get", "list", "watch"] +- apiGroups: ["packages.operators.coreos.com"] + resources: ["packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..d0b44a4d9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,99 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A grouping of namespaces for usage with an operator. + properties: + spec: + type: object + description: Spec for an OperatorGroup. + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + status: + type: object + description: The status of the OperatorGroup. + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - lastUpdated + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..b1e32d301 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,11 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: {{ .Values.namespace }} +data: + customResourceDefinitions: |- + clusterServiceVersions: |- +{{- include "packageserver.clusterserviceversion" . | cat "-" | nindent 6 | replace " - apiVersion" " - apiVersion" }} + packages: |- +{{- include "packageserver.package" . | nindent 4 }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..8edde8c92 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,12 @@ +#! validate-crd: ./deploy/chart/templates/06-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: {{ .Values.namespace }} +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..079d49fdc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,14 @@ +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: {{ .Values.operator_namespace }} +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: {{ .Values.namespace }} +spec: + targetNamespaces: + - {{ .Values.namespace }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..ec62b3f07 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,12 @@ +#! validate-crd: ./deploy/chart/templates/05-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: {{ .Values.namespace }} +spec: + source: olm-operators + sourceNamespace: {{ .Values.namespace }} + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_15-packageserver.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_15-packageserver.clusterserviceversion.yaml new file mode 100644 index 000000000..a066433bb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_15-packageserver.clusterserviceversion.yaml @@ -0,0 +1,3 @@ +{{ if and .Values.installType (eq .Values.installType "ocp") }} +{{- include "packageserver.clusterserviceversion" . }} +{{- end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_16-packageserver.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_16-packageserver.deployment.yaml new file mode 100644 index 000000000..b44647134 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_16-packageserver.deployment.yaml @@ -0,0 +1,10 @@ +{{- if and .Values.installType (eq .Values.installType "ocp") -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: packageserver + namespace: {{ .Values.namespace }} + labels: + app: packageserver +{{- include "packageserver.deployment-spec" . | nindent 0 }} +{{- end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_17-upstream-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_17-upstream-operators.catalogsource.yaml new file mode 100644 index 000000000..9ec3c5c28 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_17-upstream-operators.catalogsource.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.installType (eq .Values.installType "upstream") -}} +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: operatorhubio-catalog + namespace: {{ .Values.catalog_namespace }} +spec: + sourceType: grpc + image: quay.io/operator-framework/upstream-community-operators:latest + displayName: Community Operators + publisher: OperatorHub.io +{{- end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_18-service-monitor.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_18-service-monitor.yaml new file mode 100644 index 000000000..023235e0d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_18-service-monitor.yaml @@ -0,0 +1,91 @@ +{{ if and .Values.installType (eq .Values.installType "ocp") }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: olm-operator + namespace: {{ .Values.namespace }} + labels: + app: olm-operator +spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: olm-operator-metrics.{{ .Values.namespace }}.svc + jobLabel: component + namespaceSelector: + matchNames: + - {{ .Values.namespace }} + selector: + matchLabels: + app: olm-operator +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: catalog-operator + namespace: {{ .Values.namespace }} + labels: + app: catalog-operator +spec: + jobLabel: k8s-app + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: catalog-operator-metrics.{{ .Values.namespace }}.svc + jobLabel: component + namespaceSelector: + matchNames: + - {{ .Values.namespace }} + selector: + matchLabels: + app: catalog-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: operator-lifecycle-manager-metrics + namespace: {{ .Values.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: operator-lifecycle-manager-metrics +subjects: +- kind: ServiceAccount + name: prometheus-k8s + namespace: openshift-monitoring +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: operator-lifecycle-manager-metrics + namespace: {{ .Values.namespace }} +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch +{{ end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_99-operatorstatus.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_99-operatorstatus.yaml new file mode 100644 index 000000000..4ae8c98b6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/0000_50_olm_99-operatorstatus.yaml @@ -0,0 +1,30 @@ +{{- if .Values.imagestream }} +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: {{ .Values.writeStatusName }} +status: + versions: + - name: operator + version: "0.0.1-snapshot" +--- +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: {{ .Values.writeStatusNameCatalog }} +status: + versions: + - name: operator + version: "0.0.1-snapshot" +{{- if .Values.writePackageServerStatusName }} +--- +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: {{ .Values.writePackageServerStatusName }} +status: + versions: + - name: operator + version: "0.0.1-snapshot" +{{- end }} +{{- end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_helpers.tpl b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_helpers.tpl new file mode 100644 index 000000000..308975b6f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_helpers.tpl @@ -0,0 +1,16 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.clusterserviceversion.yaml new file mode 100644 index 000000000..ecf60fd87 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.clusterserviceversion.yaml @@ -0,0 +1,84 @@ +{{- define "packageserver.clusterserviceversion" -}} +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: packageserver.v{{ .Chart.Version }} + namespace: {{ .Values.namespace }} + labels: + {{- if .Values.writePackageServerStatusName }} + olm.clusteroperator.name: {{ .Values.writePackageServerStatusName }} + {{- end }} +spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: {{ .Values.minKubeVersion }} + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + {{- include "packageserver.deployment-spec" . | nindent 8 }} + maturity: alpha + version: {{ .Chart.Version }} + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: {{ .Values.package.service.internalPort }} +{{- end -}} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.deployment-spec.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.deployment-spec.yaml new file mode 100644 index 000000000..8bad567f0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.deployment-spec.yaml @@ -0,0 +1,60 @@ +{{- define "packageserver.deployment-spec" -}} +spec: + strategy: + type: RollingUpdate + replicas: {{ .Values.package.replicaCount }} + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + {{- if and .Values.installType (eq .Values.installType "ocp") }} + priorityClassName: "system-cluster-critical" + {{- end }} + {{- if .Values.package.nodeSelector }} + nodeSelector: + {{- toYaml .Values.package.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.package.tolerations }} + tolerations: + {{- toYaml .Values.package.tolerations | nindent 6 }} + {{- end }} + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + {{- if .Values.watchedNamespaces }} + - --watched-namespaces + - {{ .Values.watchedNamespaces }} + {{- end }} + - --secure-port + - {{ .Values.package.service.internalPort | quote }} + - --global-namespace + - {{ .Values.catalog_namespace }} + {{- if .Values.debug }} + - --debug + {{- end }} + {{- if .Values.package.commandArgs }} + - {{ .Values.package.commandArgs }} + {{- end }} + image: {{ .Values.package.image.ref }} + imagePullPolicy: {{ .Values.package.image.pullPolicy }} + ports: + - containerPort: {{ .Values.package.service.internalPort }} + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: {{ .Values.package.service.internalPort }} + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: {{ .Values.package.service.internalPort }} + terminationMessagePolicy: FallbackToLogsOnError +{{- end -}} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.package.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.package.yaml new file mode 100644 index 000000000..c55022b38 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/_packageserver.package.yaml @@ -0,0 +1,6 @@ +{{- define "packageserver.package" -}} +- packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v{{ .Chart.Version }} +{{- end -}} \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/image-references new file mode 100644 index 000000000..7662493cd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/templates/image-references @@ -0,0 +1,14 @@ +{{- if .Values.imagestream }} +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: operator-lifecycle-manager + from: + kind: DockerImage + name: {{ .Values.olm.image.ref }} + - name: operator-registry + from: + kind: DockerImage + name: quay.io/operator-framework/configmap-operator-registry:latest +{{- end }} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/values.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/values.yaml new file mode 100644 index 000000000..9581b89de --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/chart/values.yaml @@ -0,0 +1,40 @@ +installType: upstream +rbacApiVersion: rbac.authorization.k8s.io +namespace: operator-lifecycle-manager +catalog_namespace: operator-lifecycle-manager +operator_namespace: operators +minKubeVersion: 1.11.0 +writeStatusName: '""' +imagestream: false +debug: false +installType: upstream +olm: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:master + pullPolicy: Always + service: + internalPort: 8080 + nodeSelector: + beta.kubernetes.io/os: linux + +catalog: + replicaCount: 1 + commandArgs: -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + image: + ref: quay.io/operator-framework/olm:master + pullPolicy: Always + service: + internalPort: 8080 + nodeSelector: + beta.kubernetes.io/os: linux + +package: + replicaCount: 2 + image: + ref: quay.io/operator-framework/olm:master + pullPolicy: Always + service: + internalPort: 5443 + nodeSelector: + beta.kubernetes.io/os: linux diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..b7608fc11 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_00-namespace.yaml @@ -0,0 +1,24 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + openshift.io/cluster-monitoring: "true" + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operators + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8cedb3c2e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_02-services.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_02-services.yaml new file mode 100644 index 000000000..21a4e4e6f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_02-services.yaml @@ -0,0 +1,41 @@ +--- +# Source: olm/templates/0000_50_olm_02-services.yaml + +apiVersion: v1 +kind: Service +metadata: + name: olm-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: olm-operator-serving-cert + labels: + app: olm-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: olm-operator +--- +apiVersion: v1 +kind: Service +metadata: + name: catalog-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: catalog-operator-serving-cert + labels: + app: catalog-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: catalog-operator + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..404109e5e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,768 @@ +--- +# Source: olm/templates/0000_50_olm_03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..627ce931e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,80 @@ +--- +# Source: olm/templates/0000_50_olm_04-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..b9265baa0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,75 @@ +--- +# Source: olm/templates/0000_50_olm_05-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subscribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Subscribes service catalog to a source and channel to recieve updates for packages. + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..991a5e72c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,130 @@ +--- +# Source: olm/templates/0000_50_olm_06-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A source configured to find packages and updates. + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..dfb3d440b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,89 @@ +--- +# Source: olm/templates/0000_50_olm_07-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + priorityClassName: "system-cluster-critical" + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - operator-lifecycle-manager + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: olm-operator-serving-cert + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..3e151a24a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,86 @@ +--- +# Source: olm/templates/0000_50_olm_08-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + priorityClassName: "system-cluster-critical" + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - openshift-operator-lifecycle-manager + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + - -writeStatusName + - operator-lifecycle-manager-catalog + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: catalog-operator-serving-cert + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..5665a36a9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,34 @@ +--- +# Source: olm/templates/0000_50_olm_09-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["subscriptions"] + verbs: ["create", "update", "patch", "delete"] +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] + verbs: ["get", "list", "watch"] +- apiGroups: ["packages.operators.coreos.com"] + resources: ["packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..43c9b708e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,99 @@ +--- +# Source: olm/templates/0000_50_olm_10-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A grouping of namespaces for usage with an operator. + properties: + spec: + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - lastUpdated + type: object + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..e5c04d48e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,147 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.10.0 + namespace: openshift-operator-lifecycle-manager + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.0 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.10.0 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..5c643c57e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_12-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/06-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..59a45bf43 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_13-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: openshift-operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + targetNamespaces: + - openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..e0dcc85df --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_14-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/05-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager +spec: + source: olm-operators + sourceNamespace: openshift-operator-lifecycle-manager + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_15-operatorstatus.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_15-operatorstatus.yaml new file mode 100644 index 000000000..d72556201 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_15-operatorstatus.yaml @@ -0,0 +1,20 @@ +--- +# Source: olm/templates/0000_50_olm_15-operatorstatus.yaml + +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager +status: + versions: + - name: operator + version: "0.0.1-snapshot" +--- +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager-catalog +status: + versions: + - name: operator + version: "0.0.1-snapshot" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_16-packageserver.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_16-packageserver.clusterserviceversion.yaml new file mode 100644 index 000000000..169199191 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_16-packageserver.clusterserviceversion.yaml @@ -0,0 +1,134 @@ +--- +# Source: olm/templates/0000_50_olm_16-packageserver.clusterserviceversion.yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: packageserver.v0.10.0 + namespace: openshift-operator-lifecycle-manager +spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.0 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_17-packageserver.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_17-packageserver.deployment.yaml new file mode 100644 index 000000000..4f1b4b076 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_17-packageserver.deployment.yaml @@ -0,0 +1,64 @@ +--- +# Source: olm/templates/0000_50_olm_17-packageserver.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager + labels: + app: packageserver +spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_19-service-monitor.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_19-service-monitor.yaml new file mode 100644 index 000000000..63a5688b0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/0000_50_olm_19-service-monitor.yaml @@ -0,0 +1,93 @@ +--- +# Source: olm/templates/0000_50_olm_19-service-monitor.yaml + +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: olm-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: olm-operator +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + jobLabel: k8s-app + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: catalog-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: catalog-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: operator-lifecycle-manager-metrics +subjects: +- kind: ServiceAccount + name: prometheus-k8s + namespace: openshift-monitoring +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/image-references new file mode 100644 index 000000000..46b46b262 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.0/image-references @@ -0,0 +1,15 @@ +--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: operator-lifecycle-manager + from: + kind: DockerImage + name: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + - name: operator-registry + from: + kind: DockerImage + name: quay.io/operator-framework/configmap-operator-registry:latest diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..b7608fc11 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_00-namespace.yaml @@ -0,0 +1,24 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + openshift.io/cluster-monitoring: "true" + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operators + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8cedb3c2e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_02-services.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_02-services.yaml new file mode 100644 index 000000000..21a4e4e6f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_02-services.yaml @@ -0,0 +1,41 @@ +--- +# Source: olm/templates/0000_50_olm_02-services.yaml + +apiVersion: v1 +kind: Service +metadata: + name: olm-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: olm-operator-serving-cert + labels: + app: olm-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: olm-operator +--- +apiVersion: v1 +kind: Service +metadata: + name: catalog-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: catalog-operator-serving-cert + labels: + app: catalog-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: catalog-operator + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..404109e5e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,768 @@ +--- +# Source: olm/templates/0000_50_olm_03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..627ce931e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,80 @@ +--- +# Source: olm/templates/0000_50_olm_04-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..b9265baa0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,75 @@ +--- +# Source: olm/templates/0000_50_olm_05-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subscribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Subscribes service catalog to a source and channel to recieve updates for packages. + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..991a5e72c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,130 @@ +--- +# Source: olm/templates/0000_50_olm_06-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A source configured to find packages and updates. + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..fe3346429 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,89 @@ +--- +# Source: olm/templates/0000_50_olm_07-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + priorityClassName: "system-cluster-critical" + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - operator-lifecycle-manager + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: olm-operator-serving-cert + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..ca0e937d5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,86 @@ +--- +# Source: olm/templates/0000_50_olm_08-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + priorityClassName: "system-cluster-critical" + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - openshift-marketplace + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + - -writeStatusName + - operator-lifecycle-manager-catalog + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: catalog-operator-serving-cert + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..5665a36a9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,34 @@ +--- +# Source: olm/templates/0000_50_olm_09-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["subscriptions"] + verbs: ["create", "update", "patch", "delete"] +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] + verbs: ["get", "list", "watch"] +- apiGroups: ["packages.operators.coreos.com"] + resources: ["packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..18235816a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,101 @@ +--- +# Source: olm/templates/0000_50_olm_10-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A grouping of namespaces for usage with an operator. + properties: + spec: + type: object + description: Spec for an OperatorGroup. + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + status: + type: object + description: The status of the OperatorGroup. + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - lastUpdated + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..1aeb39ec5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,147 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.10.1 + namespace: openshift-operator-lifecycle-manager + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-marketplace + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.1 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.10.1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..5c643c57e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_12-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/06-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..59a45bf43 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_13-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: openshift-operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + targetNamespaces: + - openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..e0dcc85df --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_14-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/05-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager +spec: + source: olm-operators + sourceNamespace: openshift-operator-lifecycle-manager + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_15-operatorstatus.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_15-operatorstatus.yaml new file mode 100644 index 000000000..d72556201 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_15-operatorstatus.yaml @@ -0,0 +1,20 @@ +--- +# Source: olm/templates/0000_50_olm_15-operatorstatus.yaml + +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager +status: + versions: + - name: operator + version: "0.0.1-snapshot" +--- +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager-catalog +status: + versions: + - name: operator + version: "0.0.1-snapshot" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_16-packageserver.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_16-packageserver.clusterserviceversion.yaml new file mode 100644 index 000000000..1e176703a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_16-packageserver.clusterserviceversion.yaml @@ -0,0 +1,134 @@ +--- +# Source: olm/templates/0000_50_olm_16-packageserver.clusterserviceversion.yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: packageserver.v0.10.1 + namespace: openshift-operator-lifecycle-manager +spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-marketplace + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.1 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_17-packageserver.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_17-packageserver.deployment.yaml new file mode 100644 index 000000000..67274fc53 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_17-packageserver.deployment.yaml @@ -0,0 +1,64 @@ +--- +# Source: olm/templates/0000_50_olm_17-packageserver.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager + labels: + app: packageserver +spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-marketplace + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_19-service-monitor.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_19-service-monitor.yaml new file mode 100644 index 000000000..63a5688b0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/0000_50_olm_19-service-monitor.yaml @@ -0,0 +1,93 @@ +--- +# Source: olm/templates/0000_50_olm_19-service-monitor.yaml + +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: olm-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: olm-operator +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + jobLabel: k8s-app + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: catalog-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: catalog-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: operator-lifecycle-manager-metrics +subjects: +- kind: ServiceAccount + name: prometheus-k8s + namespace: openshift-monitoring +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/image-references new file mode 100644 index 000000000..1551bfab2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.10.1/image-references @@ -0,0 +1,15 @@ +--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: operator-lifecycle-manager + from: + kind: DockerImage + name: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + - name: operator-registry + from: + kind: DockerImage + name: quay.io/operator-framework/configmap-operator-registry:latest diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_00-namespace.yaml new file mode 100644 index 000000000..ecb479521 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_00-namespace.yaml @@ -0,0 +1,10 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + labels: + openshift.io/run-level: "1" + annotations: + openshift.io/node-selector: "" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8ab035f63 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..3650c38a9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,695 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..8742215dc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_03-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..35f0c24a1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_04-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..8facb62fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..1dd3440bd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,11364 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_07-certified-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_07-certified-operators.configmap.yaml new file mode 100644 index 000000000..aedc867e3 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_07-certified-operators.configmap.yaml @@ -0,0 +1,1293 @@ +##--- +# Source: olm/templates/0000_30_07-certified-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: couchbaseclusters.couchbase.com + spec: + group: couchbase.com + version: v1 + names: + plural: couchbaseclusters + singular: couchbasecluster + shortNames: + - couchbase + - cbc + kind: CouchbaseCluster + listKind: CouchbaseClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - baseImage + - version + - authSecret + - cluster + - servers + properties: + adminConsoleServices: + type: array + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + buckets: + type: array + items: + type: object + required: + - name + - type + - memoryQuota + properties: + enableFlush: + type: boolean + enableIndexReplica: + type: boolean + ioPriority: + type: string + enum: + - high + - low + name: + type: string + pattern: '^[a-zA-Z0-9._\-%]*$' + evictionPolicy: + type: string + enum: + - valueOnly + - fullEviction + - noEviction + - nruEviction + memoryQuota: + type: integer + minimum: 100 + type: + type: string + enum: + - couchbase + - ephemeral + - memcached + replicas: + type: integer + maximum: 3 + minimum: 0 + conflictResolution: + type: string + enum: + - seqno + - lww + baseImage: + type: string + antiAffinity: + type: boolean + exposeAdminConsole: + type: boolean + paused: + type: boolean + servers: + type: array + minLength: 1 + items: + type: object + required: + - size + - name + - services + properties: + name: + type: string + minLength: 1 + pattern: '^[-_a-zA-Z0-9]+$' + pod: + type: object + properties: + automountServiceAccountToken: + type: boolean + couchbaseEnv: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + labels: + type: object + nodeSelector: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + requests: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + tolerations: + type: array + items: + type: object + required: + - key + - operator + - value + - effect + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + volumeMounts: + type: object + required: + - default + properties: + analytics: + type: array + items: + type: string + data: + type: string + default: + type: string + index: + type: string + serverGroups: + type: array + items: + type: string + services: + type: array + minLength: 1 + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + size: + type: integer + minimum: 1 + disableBucketManagement: + type: boolean + volumeClaimTemplates: + type: array + items: + type: object + required: + - metadata + - spec + properties: + metadata: + type: object + required: + - name + properties: + name: + type: string + spec: + type: object + required: + - resources + - storageClassName + properties: + resources: + type: object + properties: + limits: + type: object + required: + - storage + properties: + storage: + type: string + requests: + type: object + required: + - storage + properties: + storage: + type: string + storageClassName: + type: string + serverGroups: + type: array + items: + type: string + version: + type: string + pattern: '^([\w\d]+-)?\d+\.\d+.\d+(-[\w\d]+)?$' + softwareUpdateNotifications: + type: boolean + authSecret: + type: string + minLength: 1 + cluster: + type: object + required: + - dataServiceMemoryQuota + - indexServiceMemoryQuota + - searchServiceMemoryQuota + - eventingServiceMemoryQuota + - analyticsServiceMemoryQuota + - indexStorageSetting + - autoFailoverTimeout + - autoFailoverMaxCount + properties: + autoFailoverTimeout: + type: integer + maximum: 3600 + minimum: 5 + autoFailoverOnDataDiskIssues: + type: boolean + clusterName: + type: string + indexStorageSetting: + type: string + enum: + - plasma + - memory_optimized + analyticsServiceMemoryQuota: + type: integer + minimum: 1024 + eventingServiceMemoryQuota: + type: integer + minimum: 256 + searchServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverMaxCount: + type: integer + maximum: 3 + minimum: 1 + dataServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverOnDataDiskIssuesTimePeriod: + type: integer + maximum: 3600 + minimum: 5 + indexServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverServerGroup: + type: boolean + tls: + type: object + properties: + static: + type: object + properties: + member: + type: object + properties: + serverSecret: + type: string + operatorSecret: + type: string + exposedFeatures: + type: array + items: + type: string + enum: + - admin + - xdcr + - client + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: Age + type: date + description: >- + CreationTimestamp is a timestamp representing the server time when this + object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is + represented in RFC3339 form and is in UTC. + + + Populated by the system. Read-only. Null for lists. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + JSONPath: .metadata.creationTimestamp + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: oneagents.dynatrace.com + spec: + group: dynatrace.com + names: + kind: OneAgent + listKind: OneAgentList + plural: oneagents + singular: oneagent + scope: Namespaced + version: v1alpha1 + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbreplicasets.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbreplicasets + singular: mongodbreplicaset + shortNames: + - mrs + kind: MongoDbReplicaSet + listKind: MongoDbReplicaSetList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - members + properties: + members: + type: integer + maximum: 50 + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbshardedclusters.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbshardedclusters + singular: mongodbshardedcluster + shortNames: + - msc + kind: MongoDbShardedCluster + listKind: MongoDbShardedClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - shardCount + - mongodsPerShardCount + - mongosCount + - configServerCount + properties: + configServerCount: + type: integer + maximum: 50 + minimum: 1 + mongodsPerShardCount: + type: integer + maximum: 50 + minimum: 1 + mongosCount: + type: integer + minimum: 1 + shardCount: + type: integer + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbstandalones.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbstandalones + singular: mongodbstandalone + shortNames: + - mst + kind: MongoDbStandalone + listKind: MongoDbStandaloneList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + properties: + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"couchbase.com/v1","kind":"CouchbaseCluster","metadata":{"name":"cb-example","namespace":"default"},"spec":{"authSecret":"cb-example-auth","baseImage":"registry.connect.redhat.com/couchbase/server","buckets":[{"conflictResolution":"seqno","enableFlush":true,"evictionPolicy":"fullEviction","ioPriority":"high","memoryQuota":128,"name":"default","replicas":1,"type":"couchbase"}],"cluster":{"analyticsServiceMemoryQuota":1024,"autoFailoverMaxCount":3,"autoFailoverOnDataDiskIssues":true,"autoFailoverOnDataDiskIssuesTimePeriod":120,"autoFailoverServerGroup":false,"autoFailoverTimeout":120,"clusterName":"cb-example","dataServiceMemoryQuota":256,"eventingServiceMemoryQuota":256,"indexServiceMemoryQuota":256,"indexStorageSetting":"memory_optimized","searchServiceMemoryQuota":256},"servers":[{"name":"all_services","services":["data","index","query","search","eventing","analytics"],"size":3}],"version":"5.5.1-1"}}] + name: couchbase-operator.v1.0.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Manages Couchbase clusters + displayName: Couchbase Operator + kind: CouchbaseCluster + name: couchbaseclusters.couchbase.com + resources: + - kind: Service + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: The name of the secret object that stores the admin credentials. + displayName: Auth Secret + path: authSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: The desired number of member Pods for the deployment. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The current status of the Couchbase cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the application. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - description: The status of each of the member Pods for the Couchbase cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The current version of the Couchbase cluster. + displayName: Current Version + path: currentVersion + - description: >- + The port the Couchbase Admin Console can be accessed on from any + node in the OpenShift cluster. + displayName: Admin Console Port + path: adminConsolePort + - description: >- + The SSL port the Couchbase Admin Console can be accessed on from + any node in the OpenShift cluster. + displayName: SSL Admin Console Port + path: adminConsolePortSSL + version: v1 + keywords: + - couchbase + - database + - key value + - nosql + - open source + displayName: Couchbase Operator + provider: + name: Couchbase + maturity: stable + version: 1.0.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAK4AAACvCAYAAABkUOVLAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAABLSSURBVHic7d17cFz1dQfw77l39ZZlgbHNpH7IxliPlVaStX7gMEVOmeCQQBoIpjNtKYmhbtJ0KFACbdOZlDZMYSAuk0AYDKVDMgVMgU5CsGlpbFLHD7wrrx4rycaWReIkY2wj62FJ1t77O/1DMjEeW3ufe3dX5zPjGY907+93bH/90+7de88PEEIIIYQQQggROAq6gHywr6ZmjlZQMJtSKCOgEABMhMp1GCMAwMAEF+CMSqUGV/f2ngq22vwgwU1jR2trqOLk0NWsVD2Il4JRxUAVgReD6Aow5gDQbAypQDgF5pMM+oCAfmY6SoSj0M3Ovs6a9zfgVdOvP0++kOCehwGKNzRUs6mtJcJagJrAHAZQnMEyxkGUBDhBjF+wrvZEOzt7Mzh/TpjxwX2vvn6hzqH1SvF6Ir4OoDlB13QRJwl4l5m3GwXYvqaj41jQBQVtRgY3VtPQAF3bAOCLYDQEXY9tTB0g/i8FbF3V3Z4MupwgzJjgxsIti4hTX2HgdoBqg67HQ0kQXlFk/vuqrq5fBV1MpuR1cHe0toYqjg/cBKK7GXwD7L2Jyi0EE8xvg7Utw/Mr31y3c6cRdEl+ysvg7qqunlWsFX0VhPsAWhR0PQH4LYOeLdLNJyOdnQNBF+OHvAru3vr6+SGlfxPAXQAqgq4ncIRBBj9bqOPxxo6OD4Mux0t5Edx9NTVzNK34rwh8H4BZQdeThc4AeN7QzEfWdHUdD7oYL+R0cHcvuKakYNbYfUT8ICSwVgwB/C/Do0Ob1/X3jwddjBs5G9x4OHITg54EY0nQteSgXzHzt6I9HT8kgIMuxomcC248vGIZs/ksgHVB15LrCPyO0nnTys7OvqBrsStngrujtTU06/hHfwmi7wAoC7qevEEYY6bHqET/TjQeTwVdjlU5EdxYQ0MNG/RDIooGXUu+ImC/ofAnq3vbDwVdixVZf0F+f23kDphaTELrLwZW6joSsdrIPUHXYkXWrrgHmpoqzQl+AcAfBl3LTMOM181U8VfWHN43FHQtl5KVwY01NNTApNfz7J6CXPM+M9+ysqejK+hCLibrXirEaxtvh6nFJLSBu5qI9sTqmm4LupCLyargxmoj9zDhPyBXDbJFOcCv7K9r+nbQhVwoK14q7GhtDVV8OPB9BjYFXYu4OAZeoJLQpmy5ZBZ4cGMtLaUYM14HcEPQtYh0+K2JobIvrz22ZyzoSgINbnskUpYy6McAPhNkHcI6Bv3cnCi6KegrDoEFt6Oh4bIJU9sGYHVQNQjH9uqF9LnmROJ0UAUE8uasPRIpmzC1H0NCm6vWmBO8fVd1dWB35GU8uLsXXFOSStGbAK7N9NzCU6uL9eJt7ZFIIFeAMhrcWEtLQWHF6BsgtGZyXuGbT6cMbN3R2hrK9MQZDS6NGd+DXD3IM3TjrBMDz2R61owFNxZu/Ae5TpunGBtj4caHMjllRq4qxGsbb2fCS5maTwSCmfi2lcmO1zIxme9BitU0NEDT9kA+xp0JRhSwJhPddXx9qbCrunoWNG0rJLQzRbkGvB5b2jLb74l8DW6xXvwigBo/5xBZZzmKzef8nsS34MbqGv8CchP4DMVf3l8b2ejnDL68xp16EvcAgHI/xhc54Qyb3LLyYMdBPwb3fMXd0doaUsp4CRLama6MdHpxK27T/Rjc8+DOOjFwvzzYKKasWho+5MvDl56+VNhXHVmi69QJuYogfmcUmhmJdnUd8XJQT1dcXafnIaEVn1QKU3/a60E9C268rnEDpC2SuBjCZ+O1jV/ydkgP7KiqKp5VOrsHQJUX44m81Dc8Ohj2qkukJytueUnl/ZDQiuktnVU227M3aq5X3H01NXN0ragP0gFcpEMYnICxdG0y+ZHboVyvuJpe+CAktMIKxuwi6Pd5MZSrFbdtWfNcVaj6IB82COtGCkJ8lds9KVytuKpQPQgJrbCnPJUi16uu4xV377LVFaGi8V+C4fstbCLvDGE8tCjaFx90OoDjFbeg4OwmCa1wqIJLjK+6GcDRihtraSnAmHEEwEI3k4sZ7YPheZctc7oDpqMVl84aN0FCK9xZXH7ioxudnuwouErhbqcTCnEOKXKcI9svFWLhlkVg4yiyrLfulBEAKYCHATIAFAJYEHBNmWYAOAZAAagAoQyMkoBrujiCaehctaaj45jdUx10IDHuRCZDSxgD4+fE6IZGR5jxITMN6DpOK6QGTMM4rZeVDV2qb2t7JDLPMOl+ZjyA/H48/iyAByaGSp+7sA0oA9TZ0FA5SlRGE1Sq6TSXFOaC+EoCz1dMczXClYp5MRE1AijISMUMvcDAHQAesXuq/RW3LtKdoTb3bQQ8yiWhN6Px+KjbwWLhpi1gvsuLwrIS4aFosv1Rt8PEWlpKeTR1MxHdC2CVB5VNj9AZTbZH7J9mw1SPhA67k9h0hhlfi/a0/8jL7Trb6pujSqn9Xo2XbUIGFjQdav+1V+MxQPG6xk0AngBQ6tW4F0OaXtfS1dZj5xx7P/J1bYOt4+07Tpq5dmVPu+d7zA6ODGTl7jEeGW881P4bLwckgKPd7c+AcAMIjj8osEQZtnNlL7js6+PmZ5VGt7R0dfmyok/dBzrhx9hZ4KRfm0lHk+27oOiP4eNm1QyyfZO55eC+V1+/EEC93QmsIuLHV3Uldvs1/pSc3CncAl//XNGexE8Z2OLjFJG26uZP2TnBcnB1Dq23X49FhEGtQHvct/GFa2aI/wmTVy78QKaubOXLcnCVYt+CS8C2IPcTEOlNXmvl//VrfAK8Dy4DRITfd1aSpQn+27exhZfe9nHs69jGVS5LwW2rX1ED4ArHJaVhKq3Pr7GFh1jztDfCBeYlapuWWT3YUnCVMq9xXk96IR0n/BxfeENpcPXUgoXxP231WEvBJcJa5+Wkpyjl14t+4aEQka9XL1gpyzmz9uaM0ey4GiEsIqImq8emDe7UVkB1rioSwgIm1Fvt7pg2uLNPDC4HUOy6KiHSYZQsrjl0lZVD0wZXMYfdVySENaGQtU9n07/GJbb0P0AIL7DipVaOSxtcYukJJjKHmaqsHJc2uCzN7EQGEfESK8dZuBzGi9wWI4R1tNjKUVau485zWYkQdsy1ctC0wWVAA1GlN/UIYcnlVm62mTa4e8LhSjB82e5HiEsIJZqa0rb2mja4RSi63Lt6hLDGMM20uZu2r4LJZlE2dv1wikA/A1RmegZkELOWV3fX6SqU9pPaaYOrMReB8qeHRkt3wnGvKpE5Brgw3THTLqg02cJIiIzSWBWlPWa6b7JGDlo0CeESUdqXc9OvuIod9S4Vwg220P8i3XXcfG2gIbIYgyS4IvfopKV9lGva4GpayJPtK4Www8oziNMG9yzOut4BUAi76EzhqXTHTBvca5LJ0yCY3pUkRFqplr74ULqD0l3HVWAMeFeTEGl9ZKXzpJX7cfPq40SR9U5aOchCcOmXbisRwjr+wMpRVu6hOeqyEiEsYyZLebPwlC/63RYjhFVE1hZKCw9Lsp8d+oT4BGJY6tyZ/vF0jfN50w+RbTS909Jh6Q7o66x5H4SxdMe5oZuhfLpfXTg3uiLZ5s2KuwGvmgB1u6/p0kyoWX6OL7xhgst9nqKLJrdyTcvqSnfARTFpkUaWHkkWwdIU+9qqgIGE5VosDci8x3k5FsYHLPdFFcFRxL52pgfzL6weam3FNa0P6IjCZ3wdX7jGgEZMX/BzjhA0ywukpeBGD3YcgsWP4hwhXL+vOmKpZ5QIRiwcuR2A5c1FHDje3JN43+rB1vaAAJiAd53XlL4OXcf3fRxfuBBb3nIFMbnemT0NW/myfBmKmbfbr8UOunF/OPKYnb2uhP9iLS2lHDJeBrDQz3kIsJUvy8E1CrAdPu8ZS0wPxMONr03tGywCFgu3LOLx1DsE/IHPUzFzyFZwba1usXBjBxgN9mpyZBSElxj0QjSZ2GP12p7wRmJ54+8ZBdgIxjcBlGViymh3u62dnez1TWC8AWQkuKVgbCTwxnhd4+kYYxcIbcx8hDTq0wytb8XBA7/JQB15a0dVVXFlSeVCU+MFrHghaVQFxhIQNRjgpow2OyS8Yf8UG96rawxrQLbcuzAOoA+Eo1B8EkQnQTjBjBMgPsmknaSUOqVo4uSq3t6BmbJqb8VtelW4e65manM1jeYp0uYDfCUYiwEsYuYFRLQQwPyga/2YrmqjnZ29dk6x/UYoVtfYBSAXd+IZBTAC0DAIp6F4GMAIaRhRjCEQj5Kis9BwBsAEgUYApBTUMLFmMOMMLnjen3Ue1Q3T1q6YrGsVrDQdAIj4MmCq1RVN/kjmyY9VCwAQFCrPfV9NfZ/A5QAVMEPXiCsYVIHJH+flACoAVCKX3uAydUR7Eo12T7PfYonwChgP2z4veKWTv3geGB//0/K5yxhMk7+ZevvJU7+hqS9O9v775HtTUgBrNu8PYoBIXfili7/tpd99ny74IhHAOZTPSyL1spPTbN+VZej8gjz5KzxihAx60cmJtoO7pqPjGJjfdjKZEOcj0FtNh9p/7eRcZ/fBsrbF0XlCnI/Uc05PdRTc4fmVbwIsT/8KN/qH5l6+zenJjoK7budOA0RPOp1UCIA3r9u503EbW8ePzIwb41tAGHR6vpjRBkrI/Dc3AzgO7rUHDw4z+Fk3k4uZiUE/CCeTI27GcPWQIqUKHgMw7GYMMeOM6BP0r24HcRXc6KH4SQBPuS1CzCCMzSsOH3Ddj871Y+F6IT0K4LTbccQMQBgsDKnNXgzlOrjNicRpgB/zohiR55j/OdLZ6UnbWk8acZSQ+QQAy88LiZmIjsyeGP2eV6N5EtxwMjlBGh7yYiyRn4jUvVcfPmzrTrppx/NqIACI10X+h0HXezmmyH0E2ub1drSe9uzSlHY3gDNejily3qjSzW94PainwW3uTfQT0z96OabIbcT09ys7Oy01srPD8y6JQ/MrNxOw3+txRU7ae6Tnas/ekJ3Pl1voY/X1V0HpBwBIF8aZ64ypsGJ1b/shPwb3pS9ttKvrCBHd78fYIjcQ0Tf8Ci3g80N1+2sbXyPCLX7OIbIPE15ZmWz/Iz/n8LUT+Fk1ficAX5tCiyxDOGieLf5z/6fx2f7qSDXp9B4mH50W+W1EI231iuQB3xcr3/deWHmw4yBAd8HnvmMicIoYd2QitEAGggsA0e7EqwT+VibmEsEgpodaetptt1JyPF+mJgKAWLjpaTB/LZNzigwgei6aTNydySkzu01TsX4PwG9ldE7hKwZ+Mjy3MuOLUcZ7+OxecE1JYcXoTwGsy/TcwnM/Gx4d/Py6/v7xTE+c8Y3x1h7bM4aS0BcA/F+m5xae2ltCxheDCC0QQHABIBqPj+qFdDOAvUHML9whxm6Mh9a7fVLXjcC2Im1OJE4XhPh6Ar8TVA3CPiJ+d0yNr4/2xQPtqRHoHrqNHR1nzg6V3Sxv2HIDAz8ZOjO0/tqDBwNvSRD45s9rj+0Z6+uuvhnETwddi5gG4XkqCd0a1GvaC2VVZ+BYbeQeEH0XWfAfSnyMGfTwyu7Et4Mu5HxZFVwA2B+O3EpML0Du5c0GQ8S4M5OfiFmVdcEFgH01jct1Da8jN/eayA+Eg4px66ru9mTQpVxMVv5IXt3bfsiYKF4L0H8GXctMxIRXxo3xldkaWiBLV9zz7a+N3EFET2FyVxnhr2Ei+puWZCLru3BmfXAB4EBt09Um8Y8ArAq6ljy2l0j/05Zk2+GgC7EiJ4ILAAxobeGmu5j5Ccjq66VREB7uSy5/fANezZndlHImuOfsq44s0TV6BoTPBl1LriPQNk3h6829if6ga7Er54J7TjwcuYlZ2wzwVUHXkoMOA/R30e7Eq0EX4lTOBhcA3l+2rGiwqOyvAfwtGLODricHnCamR4q11JPhZHIi/eHZK6eDe86u6upZxaHir0MCfCkjYDxVGFKPetWfNmh5Edxz2pY1z1UF6n4QNmFyM+aZboBBP1Bq/Lure3tPBV2Ml/IquOckw+HyMaVvBNG9ABYHXU8A+kF4BmOhZ4K+/dAveRncc3a0tobKPzz9eWK+Cxo+B4YedE2+IZjMeEsj3nIkWf1WLl3aciKvg3u+vZHIAj2l/RlpfDsYDUHX4xmmDpB6OWTQi043dM5FMya454vXr6iFMjYw6EsAIsitvwcG0A7CG9DU1mhnZ2/QBQUhl/7BfNFW3fwpU1frCVgP4DoA84Ku6SKOA3iXgO3Moe3Rnvhvgy4oaDM+uBfaV9O4PKTTWlZqLQPNRFQHoDSDJYwSkFTAASLarSvsbu5JyI5GF5DgprEVt+mLaw5dpencQIwlICwBowqgKgBzpn6FbAxpADg1+Yv7mekoEfeTRn2aSZ1NPYkjBCiv/xz5RoLrgQNNTZWGaV6ucUERjFQpAJgIleswJh/fDhWMKkqdDen6R5MbGgohhBBCCCGEEEIIIYQQQgghhBAz1v8D+o/bXqYjxQQAAAAASUVORK5CYII= + mediatype: image/png + links: + - name: Couchbase + url: 'https://www.couchbase.com' + - name: Documentation + url: 'https://docs.couchbase.com/operator/1.0/overview.html' + - name: Downloads + url: 'https://www.couchbase.com/downloads' + install: + spec: + deployments: + - name: couchbase-operator + spec: + replicas: 1 + selector: + matchLabels: + name: couchbase-operator + template: + metadata: + labels: + name: couchbase-operator + spec: + containers: + - command: + - couchbase-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: 'registry.connect.redhat.com/couchbase/operator:1.0.0-1' + name: couchbase-operator + ports: + - containerPort: 8080 + name: readiness-port + readinessProbe: + failureThreshold: 19 + httpGet: + path: /readyz + port: readiness-port + initialDelaySeconds: 3 + periodSeconds: 3 + serviceAccountName: couchbase-operator + permissions: + - rules: + - apiGroups: + - couchbase.com + resources: + - couchbaseclusters + verbs: + - '*' + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - '' + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - secrets + verbs: + - '*' + - apiGroups: + - '' + resources: + - persistentvolumes + verbs: + - get + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + serviceAccountName: couchbase-operator + strategy: deployment + maintainers: + - email: support@couchbase.com + name: Couchbase + description: > + The Couchbase Autonomous Operator allows users to easily deploy, manage, and + maintain Couchbase deployments on OpenShift. By installing this integration + you will be able to deply Couchbase Server clusters with a single command. + + + ## Supported Features + + + * **Automated cluster provisioning** - Deploying a Couchbase Cluster has + never been easier. Fill out a Couchbase specific configuration and let the + Couchbase Operator take care of provisioning nodes and setting up cluster to + your exact specification. + + + * **On-demand scalability** - Automatically scale your cluster up or down by + changing a simple configuration parameter and let the Couchbase Operator + handle provisioning of new nodes and joining them into the cluster. + + + * **Auto-recovery** - Detect Couchbase node failures, rebalance out bad + nodes, and bring the cluster back up to the desired capacity. Auto-recovery + is completely automated so you can sleep easy through the night knowing that + the Couchbase Operator will handle any failures. + + + * **Geo-distribution** - Replicate your data between datacenters to move + data closer to the users who consume it and protect against disaster + scenarios where an entire datacenter becomes unavailable. + + + * **Persistent storage** - Define persistent network-attached storage for + each node in your cluster to allow pods to be recovered even if the node + they were running on is no longer available. + + + * **Rack/zone awareness** - Tell the Couchbase Operator about availability + zones in your datacenter and let the operator take care of ensuring that + nodes in your cluster are deployed equally across each zone. + + + * **Supportability** - When things go wrong, use the cbopinfo tool provided + with the Couchbase Operator to collect relevant data about your Couchbase + deployment so that you can quickly address issues. + + + * **Centralized configuration management** - Manage your configuration + centrally with OpenShift. Updates to the configuration are watched by the + Couchbase Operator and actions are taken to make the target cluster match + the desired configuration. + + ## Required Parameters + + * `authSecret` - provide the name of a secret that contains two keys for the + `username` and `password` of the super user + ([documentation](https://docs.couchbase.com/operator/1.0/couchbase-cluster-config.html)) + + + ## About Couchbase Server + + + Built on the most powerful NoSQL technology, Couchbase Server delivers + unparalleled performance at scale, in any cloud. With features like + memory-first architecture, geo-distributed deployments, and workload + isolation, Couchbase Server excels at supporting mission-critical + applications at scale while maintaining submillisecond latencies and 99.999% + availability. Plus, with the most comprehensive SQL-compatible query + language (N1QL), migrating from RDBMS to Couchbase Server is easy with ANSI + joins. + selector: + matchLabels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + labels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"dynatrace.com/v1alpha1","kind":"OneAgent","metadata":{"name":"oneagent"},"spec":{"apiUrl":"https://ENVIRONMENTID.live.dynatrace.com/api","args":["APP_LOG_CONTENT_ACCESS=1"],"image":"registry.connect.redhat.com/dynatrace/oneagent"}}] + name: dynatrace-monitoring.v0.2.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Dyantrace OneAgent monitoring agent + displayName: Dynatrace OneAgent + group: dynatrace.com + kind: OneAgent + name: oneagents.dynatrace.com + resources: + - kind: DaemonSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for the OneAgent to connect back to Dynatrace. + displayName: API and Pass Tokens + path: tokens + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: >- + 'Location of the Dynatrace API to connect to, including your + specific environment ID' + displayName: API URL + path: apiUrl + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + version: v1alpha1 + keywords: + - monitoring + displayName: Dynatrace OneAgent + provider: + name: 'Dynatrace LLC' + maturity: stable + version: 0.2.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAANcAAADKCAMAAAAB6yXCAAABsFBMVEVMaXEaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhq03AAaGhpzvigaGhoUlv8aGhpvLai03AC03ABzvihzvihzvihzvii03AAaGhpzvihzvii03AC03ABzvii03AC03ABvLagUlv8Ulv9vLai03AAUlv9zvihvLagUlv8Ulv8Ulv9vLai03ABvLagUlv9vLagUlv9vLahvLai03ABvLahzvihvLai03ABvLahzvihzvihzvigUlv8Ulv+03ABzvihvLagTjPNzvii03ACx2wRvLagUlv8TkflvLagUlv8Ulv8Ulv+03ABuj0tiJZtjJpyUzC8TjPRsiFBzuiuu2gmv2ghCpq5jtX1zvii03AAUlv9vLagaGhoShOpZH5FeIpcTjfQSiO87mq9tl0JjsHWMxjpmb1xgR3dpg09bKYpjW2lxtS5cIZRuLKcUlPxPpZISh+5pKaIcitthUXCg0RxuoTtwqzVaIJIwlb6WzCsShu1gI5hkJpxoKaF4u1drWHtfNYZdIpVsK6VrjUlnKJ8Tkfqq1w4Tjvag0h2CwUgeme5QqZcTivFttmaCyVeZAAAAWnRSTlMAoCDQ8GAQwIBA4DCAsEBQQHDA8EAwgPDAEJDQEKBgoMAwQMCAgNAwYKBg8NAQsNCg8BBgIHAwUJAgcHCwkCCQ4OBQcCCQ07Bw3OCwUOBQuHA87zz41qb4bYKEG2nxAAAACXBIWXMAAAsSAAALEgHS3X78AAAHSElEQVR42u3bd2PTRhgHYG1ZHjh2nIEhjuPEzDSFQkrCKrN778qxQ5sABUoZpXvv3X7l6jRPp2ENNzqL9/cHSWxZd4/G3XsiYRgIBAKBQCAQCAQCgUAgEAgEQnsarXJDS75Q63OTPTvn2u25cvnFHBhbmMqVc+2V8urYAlu9odF96+PFWu1Fzr52udXYPR6suV7cTLYvr1Kvi8+ydeXWev5YOm0BWDuZ3Sv5ZO1Lw9pnsvbmjGUOiPPT+WSp0zlk7T2tqrNUsRYmR8Hao1LmSsdawViqmhvWHIOz1Jyy1F3ULI1HwZqyWNS4Wr1RsGYslnoqD6xVD4uSCSwdq+VlqfP5ZFExgZVHwTrhYql7xny5ZbEOqETGfBXZCGCp481aCGKpU/lkZTsxj2bNf8aHpZ7IkvVkUJe/fLXdbq+Uyaxor7YnCda8HyvLiZlgfXL9+rVr97a3v9jUcjH8k41Gq7wexsrSddnwIM729oNNVy5G3UkAK8OCo6GZfvtue9M3r6VkZVhwvNnr/flgMyDRdrF3VqXP9VbvHhJ8tbX1npOtra370V3TgazsCqmF3r+b93//dcMvd59J7cqs4Gj88c/djaAsjq/rnb83NtK6TlDoevuvENeRaPvYFeLKqpCaCGFtLIELXBS4DqV3TdPomhhfFwMucD0ErlkaXftz6mLARZ1rOaeuxfSuUzl1ha0rz+fUpYJrtHkip66l9K75nLpmwbVzOZS+7qXSNZHedT6nLvUhdM1k5WJSr78uhblO0+c6/Hz6cj7D/zgPZEVcLdO5TAksECOzwpYpM1O0uSzWWr2+1u1e6HQ6x/0//srLL1HJYp4LYx3se1I38iz6/grKTSpZvoXU8tlAliufI9dVKll+ruXHorH67yLXp1SyfApEk/VIvR/JFfCbABmzvAWHxXq0H8l1y5+V+d9I7U/O0l036GSRE/ORGCzd9TGlLMbvVwCisXTX+5SyXE98TdbjR/uRXd7p6zQdf3+4mJilu67S87t5QU/a4rJ0121KWc7E/HRclu6ilWVPzOZvNXSis5DrBq0sa2I2Wcf6/ViuD2hlMWcTs/ofEsP8AYamJGb1ieGQLhbzwsbhiUQs5PqMWhazaK0iuzFZd1zDIW0sZml/xOUWmY/w4ZA6lpXYrP63znA4sys/rP439nCY9eJ4pKz+19ZwSC9rLQFLm75uUc7SVlydkwfr8Vg/mZchzSwzxzvd6Lpfrty6TcMTmjjnrlsfvmL+8crP1CyO4528k92n6keDZ6+bY8nCfBe63Tp5Au/8gMbCM+PLcgk7x7rdtbqG/P51VX3jzCUGAoFAIBAIBAKBQCAQCAQCCYg8GBRS76QwGMjgAhe4wAUuf5eiZ2cxClscOCkwVe1fCd9AEgYDUf+mVhHQNnzT7qJifU6Qa5ztMmLqOFYwX8DfLFZErBGx4vTBaLMmm02VkqlK8sAV7XxpTdTwTUSt1+hrTXA2kznCZX7W66oO8B4XsM0FqxUFP7C6q4A3JSVh6TsoykYEvW9N7TARVyerfWGN4yzzRqdK5mExwjuSAjp5KE3rZJs/o3dFc3tDwlrHDeuDbDfFyzLeVJzorRY49/3Faa9huzJ/rKG2jWunWhkQdPQiojU99xfqdM2vZVEw3ymhrhfwk4Ka4kXjuLE+TUW6x41bxzVuyNaR1GOePq0bvIT3ViR3hrQc6WIDR0eJN67viueMaE1VmNCmhqXoElgu64ayt6kZtwnn2rLid/JrpCtkiEUnqspInn5rTQlSeFPD4r7irE7YA6B130t6byvutgeevTX1bSK7GB69p3j25G1KiDvEE/u0OoFfPBXjlBbc/VP8XKL+seiugumSPdfz0KaSuRTnopP0iyWaSxmNS/7fXOieKthjU5EJdUmKlVokF2dvzwa6WEXB9zoyl6VxhAEupeKe1oe5qjxZBvi6yIzKxZlXn3NF+rtEsgNDXCy5/Q67rNHCGUF8XZxZFjhFR7hLr7rszeVioKsouzMylzm6OyO+rwuVTEqMcUM7WkUu7riRpJQPdDEGyJmhfV2yUTlFdgnm1Z2hy6ieeLseCXJV47jcNUvE+StJ/OsNu9rFKuAglxLT5Td/hdcbSeJfH1pFThNbsUQ5X4WY56uJ3vPWh6K7Pky4Zsd3iteFaO+Cs8aIcn+x+oF25j6/+0sk60NvPS8JqU+Yvv5irZKJxY+nZMwcUpgLHRbFtWyqGWU6GzgeYoSm8Wlj/UXcdwO+mgqGr5exZxL2HMoyYS6OWGwb1w/vrJBLblcVn+/Q9sUh62U9YiKYa3bnJXfXndsnWr0hOsdKjxJeb5gnz/t8o+l9bJLgeZRVs/Gu1TgaVIpMuMtdH1ZK5BMoJaw+FFj74hNZ4nkU15TTusIGywJeheO3gOQ8DrTqc86naPcb1kpK8Hs78lyRGJXzEpa+59GjiCQkeA40BhHjPy4Zi7gfIuYmxENfCAQCgUAgEAgEAoFAIBAIBJLX/AcIuMeF+5wRowAAAABJRU5ErkJggg== + links: + - name: Operator Deploy Guide + url: https://www.dynatrace.com/support/help/cloud-platforms/openshift/full-stack/deployment/deploy-oneagent-on-openshift-container-platform/ + - name: OpenShift Monitoring Info + url: https://www.dynatrace.com/technologies/openshift-monitoring/ + install: + spec: + deployments: + - name: dynatrace-operator + spec: + replicas: 1 + selector: + matchLabels: + name: dynatrace-oneagent-operator + template: + metadata: + labels: + dynatrace: operator + name: dynatrace-oneagent-operator + operator: oneagent + spec: + containers: + - command: + - dynatrace-oneagent-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: >- + registry.connect.redhat.com/dynatrace/dynatrace-oneagent-operator:v0.2.0 + imagePullPolicy: Always + name: dynatrace-oneagent-operator + resources: + limits: + cpu: 200m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + nodeSelector: + beta.kubernetes.io/os: linux + serviceAccountName: dynatrace-oneagent-operator + permissions: + - rules: + - apiGroups: + - dynatrace.com + resources: + - oneagents + verbs: + - get + - list + - watch + - update + - apiGroups: + - apps + resources: + - daemonsets + verbs: + - get + - list + - watch + - create + - update + - delete + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - dynatrace.com + resources: + - oneagents/finalizers + verbs: + - update + serviceAccountName: dynatrace-oneagent-operator + strategy: deployment + maintainers: + - email: support@dynatrace.com + name: 'Dynatrace LLC' + description: > + Install full-stack monitoring of [OpenShift + clusters](https://www.dynatrace.com/technologies/openshift-monitoring/) with + the Dynatrace OneAgent on your cluster. OneAgent connects back to + Dynatrace's hosted monitoring tools. + + ## Before Your Start + + 1\. Make sure to install the Security Context Constraint (SCC) in order for + the agent to properly monitor all aspects of your Pods: + + + ``` $ oc create sa dynatrace-oneagent ``` + + + ``` $ oc adm policy add-scc-to-user privileged + system:serviceaccount::dynatrace-oneagent ``` + + + 2\. Add a Secret within the Project that contians your API and PaaS tokens + + + Get an [API + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens) + for the Dynatrace API. This token is later referenced as `API_TOKEN`. + + + Get a [Platform-as-a-Service + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens). + This token is later referenced as `PAAS_TOKEN`. + + + ``` $ oc -n dynatrace create secret generic oneagent + --from-literal="apiToken=API_TOKEN" --from-literal="paasToken=PAAS_TOKEN" + ``` + + + You may update this Secret at any time to rotate the tokens. + + ## Required Parameters + + * `apiUrl` - provide the environment ID used in conjuction with this + monitoring agent in the API adddress, eg + `https://.live.dynatrace.com/api` + + ## Advanced Options ## + + **Image Override** - use a copy of the OneAgent container image from a + registry other than Red Hat's + + + **NodeSelectors** - select a subset of your cluster's Nodes to run OneAgent + on, based on labels + + + **Tolerations** - add specific tolerations to the agent so that it can + monitor all of the Nodes in your cluster + + + **Disable Certificate Checking** - disable any certificate validation that + may interact poorly with proxies with in your cluster + + + For a complete list of supported parameters please consult the [Operator + Deploy + Guide](https://www.dynatrace.com/support/help/shortlink/openshift-deploy#parameters). + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: mongodboperator.v0.3.2 + namespace: placeholder + + annotations: + alm-examples: >- + [{"apiVersion":"mongodb.com/v1","kind":"MongoDbStandalone","metadata":{"name":"my-standalone","namespace":"mongodb"},"spec":{"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbReplicaSet","metadata":{"name":"my-replica-set","namespace":"mongodb"},"spec":{"members":3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbShardedCluster","metadata":{"name":"my-sharded-cluster","namespace":"mongodb"},"spec":{"shardCount": 2, "mongodsPerShardCount": 3, "mongosCount": 2, "configServerCount": 3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}}] + + spec: + displayName: MongoDB + provider: + name: 'MongoDB, Inc' + maturity: stable + version: 0.3.2 + keywords: ["mongodb", "database", "nosql"] + + maintainers: + - email: support@mongodb.com + name: 'MongoDB, Inc' + description: | + The MongoDB Enterprise Kubernetes Operator enables easy deploys of MongoDB + into Kubernetes clusters, using our management, monitoring and backup + platforms, Ops Manager and Cloud Manager. + + + ## Before You Start + + To start using the operator you'll need an account in MongoDB Cloud Manager. + + * [Create a Secret with your OpsManager API key](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-credentials) + + + * [Create a ConfigMap with your OpsManager project ID and URL](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-onprem-project) + + + By installing this integration, you will be able to deploy MongoDB instances + with a single simple command. + + ## Required Parameters + + * `project` - Enter the name of the ConfigMap containing project information + + + * `credentials` - Enter the name of the Secret containing your OpsManager credentials + + + ## Supported MongoDB Deployment Types ## + + + * Standalone: An instance of mongod that is running as a single server and + not as part of a replica set, this is, it does not do any kind of + replication. + + + * Replica Set: A replica set in MongoDB is a group of mongod processes that + maintain the same data set. Replica sets provide redundancy and high + availability, and are the basis for all production deployments. This section + introduces replication in MongoDB as well as the components and architecture + of replica sets. The section also provides tutorials for common tasks + related to replica sets. + + + * Sharded Cluster: The set of nodes comprising a sharded MongoDB deployment. + A sharded cluster consists of config servers, shards, and one or more mongos + routing processes. Sharding is a A database architecture that partitions + data by key ranges and distributes the data among two or more database + instances. Sharding enables horizontal scaling. + + + links: + - name: Documentation + url: 'https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/index.html' + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAH8AAAB/CAYAAADGvR0TAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4ggYEhkp9JVi8gAAFENJREFUeNrtnXmcVeV5x7/Pe86dGUZQUdwAo4Kaam1cUAdm3DAYl1ZjmmhMYkUlkMYtMVVrVExqY7q4oabNp6EuMdpEq8ZGpf1oJCbKJgxqlWiIgIrACCgimwJznv5xlvue5d65dxjsvXPP4+d4t3OB+/7e37O/7wsNKhdNv9iZ8uqNQgOLadhfLnLA7CV/OOrT/3JMDn7D/XDh02s3bRr/h4ufz8FvNOnu1s9v2rL5/EZW+06j/eCJT09i1Pijdhb46ZpNGwa4Jw4x7097+9mGtHyN+KMn/fob/yyYK998byWLV727FXQPgfcXXjIjV/v9Uc7/nwkATHhq4t+q6pWKUjAOgroCf73wkhkc+KOOnPn9dwJceIkx5k6DwRjDyg/XsmD52+Eg7LHwkhkrc+b3Izl32nkAnDftgkcV7kRBUVQVxxhAw1ufOfBHHaaR2N+vwf/KE+fS7W0Z8LVp5z2t6BcIQPfhViSu9w4BLlt4yQxG3NmRg1/v8vO/uB/EmY3qOFDUC3iuiiq4xsHXBOAB3cptI+/s+KvFl87ggAaYAP3S5n/pV18WjNnBUZllxBwiAo44CIIYgxHBiMP6jzcxd8kixFIBAp7AV/546YyHcubXoXy03gVPf6noIaGS93xLT6DxAcU1DhIMQngJGFUe3P+OjhMB9r+jI2d+PciZj30JcUWkW6Yb5AQxBgeDiGCMYDCIBMw3ho82b2XOooUx5lviASe9cdmM6Tnz60AeO/NhdKveBHqCRgh6Edsjex+8doz0RIxn9r+j41BfA7TnzK9VGff0WbSu964V4QdGDIJgQpYHjyImYL/giKFblecXvo6RcsOgHrDHG5fNXN3fwHf7yw9pWbe1DZEbQNBoVvvPNHxHFSR8D1Q1dp/lECS14//uf0f7/t3CRuPBom/NzMGvFTnl4TP2VHS2IqAB3AKqgieKo4IHGAkifFVUFNcxKIogKdA1/rgXMGvJpTMPzW1+jcjJD5/u2y7hwZDJSRB9WIvve9FzP9YPX3kUn2vxFqR4fWbk7e33Aoy8vX/Y/7ot6Y576DSePutJTn749O+DjAd82y0SZe5EAk0QvCcUH0FA4K33VvvvV/bXHrbLqXu/suhbM1/LHb7/RznxodMwyJ+ImFccEdd36ASDH8b5Dl8Q3gVhXuj8SfC+4zg8+9rve3D40h4gMAp4sd5tf92q/elnT0PR/0Q914spdgJ1roE61+i1F5mAwMUT6S1h7u8PTl/dgj/2wVNvVThEAzx8e2/bdBJef2jMLd9Atbd//cEjb29/LAf/E5ZjfzGK439xyi6q+o2wQqfqUXT4Am8+8Nw8y7FLagXdtn/K50dMaT8OYMSU9hz8T0KeO6cTD+9nCq2hCbYJrBnPovvs/H4vma9avICHARZ/e2YO/ichHf9x0qkopyVr82GDBpE2KDZtqHWvhpogeL+lUCgJbtaVkN1GTGmfmqv97SyjH/hsyNfvpZMwCdWeUuqhdogS/CXB7oWcO2JK+3Bf/Y/Jwd8eMvtrzzD6gc8eC9rmqaXC1c/RqfoFHE81075HvgCWBthWq+//qS2gj+bM386i8IiStu+R8leNWXjb67dDvMgxrBp8zbgAOGrElDFfWPztWTn4fS2j7h/LkQ+ceKaiu0VAaqjOk2zGsvvF19ZDZPfRLPi1zFVWrgUYeduYHPy+ksPvH0vnub9B4W+8BGsjSGL2PAGVxplP4vt+Sb9igKMsjxDL+yPKqJG3jTl50eWzcvD7Sl489zccdv/Yg1T1mBg3LeRDhnuZXr+t/hNaQqHgOj1CngQ7OU+s4tCjAPvVCfvrQu2r6r1gVd80bs9Dey+AemrX7YqRgGrC69fIfJRgcnRF0YD1b7Avay607nfbmDPZsiUHf1vlT+87nkN+dsLexTRu3JVTjSduvIR6Twd8dhRgpX9LMzle6q3EMKheseSqeex36+gc/G2RBef9FlRPUWj1U7aaAEIDmy4Z6t1iOxpL+GA5gl4Gm8uC3HMWqGO/W0cftuQ7s3Pweyv73ndcyObJIavjSRvbU/fifrpGjVsxb59EgFecPGWZ3Jss0L/Wg9qv6Xr+gfcd1+bAbCeozTviPwrghvV6kUSzZrGG74hBwH8UgwiEzZ2OGFzH4dW3l7Fu00d9NhDBn7MROBh4a3ENa4CaVvuiXBxT82qHepbXL/HQL5b0EUmVedmGDJ/0cAXSCpyyuMZVf002cI786bEItCi021k5FX/4QxstqsWmXJGiLRcJ7vcfRSRKBdjNnapUFOb1LkJhMvBvuc2vUhaNfw6FQQojwyXVWM4YqjGvH5VEsVaLqd6MeN+2/64xlTA5Ow9ouQJe4lIYtu8tozty8HshnuqXvXj1naxcnP/cSyV80l4/VnJHoySPY6RH+kehnw2uVhT+fScHv3dyeXzwNeq/KC7FSoIdDwND0KP2bdUMSONM9rJY3Pty75H73jK6NQe/CtnvnvbBqowopmxJlWHTGkFT+Xs0I0ljN3daKrsS+98L+RSwRw5+hTL87na6VcbZ9hrNAFATmT6NR/Hx9K4mcoPxhVzbK4YOUsaX5uBXKO9cOBPfyy9n7232B80cVi9fmA3ESvhkNXdq34CbeVnz7KIc/OrkzzwbSEtd26ocqy+PhJOX8vpJN3d621DGreKrzfvc3HZYDn6lMTJ6UBHwEKSMjpykVlAt7fVnNHdGwEp5FvcMdrF+4GVcwMn73NyWg9+TDLtrtKMwFEpU5EJHzvrQixie5QymJ0LsDnuVZkUTMwvsHhVBx1tXzMkzfD1JNzLWsRmugooPsETZPcW/R2IFHN+DV8LQXVRRMUEKMPxMYgma0kxOmgoyzEdFmT6Aw3O1X5mM1WTEZoVu8UZMUmVem9BRCZdkG1eyEuBFXUAVMrks2BlFwOH73tS2Yw5+z2p1XFaRxqvI609z1s7yxU2HWhpfKmZ0T+X80DE0iQs4Kwe/Z/APTa6viK27s7J1ttdfbXOnJl35KsEtBXJ2TUABPSG3+WVkt7vaBgEFjaJ38JDAvqeZLyWehyAhQf+eiNXNE34mUcyvHiWrOJKeHxW7hQk5Jge/7JjJEBXfsfMiFoWUlcBpI3Lo1C7hkiz9UtxtJ6jrq6eokZRLJ71SgVrFXYL6qd5c7ZeRnYNwO8bwLAcs+VnKS1dKNnfaWT9T0ZYsPS/gKH4ieMHVHT33P9v7prYhOfglxIMhsZ46jdttuxQbX2xZfXNn2LpdcA3lV+lkAV0EtzsGspSLFATIwS/DsB2ChFtmNi9ksO39q/auuTMxfcpyPQ10hUo/mUhQHZTb/AwZPLUNYGcPMBQ3SkRBRYNuHX9m+EkeuyYnMTNgYuz3k0Rhy5f/OnQnQ21h+mKnDog2dSw5AXbJmZ8haybOQWFgejPEeMq2VJnXs5o7PXvcJavM62f7wnu9Sku7qki5q/y3BRiQg196bAfGnTVSS6/CnL5nq2dNLse2l2dZSR6NL+UuklIqA3vbf2IhB78MO7I8+hAkz4/YYuCFyzPC1TZZzZ3JvF9sJU/vmdwbGZiDX1r20MTOKWECx4uFcHFVrclevNhzDxL782BNKlNFzN7LjKU9iWtqkUxNJXkUXS+RI1bcDtlDMYHjpgkl7QXungabK4f7Knqov8LW2mhRk16/KK5r+gTgWGhaJ1Jj4LNOiDdlSjHHl1nmdaLPLc/fXqhhfU+iFR69a9hUa+ZplQpDtq+CqX/wSXFeLIb7QHsKjhAu0wlCQaxVPFb6N4rrJbg1SPwE6/3K9fFpKSZrDwCXvFcBNufgl5bV9vq7MMZPTweNGjnsoo79WTSVxAT2XvxCj81+wDHGdyQrZW85nd+zfJQ7fGXC/axxTfbc99Tc6VmsVs06REGjtK+UOGcnc+lWun+cKto+FFifM7+EeMqHRgJeBupcokRN0fe3tYOHX5zRmMkAzQKagP1Blg8tbuci2Wq6r2Vdzvwyah8oEcRlLbDKDKeKmoH4Hj6aTA6FMWTyeI3t55mtzcEvLe96mraimuq5tdV9Vmt3Yv+9jOROBLZsH7AzNm9SD97PwS+lEye9sCL8N6l1SEKsBaua5s4UlzXe3FltvFYZyLGyrtX7Lx6szMEvP5wvJ7N0sRi/THNnvAwbP1ghy2RUw/keQSZ74YclH6y4eu7WHPzy8lRy1L2kzdf4ku2wuTOaJJa697dlIb7lOumNmtKTJ35FUUCPK3pKNoXU3LGstQj+Q1piG1UyGJ+eFOk0bkyD2Dt3EqzBz4CqsrV5Ve3P+1QOfo92f+48YItmeP3pHn57V83k2XiasXmTvcwqDPO0t0yu9qf9Mge/Uruv2RF3chdNz8rwkfAPsvbwKf4hyZp+KTb3TYj3znfnrRr+D0fm4FcgL0SJnxJePwn7H2/uJHHAAtnNnfKJxfevArzz3Xk5+OVk0E+OAvh1qbNtyYj9yzd3SvxbGt+fY/NWb/vpr+JKn85aZFgt2nyAx1KAa7H33o6hY15/LOGTbACLO4ihryCS7BDoE7CT5mR6Dn7lE0CBB2MnY2Tw39um5s7q9+Cs8uQtW57Mwa9ObshKxKQOTbK47SXUf1ZzZywrCGwtofarBLec/Peya+ZtzcGvzu4vAV2qatvrDJ/cbu4kq7kzWeaNr+CNFmv2DdBZ8v1aZVetqn3WTZq7ybaVqdCbnps7S63vKzqF2tdAJ2UVsGDYD4+sSfBdaluuBh0fdubYnTqVNHfaZ+l4QStX6Cs4wfKfrVs9ZPv11M5fds28DTnze6H6102a2wU8mqnuS2yhni7zxhs8U3F/H1O/mBZWgB/WMrNqFvx1k+aGtv8GoDt5nl6m1x9L4JMq83qprKHS3e31GdhiOQ0Kbyy7Zt7vht84Kge/97LlZdClWXbf9vq9MsmfeEtXMczzAM+rDtwkyF54kSr1XgHwzrWdNTuyQh3IoJ8cdQzIc0b83nuDf7iC/drgvzYIjpHgeBWJ3ncQRARXgvtFcI1h2dtr6e7W9IBoOrNQhYFYA4wAPlhew+CbOgCedZPmPg88kQJBExk7SLR3pb38ZCa/e4sXi/GSTK66P9e/bll+bWdNA19HzD8a4EgR5orFcqF44FLI5kgDBIctOYGWcAIN4QQHNUnwuHTxB7339rNnxOrl13XuVg/jWhcnaq6b9ALrJr0wT5VfJcc9eyl3afarlfDxVCtlcjXl/OupE6mrI9SBs4H3SjV3UqK5UxNef/i1yNb3Sa8GAB8CU4f+YFRdDKZTT8hvfnxZd8sZwzYDp/gLMHwTQGACwv31JEjoiP+/xD3BcxG8bmXj2s29Nn4Zq3qOX35d59J101fkzN8esnbiC1OAWSFjk2pd1Gr7DmieLvMG3+khxq/wDL3w739i2XWdc4bVCevrEvydph4N8OcKG8s1dybbvWJl3lDtJ1ZoVnKsWtbqoOCMnosBll3XmYO/ndm/RtGrifFZMxI6JZo7g46eJnVioGeBXOqkrcT6/jNWTO58e6+/H1VX4yj1CP5OU49m7cQXGDy17QGBrxoJbHxWwkfEP1c3CgWLCZ8dNxZYvPK9aCMH6d3OGtMFxinoismdOfifhAT79g0E3jbCYBMAKhG4xcfoEGYER8LJIQzd0MpLq7p8h7B3of1moKVrcqfW4xiaegV/zcQ5rJk4Zz1whMLmrNZtteZ3uA9nsblTGZKxLV7lob0CjO2a3Kl71pm6r3vwQ/avmTjnTYGz00uxrJbu1N59/n+70lqy8aOcqxcUiW/smtw5E6CrztR9vwB/zcQ57DK1jfe+Pue/QCfan3lJniaaOz1gT7NDopOnCK4Em7IaDS+iS5Qfd02ef92QG4+o5+GrryRPlmx6fBm7/nsb7319zvwdzhg+FGFUmPAJfYAw4SPi+/Xhhk0dW4ay6OP32aAfR/UB0R5P0J4DfHHQ2L303cnz63rshH4mQ+4a/YhB/jL0+p0gCnCCvXfcwPFTUa7aeDRPbvgjszYsrdTpWwAcvvz6+Vv6w1iZfga8rJ4w+4vA42o5eGGyx473W9XFxfCZAXvSXaLAkzjQ4RWFY/sL8P0O/NUTZuvud41h5YRZZwC/S2b2bH9gL28gHsrQwo4MMG7ZjReAJQptmtgtrN7FpR/K7neNoQXGfgyPKZxerAKGXb7K8O5BYPxunt0Lg3hnc8m9kuYDY7uun7+pv42T6W8/aOWEWaycMIuPwevyNcDP7eSMBrt47OPthAq4jsMRA4exVb0spf8ydI+mxrZQy8HvQbomzGLoXWNYPmHmVxWuDIEHKOAwmBbECCKGk4ccxGB3QBTxB3H8j4FRXde/vKXr+vmag19nsnzCLIbd3c6yC2feDHxToRtgR68JFx94YwweylUjPkerFEB1M8qVXde/eBHB/f1VhAaSfe7p2FeQBQfozq3neAfhOAWaCk00NTXT3NyCNLXwT68/fvBzl097ba+/O5wV33uxX4+HaRTgP3V3B29dMOPNN2X50GO6h/mt38ZEl2NcWp3Cxc9dPu21S+/5Zr8HvuGYH8rUqVfc6zru+EKhiaZCE81NLTS3DFjluk0HGnE+OPGkCxtiHNxGBN8x5hERM96IwTEOxnEwxv39uM9N/KCRxsE0IvjGOAuNMVt8le/gOC6OcZ9tuHGgIUWXGuNsdYyDBPbecZyXcvAbQM6/4B83OkZWi3FwHRfHdTGOuzQHv2FUvzsj8vSdAq5bWJGD3zDgm07HMRingOO67DBghw9y8BvH43/diIPruriOi1tokhz8BvL4HccNVT5OoUAOfqP8cMdd5YPv4LpNFNzmHPxGkTPOvHyN4zg+8wtNNLe05OA3GPspuAUKhSYU2TkHv4Gk4BQ8t9BEU6GZ5qbmQTn4jeTxu4WX3EKBQnMzheaW3XPwG0Se++0DtB97zqjWloG7NhVa7m5pGjCYXBpHXlsQ3wZ/w/plDfX7/w9sJTyL9hMvGQAAAABJRU5ErkJggg== + mediatype: image/png + + customresourcedefinitions: + owned: + - name: mongodbstandalones.mongodb.com + version: v1 + kind: MongoDbStandalone + group: mongodb.com + displayName: MongoDB Standalone + description: MongoDB Deployment consisting of only one host. No replication of data. + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + + - description: The service where the MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + - name: mongodbreplicasets.mongodb.com + version: v1 + kind: MongoDbReplicaSet + group: mongodb.com + displayName: MongoDB Replica Set + description: MongoDB Replica Set Deployment + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Number of members in this Replica Set. + displayName: Members + path: members + x-descriptors: + - 'urn:alm:descriptor:text' + + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + - name: mongodbshardedclusters.mongodb.com + description: MongoDB Sharded Cluster Deployment + displayName: MongoDB Sharded Cluster + group: mongodb.com + kind: MongoDbShardedCluster + version: v1 + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many Config Servers will be deployed + displayName: Config Server Count + path: configServerCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many MongoDB Servers per Shard will be deployed + displayName: MongoDB Servers per Shard + path: mongodsPerShardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many mongos will be deployed + displayName: Mongos (MongoDB Shard) to be deployed + path: mongosCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: Amount of Shards to be deployed + displayName: Shards + path: shardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + install: + strategy: deployment + spec: + deployments: + - name: mongodb-enterprise-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: mongodb-enterprise-operator + template: + metadata: + labels: + k8s-app: mongodb-enterprise-operator + spec: + serviceAccountName: mongodb-enterprise-operator + imagePullSecrets: + - name: '' + + containers: + - name: mongodb-enterprise-operator + image: quay.io/mongodb/mongodb-enterprise-operator:0.3 + imagePullPolicy: Always + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MANAGED_SECURITY_CONTEXT + value: 'true' + - name: OPERATOR_ENV + value: prod + - name: MONGODB_ENTERPRISE_DATABASE_IMAGE + value: quay.io/mongodb/mongodb-enterprise-database:0.3 + - name: IMAGE_PULL_POLICY + value: Always + - name: IMAGE_PULL_SECRETS + value: '' + + permissions: + - serviceAccountName: mongodb-enterprise-operator + rules: + - apiGroups: + - '' + resources: + - configmaps + - secrets + - services + verbs: + - get + - list + - create + - update + - delete + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - mongodb.com + resources: + - '*' + verbs: + - '*' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/couchbase.1.0.0.clusterserviceversion + packageName: couchbase-enterprise + channels: + - name: preview + currentCSV: couchbase-operator.v1.0.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/dynatrace-monitoring.0.1.0.clusterserviceversion + packageName: dynatrace-monitoring + channels: + - name: preview + currentCSV: dynatrace-monitoring.v0.2.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/mongodb-enterprise.v0.3.2.clusterserviceversion + packageName: mongodb-enterprise + channels: + - name: preview + currentCSV: mongodboperator.v0.3.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_08-certified-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_08-certified-operators.catalogsource.yaml new file mode 100644 index 000000000..77cdb1ff6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_08-certified-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_08-certified-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: certified-operators + displayName: Certified Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..035e4e8f4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..568d9b6a7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:058731fac9ecad9a35276612ec79bed76f506aaecd80c8c1fe9d68a262edcddb + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..134b28d26 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,43 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - openshift-operator-lifecycle-manager + - '-debug' + image: quay.io/coreos/catalog@sha256:57eb45f2a519c65041d3fad0d7a5199f2ce5ba6a72992606ec4839d3307c5b5f + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..e91d70cb0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,26 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_13-packageserver.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_13-packageserver.yaml new file mode 100644 index 000000000..889867f75 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/0000_30_13-packageserver.yaml @@ -0,0 +1,149 @@ +##--- +# Source: olm/templates/0000_30_13-packageserver.yaml +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.packages.apps.redhat.com +spec: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5VENDQWQyZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01EZ3hPREk0TXpoYUZ3MHlPREV3TURVeE9ESTRNemhhTUJ3eApHakFZQmdOVkJBTVRFWEJoWTJ0aFoyVXRjMlZ5ZG1WeUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUF5WjdOV2l4c3ZKWUYwZ1hkR2p5VkNNWlRzWVFNRUZnYnpLd1BsUjV5V2lBNklDUjQKVzlzeEozSEEvdWdGSnhmZ3U3R3ltQjhQNEttdXJFTWV5R0Z5WGVpbUx6WTRubVpUQlhiM3o3VjZBMUVWWnJNbwpHRWtKSkdpcFhlOU01Wkx0cExiZVJocTZtd3FGNU9aVXBvdXlyUHpSZjFqL0xlWUovV2RwMVJyK1JyZDJVdGY0CklqYm5qMXRBMExwdGIxMTdaUDN3V1d0d25oK0Y5UzNjNS9RbHhHUGNMelhwRUMxcnI5Zm05bTUzM1dQRzBYZ1kKQ3RWMTB6eTlGL0NDYmc1MzdsSjV1WFdCcytySGdBTGEreXcveWpvb1VIVFJ4Q1JhKzNBQXdFRzRKQytpMUNiTApnSVBpam85TEI4V0hxTDFxL1NOMFZlRFdrbnpOb0dKdDlSR2s3d0lEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTWgzNHUvOFBiRUEvd01JYmNKR1NSMmVFdjhVUENqWgpXeTk2bU9xZDRiY1lMUE9SWUdCL21iSjgrWmRqdDRHRGtiQS9LeUpwVW1KWXE4K0FyZitsLzVJNDhON3JtZTB4CmszSDdJWmZQMS9kWlI2S3dHd1kwY2xFc0gzdVQ2TlhkNHphblNJTWZnZDR5RTk1eEpMa0g5RE4zSUZ5Z0lWYVgKdXVCMmlqcTQzTVNaWERkbkluM0ZXUXRCZVludzl0cWdsREl3MTJJMDlPVUVrZ1hKb1FTRnBJUzNOMDhrdnpFegpVWjFaM2Q4YWFQQTBUbU1hUS9wYXp4Tm1CUURaeGdsSC9lTlh1UmtwMG5Gb2VFY1lqb3VjazBkSjRoNFd4TzA0Ci8yV28zN05peUVvdzdodmphMHFUN01zNmpDRUozQm5hTjVaMW8wQzV5bHUrTXVzZllrRmNoUE09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + group: packages.apps.redhat.com + groupPriorityMinimum: 2000 + versionPriority: 15 + service: + name: package-server + namespace: openshift-operator-lifecycle-manager + version: v1alpha1 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: packagemanifest-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: package-apiserver-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aggregated-apiserver-clusterrole +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: package-server-certs + namespace: openshift-operator-lifecycle-manager + labels: + app: package-server +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURhakNDQWxLZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01EZ3hPREk0TXpoYUZ3MHhPVEV3TURneE9ESTRNemhhTUJreApGekFWQmdOVkJBTVREbkJoWTJ0aFoyVXRjMlZ5ZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXJRMlhtQVNDUmlkTEREUnVwQTNPOHlCNzhQSWl0enZtdzlPeHB4NDY5T3ZhMmc0dVBlbU8KcGRhMEEvMVlQa0pLN3BjaUV3bWZndWxIYmFoL3dBcEJUYnRyeEgzejNBU0pOVUZXYm03RE80TXZvUjVWQ0wvaQpIeWNPeFhDek04ZlNHODNGNWowRkpHS2ZxWlhvVlVPdUxFZU5GMUJ3WkdDTFBlYngrL3BhN3VqOTZkdENLTVR4ClNIa0J2b0dTOE54QmVMazBya2xuRkQ1aXFCRFltSndkdUZGNFZBUWJYd0FpSVZwNkI5UG9iVkM4Y1RtV3F6QUwKU2NCMkhLZ1lqVXVvcjhTUE1sc0MyVXN1OWVZQ3U5ZzR2YURjWVRmNm9GSFZDOEVvNmk0VFYrMGRPdWpvMUVXbAprOE5SbXpCbFZERWZrZ3RHT0JTU09jWWUyRWt6NnhkMENRSURBUUFCbzRHNU1JRzJNQTRHQTFVZER3RUIvd1FFCkF3SUZvREFkQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXcKQURCM0JnTlZIUkVFY0RCdWdqTndZV05yWVdkbExYTmxjblpsY2k1dmNHVnVjMmhwWm5RdGIzQmxjbUYwYjNJdApiR2xtWldONVkyeGxMVzFoYm1GblpYS0NOM0JoWTJ0aFoyVXRjMlZ5ZG1WeUxtOXdaVzV6YUdsbWRDMXZjR1Z5CllYUnZjaTFzYVdabFkzbGpiR1V0YldGdVlXZGxjaTV6ZG1Nd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFQ2IKcDhmVjhYUzRVN1h2VG5XNWU2MnRsRFNZWDFRLzduZkQ1bXBmOGlJK2trQ1N4aExMM25YZThtNlNVSTI1eGYrdgo5a0dBMFFHRi9rRjBidGNrTW9uWC90K3F1aGs0YTZIWjlkV2tVMU56Wk9icVMwUE5wWGJuSktVOFlJWmhZTkRMCjlOOGFoVnplNkJ2WW5SMTF4LzQ3dzF6czNuL0NIa05Ta21tZjlxUHZ0TXRVRUZheCt1d3plRVl0STAxRWZyNVcKR2UvTThWdUExNU1VNWk3L2s2NDExRS8vRW9CWnNnMzNXdFpTbk9sMVB2TVUxSUFxNkZmV3M2RmFLUW5UUlliQwpUWEJQREhqQ2s3OUZHWkY0T3QyQ1NiY1ZKZFN0aTFsREQ5WXlId213UmRHWTFnUTk5dnlrWU43NDJlVDdncVA5ClgwYXVNQzRrK05WemIrejRmUHc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBclEyWG1BU0NSaWRMRERSdXBBM084eUI3OFBJaXR6dm13OU94cHg0NjlPdmEyZzR1ClBlbU9wZGEwQS8xWVBrSks3cGNpRXdtZmd1bEhiYWgvd0FwQlRidHJ4SDN6M0FTSk5VRldibTdETzRNdm9SNVYKQ0wvaUh5Y094WEN6TThmU0c4M0Y1ajBGSkdLZnFaWG9WVU91TEVlTkYxQndaR0NMUGVieCsvcGE3dWo5NmR0QwpLTVR4U0hrQnZvR1M4TnhCZUxrMHJrbG5GRDVpcUJEWW1Kd2R1RkY0VkFRYlh3QWlJVnA2QjlQb2JWQzhjVG1XCnF6QUxTY0IySEtnWWpVdW9yOFNQTWxzQzJVc3U5ZVlDdTlnNHZhRGNZVGY2b0ZIVkM4RW82aTRUViswZE91am8KMUVXbGs4TlJtekJsVkRFZmtndEdPQlNTT2NZZTJFa3o2eGQwQ1FJREFRQUJBb0lCQUhsTnhNeWZwSDN1ZnpHLwo4eXAyTDNISGZIbXFFV0dsMEozR1g0cElxNFVSYXVoYzlsY1p4NDlDRUErWDMrcE1aK0FVK3FLanBUZUx0REVPCjR2WEhlbjAxZWxaUy84UmpQWmFpQlNjRjV6NXBOOUxWd3orTjJjQ0NqVjBqSWNxVE1CbWpSU3lkNjJQVTZoeGkKNDJnWk9CYjcxTS9aNTk3RXVmWWJVOWFRYUh0OG1MVk5VZlFQTUYreDdTS2ZaSFdBZjMxNGxyVFd1RE9Vdno3QQpGc0JqeHlUWGhIUmNiN1BsNDNOM3llZWRLcVc2dlNYSmx6Tzg1RzQzQ2xJcXEwVC9aeG1BNXdSV0k4YjhjZFYyClVwTHNtZkhhNG9WaVVBSzFlbWhVZXNkU1czU1htS2FYdWhGb2NSWS9RVVR3TlBCT21KNFJveFNyTDRkU2pYOVQKWlFTU0NYMENnWUVBNDl5Rm1EV0UySFZOREt0d3pacVhwQ1kzeVpDSzVBRWZXYk9wRlZtdjQyVEFrUFVvaFRiTwpBY3lHOGYwSHUzSEVwMDNkNmdoR0wxTEFraWxYQUdXZE93UkU2Y3ZIaXVkQWZDOUxzOEwwaHRBaS9IeG1qMHg0CmFha01uK2ZrQjdQeUR6QytNOVZKYmFTMWZ5Nm9xbHNYeW9OeUw4U2ZaanZDMjFiWXpudDJuV2NDZ1lFQXdteGsKV2hJQk90L0pVcmdWalR1SlZnS0NwTFpYa3hnaG5FazlwencySnF5STJ2U1lKWUZCQU5Ka2UrY2RvbmNEQUxCMQpQZFdiWS9KdTEvZmJ4d09lQmFoZ3dSV0ZoK05VTU40aEl6UWVwSTUxR0h0dUNRRWNMYnlrWkFlOURkNndGR0xICnd2NWhhM3R1ZjQxNUNUekpVNlltTWtqVFplQ3RsMmhRRVUvcURROENnWUFIVjlQMlU4TTBOcE9GRlFGTm51M0UKSEhjdng3aXlJRmNpVE9mbUNEM2kxaHhlajRmK3d3VmdpWGJQMVplcU1zQmpvOTdDN0FGWEJST3ZvaVZybmRxegpUQy9zV09UVlZSNSs0Z2RPZzduZG5sZUNTNEFDbmpSRE0yOTB0OFJoZXlzUjBrQk82MUN5ZDl4aGZOOXluZnptClNkWWtNL0h2R1gzdUU1NXBDUkdKZ1FLQmdRQ2p0RHl6RW1IeXZxZDNmUVM0ako3UXl3QlJ6QzdrN2ZhdTc0UjQKSWR5K3A1djhNT05EQVJoSXB0NXc3V01vZnVrS1ZZb0NiSytRY25zZVlkYXVOYitDcUFuL3lpMUxCQURKdk45TwpFdjZTTkZrb0toVzJnemJFMUFmZktoem5acy8vK2tTVlRUZWVGcW90d0dOZmdjMUxINlVkeGZBcDRncUlhQTZ5CjVRVC94UUtCZ1FDTEZ6YUtjUklOUXBKeVJkSVlveDZxWDNVZWhtbkhBUk9nSFFVdTZhZHVWOFdyRlVOM1hqd2kKU25PRmFOQUVvZCs5bURvUGNDNFJGSlZEdnhvbE4zNlBibXdaVGJPSnFXaDRMS1p4cXg0TU9lNHBUMy9zUkxhYgp6a3pEN2lMR3lxUjRNTlFUWVZraGlHQkJqMWs4bDRrN2pZcTVSQjhzWmNZUHY5ZDVGQzVSS3c9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: package-server + namespace: openshift-operator-lifecycle-manager + labels: + app: package-server +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: package-server + template: + metadata: + labels: + app: package-server + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: package-server + command: + - /bin/package-server + - -v=4 + - --debug + image: quay.io/coreos/package-server@sha256:cc18b5711fb2126329c969f077f67f41981c87f800f6b2ceae5981422c14917b + imagePullPolicy: Always + ports: + - containerPort: 443 + volumeMounts: + - name: certs + mountPath: /apiserver.local.config/certificates + readOnly: true + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + volumes: + - name: certs + secret: + secretName: package-server-certs + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + imagePullSecrets: + - name: coreos-pull-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: package-server + namespace: openshift-operator-lifecycle-manager +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 443 + selector: + app: package-server diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/image-references new file mode 100644 index 000000000..ef7bb9d5b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.1/image-references @@ -0,0 +1,19 @@ +##--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: olm + from: + kind: DockerImage + name: quay.io/coreos/olm@sha256:058731fac9ecad9a35276612ec79bed76f506aaecd80c8c1fe9d68a262edcddb + - name: catalog + from: + kind: DockerImage + name: quay.io/coreos/catalog@sha256:57eb45f2a519c65041d3fad0d7a5199f2ce5ba6a72992606ec4839d3307c5b5f + - name: package-server + from: + kind: DockerImage + name: quay.io/coreos/package-server@sha256:cc18b5711fb2126329c969f077f67f41981c87f800f6b2ceae5981422c14917b \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_00-namespace.yaml new file mode 100644 index 000000000..ecb479521 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_00-namespace.yaml @@ -0,0 +1,10 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + labels: + openshift.io/run-level: "1" + annotations: + openshift.io/node-selector: "" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8ab035f63 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..e738495ba --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,709 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..8742215dc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_03-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..35f0c24a1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_04-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..8facb62fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..1da22d9a4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,11748 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + provider: + name: Red Hat, Inc + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: svcat.v0.1.34 + namespace: placeholder + spec: + displayName: Service Catalog + description: Service Catalog lets you provision cloud services directly from the comfort of native Kubernetes tooling. This project is in incubation to bring integration with service brokers to the Kubernetes ecosystem via the Open Service Broker API. + keywords: ['catalog', 'service', 'svcat', 'osb', 'broker'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Documentation + url: https://svc-cat.io/docs + - name: Service Catalog + url: https://github.com/kubernetes-incubator/service-catalog + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-info"] + verbs: ["get","create","list","watch","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["service-catalog-controller-manager"] + verbs: ["get","update"] + clusterPermissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["create","patch","update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get","create","update","delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get","list","update", "patch", "watch", "delete", "initialize"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceinstances","servicebindings"] + verbs: ["get","list","watch", "update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers/status","clusterserviceclasses/status","clusterserviceplans/status","serviceinstances/status","serviceinstances/reference","servicebindings/status"] + verbs: ["update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers/status","serviceclasses/status","serviceplans/status"] + verbs: ["update"] + - serviceAccountName: service-catalog-apiserver + rules: + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authentication.k8s.io"] + resources: ["tokenreviews"] + verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] + deployments: + - name: svcat-catalog-apiserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-catalog-apiserver + template: + metadata: + labels: + app: svcat-catalog-apiserver + spec: + serviceAccountName: "service-catalog-apiserver" + containers: + - name: apiserver + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + args: + - apiserver + - --enable-admission-plugins + - "NamespaceLifecycle,DefaultServicePlan,ServiceBindingsLifecycle,ServicePlanChangeValidator,BrokerAuthSarCheck" + - --secure-port + - "443" + - --etcd-servers + - http://localhost:2379 + - -v + - "10" + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 443 + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + readinessProbe: + httpGet: + port: 443 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 443 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + - name: etcd + image: quay.io/coreos/etcd:latest + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 40Mi + requests: + cpu: 100m + memory: 30Mi + env: + - name: ETCD_DATA_DIR + value: /etcd-data-dir + command: + - /usr/local/bin/etcd + - --listen-client-urls + - http://0.0.0.0:2379 + - --advertise-client-urls + - http://localhost:2379 + ports: + - containerPort: 2379 + volumeMounts: + - name: etcd-data-dir + mountPath: /etcd-data-dir + readinessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + volumes: + - name: etcd-data-dir + emptyDir: {} + - name: svcat-controller-manager + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-controller-manager + template: + metadata: + labels: + app: svcat-controller-manager + spec: + serviceAccountName: svcat-controller-manager + containers: + - name: controller-manager + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - controller-manager + - --secure-port + - "8444" + - "--cluster-id-configmap-namespace=default" + - "--leader-elect=false" + - -v + - "10" + - --resync-interval + - 5m + - --broker-relist-interval + - 24h + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 8444 + readinessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + maturity: alpha + version: 0.1.34 + apiservicedefinitions: + owned: + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceClass + displayName: ClusterServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServicePlan + displayName: ClusterServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceBroker + displayName: ClusterServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceInstance + displayName: ServiceInstance + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBinding + displayName: ServiceBinding + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceClass + displayName: ServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServicePlan + displayName: ServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBroker + displayName: ServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + customresourcedefinitions: + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/svcat.v0.1.34.clusterserviceversion.yaml + packageName: svcat + channels: + - name: alpha + currentCSV: svcat.v0.1.34 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_07-certified-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_07-certified-operators.configmap.yaml new file mode 100644 index 000000000..aedc867e3 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_07-certified-operators.configmap.yaml @@ -0,0 +1,1293 @@ +##--- +# Source: olm/templates/0000_30_07-certified-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: couchbaseclusters.couchbase.com + spec: + group: couchbase.com + version: v1 + names: + plural: couchbaseclusters + singular: couchbasecluster + shortNames: + - couchbase + - cbc + kind: CouchbaseCluster + listKind: CouchbaseClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - baseImage + - version + - authSecret + - cluster + - servers + properties: + adminConsoleServices: + type: array + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + buckets: + type: array + items: + type: object + required: + - name + - type + - memoryQuota + properties: + enableFlush: + type: boolean + enableIndexReplica: + type: boolean + ioPriority: + type: string + enum: + - high + - low + name: + type: string + pattern: '^[a-zA-Z0-9._\-%]*$' + evictionPolicy: + type: string + enum: + - valueOnly + - fullEviction + - noEviction + - nruEviction + memoryQuota: + type: integer + minimum: 100 + type: + type: string + enum: + - couchbase + - ephemeral + - memcached + replicas: + type: integer + maximum: 3 + minimum: 0 + conflictResolution: + type: string + enum: + - seqno + - lww + baseImage: + type: string + antiAffinity: + type: boolean + exposeAdminConsole: + type: boolean + paused: + type: boolean + servers: + type: array + minLength: 1 + items: + type: object + required: + - size + - name + - services + properties: + name: + type: string + minLength: 1 + pattern: '^[-_a-zA-Z0-9]+$' + pod: + type: object + properties: + automountServiceAccountToken: + type: boolean + couchbaseEnv: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + labels: + type: object + nodeSelector: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + requests: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + tolerations: + type: array + items: + type: object + required: + - key + - operator + - value + - effect + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + volumeMounts: + type: object + required: + - default + properties: + analytics: + type: array + items: + type: string + data: + type: string + default: + type: string + index: + type: string + serverGroups: + type: array + items: + type: string + services: + type: array + minLength: 1 + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + size: + type: integer + minimum: 1 + disableBucketManagement: + type: boolean + volumeClaimTemplates: + type: array + items: + type: object + required: + - metadata + - spec + properties: + metadata: + type: object + required: + - name + properties: + name: + type: string + spec: + type: object + required: + - resources + - storageClassName + properties: + resources: + type: object + properties: + limits: + type: object + required: + - storage + properties: + storage: + type: string + requests: + type: object + required: + - storage + properties: + storage: + type: string + storageClassName: + type: string + serverGroups: + type: array + items: + type: string + version: + type: string + pattern: '^([\w\d]+-)?\d+\.\d+.\d+(-[\w\d]+)?$' + softwareUpdateNotifications: + type: boolean + authSecret: + type: string + minLength: 1 + cluster: + type: object + required: + - dataServiceMemoryQuota + - indexServiceMemoryQuota + - searchServiceMemoryQuota + - eventingServiceMemoryQuota + - analyticsServiceMemoryQuota + - indexStorageSetting + - autoFailoverTimeout + - autoFailoverMaxCount + properties: + autoFailoverTimeout: + type: integer + maximum: 3600 + minimum: 5 + autoFailoverOnDataDiskIssues: + type: boolean + clusterName: + type: string + indexStorageSetting: + type: string + enum: + - plasma + - memory_optimized + analyticsServiceMemoryQuota: + type: integer + minimum: 1024 + eventingServiceMemoryQuota: + type: integer + minimum: 256 + searchServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverMaxCount: + type: integer + maximum: 3 + minimum: 1 + dataServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverOnDataDiskIssuesTimePeriod: + type: integer + maximum: 3600 + minimum: 5 + indexServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverServerGroup: + type: boolean + tls: + type: object + properties: + static: + type: object + properties: + member: + type: object + properties: + serverSecret: + type: string + operatorSecret: + type: string + exposedFeatures: + type: array + items: + type: string + enum: + - admin + - xdcr + - client + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: Age + type: date + description: >- + CreationTimestamp is a timestamp representing the server time when this + object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is + represented in RFC3339 form and is in UTC. + + + Populated by the system. Read-only. Null for lists. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + JSONPath: .metadata.creationTimestamp + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: oneagents.dynatrace.com + spec: + group: dynatrace.com + names: + kind: OneAgent + listKind: OneAgentList + plural: oneagents + singular: oneagent + scope: Namespaced + version: v1alpha1 + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbreplicasets.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbreplicasets + singular: mongodbreplicaset + shortNames: + - mrs + kind: MongoDbReplicaSet + listKind: MongoDbReplicaSetList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - members + properties: + members: + type: integer + maximum: 50 + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbshardedclusters.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbshardedclusters + singular: mongodbshardedcluster + shortNames: + - msc + kind: MongoDbShardedCluster + listKind: MongoDbShardedClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - shardCount + - mongodsPerShardCount + - mongosCount + - configServerCount + properties: + configServerCount: + type: integer + maximum: 50 + minimum: 1 + mongodsPerShardCount: + type: integer + maximum: 50 + minimum: 1 + mongosCount: + type: integer + minimum: 1 + shardCount: + type: integer + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbstandalones.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbstandalones + singular: mongodbstandalone + shortNames: + - mst + kind: MongoDbStandalone + listKind: MongoDbStandaloneList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + properties: + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"couchbase.com/v1","kind":"CouchbaseCluster","metadata":{"name":"cb-example","namespace":"default"},"spec":{"authSecret":"cb-example-auth","baseImage":"registry.connect.redhat.com/couchbase/server","buckets":[{"conflictResolution":"seqno","enableFlush":true,"evictionPolicy":"fullEviction","ioPriority":"high","memoryQuota":128,"name":"default","replicas":1,"type":"couchbase"}],"cluster":{"analyticsServiceMemoryQuota":1024,"autoFailoverMaxCount":3,"autoFailoverOnDataDiskIssues":true,"autoFailoverOnDataDiskIssuesTimePeriod":120,"autoFailoverServerGroup":false,"autoFailoverTimeout":120,"clusterName":"cb-example","dataServiceMemoryQuota":256,"eventingServiceMemoryQuota":256,"indexServiceMemoryQuota":256,"indexStorageSetting":"memory_optimized","searchServiceMemoryQuota":256},"servers":[{"name":"all_services","services":["data","index","query","search","eventing","analytics"],"size":3}],"version":"5.5.1-1"}}] + name: couchbase-operator.v1.0.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Manages Couchbase clusters + displayName: Couchbase Operator + kind: CouchbaseCluster + name: couchbaseclusters.couchbase.com + resources: + - kind: Service + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: The name of the secret object that stores the admin credentials. + displayName: Auth Secret + path: authSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: The desired number of member Pods for the deployment. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The current status of the Couchbase cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the application. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - description: The status of each of the member Pods for the Couchbase cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The current version of the Couchbase cluster. + displayName: Current Version + path: currentVersion + - description: >- + The port the Couchbase Admin Console can be accessed on from any + node in the OpenShift cluster. + displayName: Admin Console Port + path: adminConsolePort + - description: >- + The SSL port the Couchbase Admin Console can be accessed on from + any node in the OpenShift cluster. + displayName: SSL Admin Console Port + path: adminConsolePortSSL + version: v1 + keywords: + - couchbase + - database + - key value + - nosql + - open source + displayName: Couchbase Operator + provider: + name: Couchbase + maturity: stable + version: 1.0.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAK4AAACvCAYAAABkUOVLAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAABLSSURBVHic7d17cFz1dQfw77l39ZZlgbHNpH7IxliPlVaStX7gMEVOmeCQQBoIpjNtKYmhbtJ0KFACbdOZlDZMYSAuk0AYDKVDMgVMgU5CsGlpbFLHD7wrrx4rycaWReIkY2wj62FJ1t77O/1DMjEeW3ufe3dX5zPjGY907+93bH/90+7de88PEEIIIYQQQggROAq6gHywr6ZmjlZQMJtSKCOgEABMhMp1GCMAwMAEF+CMSqUGV/f2ngq22vwgwU1jR2trqOLk0NWsVD2Il4JRxUAVgReD6Aow5gDQbAypQDgF5pMM+oCAfmY6SoSj0M3Ovs6a9zfgVdOvP0++kOCehwGKNzRUs6mtJcJagJrAHAZQnMEyxkGUBDhBjF+wrvZEOzt7Mzh/TpjxwX2vvn6hzqH1SvF6Ir4OoDlB13QRJwl4l5m3GwXYvqaj41jQBQVtRgY3VtPQAF3bAOCLYDQEXY9tTB0g/i8FbF3V3Z4MupwgzJjgxsIti4hTX2HgdoBqg67HQ0kQXlFk/vuqrq5fBV1MpuR1cHe0toYqjg/cBKK7GXwD7L2Jyi0EE8xvg7Utw/Mr31y3c6cRdEl+ysvg7qqunlWsFX0VhPsAWhR0PQH4LYOeLdLNJyOdnQNBF+OHvAru3vr6+SGlfxPAXQAqgq4ncIRBBj9bqOPxxo6OD4Mux0t5Edx9NTVzNK34rwh8H4BZQdeThc4AeN7QzEfWdHUdD7oYL+R0cHcvuKakYNbYfUT8ICSwVgwB/C/Do0Ob1/X3jwddjBs5G9x4OHITg54EY0nQteSgXzHzt6I9HT8kgIMuxomcC248vGIZs/ksgHVB15LrCPyO0nnTys7OvqBrsStngrujtTU06/hHfwmi7wAoC7qevEEYY6bHqET/TjQeTwVdjlU5EdxYQ0MNG/RDIooGXUu+ImC/ofAnq3vbDwVdixVZf0F+f23kDphaTELrLwZW6joSsdrIPUHXYkXWrrgHmpoqzQl+AcAfBl3LTMOM181U8VfWHN43FHQtl5KVwY01NNTApNfz7J6CXPM+M9+ysqejK+hCLibrXirEaxtvh6nFJLSBu5qI9sTqmm4LupCLyargxmoj9zDhPyBXDbJFOcCv7K9r+nbQhVwoK14q7GhtDVV8OPB9BjYFXYu4OAZeoJLQpmy5ZBZ4cGMtLaUYM14HcEPQtYh0+K2JobIvrz22ZyzoSgINbnskUpYy6McAPhNkHcI6Bv3cnCi6KegrDoEFt6Oh4bIJU9sGYHVQNQjH9uqF9LnmROJ0UAUE8uasPRIpmzC1H0NCm6vWmBO8fVd1dWB35GU8uLsXXFOSStGbAK7N9NzCU6uL9eJt7ZFIIFeAMhrcWEtLQWHF6BsgtGZyXuGbT6cMbN3R2hrK9MQZDS6NGd+DXD3IM3TjrBMDz2R61owFNxZu/Ae5TpunGBtj4caHMjllRq4qxGsbb2fCS5maTwSCmfi2lcmO1zIxme9BitU0NEDT9kA+xp0JRhSwJhPddXx9qbCrunoWNG0rJLQzRbkGvB5b2jLb74l8DW6xXvwigBo/5xBZZzmKzef8nsS34MbqGv8CchP4DMVf3l8b2ejnDL68xp16EvcAgHI/xhc54Qyb3LLyYMdBPwb3fMXd0doaUsp4CRLama6MdHpxK27T/Rjc8+DOOjFwvzzYKKasWho+5MvDl56+VNhXHVmi69QJuYogfmcUmhmJdnUd8XJQT1dcXafnIaEVn1QKU3/a60E9C268rnEDpC2SuBjCZ+O1jV/ydkgP7KiqKp5VOrsHQJUX44m81Dc8Ohj2qkukJytueUnl/ZDQiuktnVU227M3aq5X3H01NXN0ragP0gFcpEMYnICxdG0y+ZHboVyvuJpe+CAktMIKxuwi6Pd5MZSrFbdtWfNcVaj6IB82COtGCkJ8lds9KVytuKpQPQgJrbCnPJUi16uu4xV377LVFaGi8V+C4fstbCLvDGE8tCjaFx90OoDjFbeg4OwmCa1wqIJLjK+6GcDRihtraSnAmHEEwEI3k4sZ7YPheZctc7oDpqMVl84aN0FCK9xZXH7ioxudnuwouErhbqcTCnEOKXKcI9svFWLhlkVg4yiyrLfulBEAKYCHATIAFAJYEHBNmWYAOAZAAagAoQyMkoBrujiCaehctaaj45jdUx10IDHuRCZDSxgD4+fE6IZGR5jxITMN6DpOK6QGTMM4rZeVDV2qb2t7JDLPMOl+ZjyA/H48/iyAByaGSp+7sA0oA9TZ0FA5SlRGE1Sq6TSXFOaC+EoCz1dMczXClYp5MRE1AijISMUMvcDAHQAesXuq/RW3LtKdoTb3bQQ8yiWhN6Px+KjbwWLhpi1gvsuLwrIS4aFosv1Rt8PEWlpKeTR1MxHdC2CVB5VNj9AZTbZH7J9mw1SPhA67k9h0hhlfi/a0/8jL7Trb6pujSqn9Xo2XbUIGFjQdav+1V+MxQPG6xk0AngBQ6tW4F0OaXtfS1dZj5xx7P/J1bYOt4+07Tpq5dmVPu+d7zA6ODGTl7jEeGW881P4bLwckgKPd7c+AcAMIjj8osEQZtnNlL7js6+PmZ5VGt7R0dfmyok/dBzrhx9hZ4KRfm0lHk+27oOiP4eNm1QyyfZO55eC+V1+/EEC93QmsIuLHV3Uldvs1/pSc3CncAl//XNGexE8Z2OLjFJG26uZP2TnBcnB1Dq23X49FhEGtQHvct/GFa2aI/wmTVy78QKaubOXLcnCVYt+CS8C2IPcTEOlNXmvl//VrfAK8Dy4DRITfd1aSpQn+27exhZfe9nHs69jGVS5LwW2rX1ED4ArHJaVhKq3Pr7GFh1jztDfCBeYlapuWWT3YUnCVMq9xXk96IR0n/BxfeENpcPXUgoXxP231WEvBJcJa5+Wkpyjl14t+4aEQka9XL1gpyzmz9uaM0ey4GiEsIqImq8emDe7UVkB1rioSwgIm1Fvt7pg2uLNPDC4HUOy6KiHSYZQsrjl0lZVD0wZXMYfdVySENaGQtU9n07/GJbb0P0AIL7DipVaOSxtcYukJJjKHmaqsHJc2uCzN7EQGEfESK8dZuBzGi9wWI4R1tNjKUVau485zWYkQdsy1ctC0wWVAA1GlN/UIYcnlVm62mTa4e8LhSjB82e5HiEsIJZqa0rb2mja4RSi63Lt6hLDGMM20uZu2r4LJZlE2dv1wikA/A1RmegZkELOWV3fX6SqU9pPaaYOrMReB8qeHRkt3wnGvKpE5Brgw3THTLqg02cJIiIzSWBWlPWa6b7JGDlo0CeESUdqXc9OvuIod9S4Vwg220P8i3XXcfG2gIbIYgyS4IvfopKV9lGva4GpayJPtK4Www8oziNMG9yzOut4BUAi76EzhqXTHTBvca5LJ0yCY3pUkRFqplr74ULqD0l3HVWAMeFeTEGl9ZKXzpJX7cfPq40SR9U5aOchCcOmXbisRwjr+wMpRVu6hOeqyEiEsYyZLebPwlC/63RYjhFVE1hZKCw9Lsp8d+oT4BGJY6tyZ/vF0jfN50w+RbTS909Jh6Q7o66x5H4SxdMe5oZuhfLpfXTg3uiLZ5s2KuwGvmgB1u6/p0kyoWX6OL7xhgst9nqKLJrdyTcvqSnfARTFpkUaWHkkWwdIU+9qqgIGE5VosDci8x3k5FsYHLPdFFcFRxL52pgfzL6weam3FNa0P6IjCZ3wdX7jGgEZMX/BzjhA0ywukpeBGD3YcgsWP4hwhXL+vOmKpZ5QIRiwcuR2A5c1FHDje3JN43+rB1vaAAJiAd53XlL4OXcf3fRxfuBBb3nIFMbnemT0NW/myfBmKmbfbr8UOunF/OPKYnb2uhP9iLS2lHDJeBrDQz3kIsJUvy8E1CrAdPu8ZS0wPxMONr03tGywCFgu3LOLx1DsE/IHPUzFzyFZwba1usXBjBxgN9mpyZBSElxj0QjSZ2GP12p7wRmJ54+8ZBdgIxjcBlGViymh3u62dnez1TWC8AWQkuKVgbCTwxnhd4+kYYxcIbcx8hDTq0wytb8XBA7/JQB15a0dVVXFlSeVCU+MFrHghaVQFxhIQNRjgpow2OyS8Yf8UG96rawxrQLbcuzAOoA+Eo1B8EkQnQTjBjBMgPsmknaSUOqVo4uSq3t6BmbJqb8VtelW4e65manM1jeYp0uYDfCUYiwEsYuYFRLQQwPyga/2YrmqjnZ29dk6x/UYoVtfYBSAXd+IZBTAC0DAIp6F4GMAIaRhRjCEQj5Kis9BwBsAEgUYApBTUMLFmMOMMLnjen3Ue1Q3T1q6YrGsVrDQdAIj4MmCq1RVN/kjmyY9VCwAQFCrPfV9NfZ/A5QAVMEPXiCsYVIHJH+flACoAVCKX3uAydUR7Eo12T7PfYonwChgP2z4veKWTv3geGB//0/K5yxhMk7+ZevvJU7+hqS9O9v775HtTUgBrNu8PYoBIXfili7/tpd99ny74IhHAOZTPSyL1spPTbN+VZej8gjz5KzxihAx60cmJtoO7pqPjGJjfdjKZEOcj0FtNh9p/7eRcZ/fBsrbF0XlCnI/Uc05PdRTc4fmVbwIsT/8KN/qH5l6+zenJjoK7budOA0RPOp1UCIA3r9u503EbW8ePzIwb41tAGHR6vpjRBkrI/Dc3AzgO7rUHDw4z+Fk3k4uZiUE/CCeTI27GcPWQIqUKHgMw7GYMMeOM6BP0r24HcRXc6KH4SQBPuS1CzCCMzSsOH3Ddj871Y+F6IT0K4LTbccQMQBgsDKnNXgzlOrjNicRpgB/zohiR55j/OdLZ6UnbWk8acZSQ+QQAy88LiZmIjsyeGP2eV6N5EtxwMjlBGh7yYiyRn4jUvVcfPmzrTrppx/NqIACI10X+h0HXezmmyH0E2ub1drSe9uzSlHY3gDNejily3qjSzW94PainwW3uTfQT0z96OabIbcT09ys7Oy01srPD8y6JQ/MrNxOw3+txRU7ae6Tnas/ekJ3Pl1voY/X1V0HpBwBIF8aZ64ypsGJ1b/shPwb3pS9ttKvrCBHd78fYIjcQ0Tf8Ci3g80N1+2sbXyPCLX7OIbIPE15ZmWz/Iz/n8LUT+Fk1ficAX5tCiyxDOGieLf5z/6fx2f7qSDXp9B4mH50W+W1EI231iuQB3xcr3/deWHmw4yBAd8HnvmMicIoYd2QitEAGggsA0e7EqwT+VibmEsEgpodaetptt1JyPF+mJgKAWLjpaTB/LZNzigwgei6aTNydySkzu01TsX4PwG9ldE7hKwZ+Mjy3MuOLUcZ7+OxecE1JYcXoTwGsy/TcwnM/Gx4d/Py6/v7xTE+c8Y3x1h7bM4aS0BcA/F+m5xae2ltCxheDCC0QQHABIBqPj+qFdDOAvUHML9whxm6Mh9a7fVLXjcC2Im1OJE4XhPh6Ar8TVA3CPiJ+d0yNr4/2xQPtqRHoHrqNHR1nzg6V3Sxv2HIDAz8ZOjO0/tqDBwNvSRD45s9rj+0Z6+uuvhnETwddi5gG4XkqCd0a1GvaC2VVZ+BYbeQeEH0XWfAfSnyMGfTwyu7Et4Mu5HxZFVwA2B+O3EpML0Du5c0GQ8S4M5OfiFmVdcEFgH01jct1Da8jN/eayA+Eg4px66ru9mTQpVxMVv5IXt3bfsiYKF4L0H8GXctMxIRXxo3xldkaWiBLV9zz7a+N3EFET2FyVxnhr2Ei+puWZCLru3BmfXAB4EBt09Um8Y8ArAq6ljy2l0j/05Zk2+GgC7EiJ4ILAAxobeGmu5j5Ccjq66VREB7uSy5/fANezZndlHImuOfsq44s0TV6BoTPBl1LriPQNk3h6829if6ga7Er54J7TjwcuYlZ2wzwVUHXkoMOA/R30e7Eq0EX4lTOBhcA3l+2rGiwqOyvAfwtGLODricHnCamR4q11JPhZHIi/eHZK6eDe86u6upZxaHir0MCfCkjYDxVGFKPetWfNmh5Edxz2pY1z1UF6n4QNmFyM+aZboBBP1Bq/Lure3tPBV2Ml/IquOckw+HyMaVvBNG9ABYHXU8A+kF4BmOhZ4K+/dAveRncc3a0tobKPzz9eWK+Cxo+B4YedE2+IZjMeEsj3nIkWf1WLl3aciKvg3u+vZHIAj2l/RlpfDsYDUHX4xmmDpB6OWTQi043dM5FMya454vXr6iFMjYw6EsAIsitvwcG0A7CG9DU1mhnZ2/QBQUhl/7BfNFW3fwpU1frCVgP4DoA84Ku6SKOA3iXgO3Moe3Rnvhvgy4oaDM+uBfaV9O4PKTTWlZqLQPNRFQHoDSDJYwSkFTAASLarSvsbu5JyI5GF5DgprEVt+mLaw5dpencQIwlICwBowqgKgBzpn6FbAxpADg1+Yv7mekoEfeTRn2aSZ1NPYkjBCiv/xz5RoLrgQNNTZWGaV6ucUERjFQpAJgIleswJh/fDhWMKkqdDen6R5MbGgohhBBCCCGEEEIIIYQQQgghhBAz1v8D+o/bXqYjxQQAAAAASUVORK5CYII= + mediatype: image/png + links: + - name: Couchbase + url: 'https://www.couchbase.com' + - name: Documentation + url: 'https://docs.couchbase.com/operator/1.0/overview.html' + - name: Downloads + url: 'https://www.couchbase.com/downloads' + install: + spec: + deployments: + - name: couchbase-operator + spec: + replicas: 1 + selector: + matchLabels: + name: couchbase-operator + template: + metadata: + labels: + name: couchbase-operator + spec: + containers: + - command: + - couchbase-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: 'registry.connect.redhat.com/couchbase/operator:1.0.0-1' + name: couchbase-operator + ports: + - containerPort: 8080 + name: readiness-port + readinessProbe: + failureThreshold: 19 + httpGet: + path: /readyz + port: readiness-port + initialDelaySeconds: 3 + periodSeconds: 3 + serviceAccountName: couchbase-operator + permissions: + - rules: + - apiGroups: + - couchbase.com + resources: + - couchbaseclusters + verbs: + - '*' + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - '' + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - secrets + verbs: + - '*' + - apiGroups: + - '' + resources: + - persistentvolumes + verbs: + - get + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + serviceAccountName: couchbase-operator + strategy: deployment + maintainers: + - email: support@couchbase.com + name: Couchbase + description: > + The Couchbase Autonomous Operator allows users to easily deploy, manage, and + maintain Couchbase deployments on OpenShift. By installing this integration + you will be able to deply Couchbase Server clusters with a single command. + + + ## Supported Features + + + * **Automated cluster provisioning** - Deploying a Couchbase Cluster has + never been easier. Fill out a Couchbase specific configuration and let the + Couchbase Operator take care of provisioning nodes and setting up cluster to + your exact specification. + + + * **On-demand scalability** - Automatically scale your cluster up or down by + changing a simple configuration parameter and let the Couchbase Operator + handle provisioning of new nodes and joining them into the cluster. + + + * **Auto-recovery** - Detect Couchbase node failures, rebalance out bad + nodes, and bring the cluster back up to the desired capacity. Auto-recovery + is completely automated so you can sleep easy through the night knowing that + the Couchbase Operator will handle any failures. + + + * **Geo-distribution** - Replicate your data between datacenters to move + data closer to the users who consume it and protect against disaster + scenarios where an entire datacenter becomes unavailable. + + + * **Persistent storage** - Define persistent network-attached storage for + each node in your cluster to allow pods to be recovered even if the node + they were running on is no longer available. + + + * **Rack/zone awareness** - Tell the Couchbase Operator about availability + zones in your datacenter and let the operator take care of ensuring that + nodes in your cluster are deployed equally across each zone. + + + * **Supportability** - When things go wrong, use the cbopinfo tool provided + with the Couchbase Operator to collect relevant data about your Couchbase + deployment so that you can quickly address issues. + + + * **Centralized configuration management** - Manage your configuration + centrally with OpenShift. Updates to the configuration are watched by the + Couchbase Operator and actions are taken to make the target cluster match + the desired configuration. + + ## Required Parameters + + * `authSecret` - provide the name of a secret that contains two keys for the + `username` and `password` of the super user + ([documentation](https://docs.couchbase.com/operator/1.0/couchbase-cluster-config.html)) + + + ## About Couchbase Server + + + Built on the most powerful NoSQL technology, Couchbase Server delivers + unparalleled performance at scale, in any cloud. With features like + memory-first architecture, geo-distributed deployments, and workload + isolation, Couchbase Server excels at supporting mission-critical + applications at scale while maintaining submillisecond latencies and 99.999% + availability. Plus, with the most comprehensive SQL-compatible query + language (N1QL), migrating from RDBMS to Couchbase Server is easy with ANSI + joins. + selector: + matchLabels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + labels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"dynatrace.com/v1alpha1","kind":"OneAgent","metadata":{"name":"oneagent"},"spec":{"apiUrl":"https://ENVIRONMENTID.live.dynatrace.com/api","args":["APP_LOG_CONTENT_ACCESS=1"],"image":"registry.connect.redhat.com/dynatrace/oneagent"}}] + name: dynatrace-monitoring.v0.2.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Dyantrace OneAgent monitoring agent + displayName: Dynatrace OneAgent + group: dynatrace.com + kind: OneAgent + name: oneagents.dynatrace.com + resources: + - kind: DaemonSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for the OneAgent to connect back to Dynatrace. + displayName: API and Pass Tokens + path: tokens + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: >- + 'Location of the Dynatrace API to connect to, including your + specific environment ID' + displayName: API URL + path: apiUrl + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + version: v1alpha1 + keywords: + - monitoring + displayName: Dynatrace OneAgent + provider: + name: 'Dynatrace LLC' + maturity: stable + version: 0.2.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAANcAAADKCAMAAAAB6yXCAAABsFBMVEVMaXEaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhq03AAaGhpzvigaGhoUlv8aGhpvLai03AC03ABzvihzvihzvihzvii03AAaGhpzvihzvii03AC03ABzvii03AC03ABvLagUlv8Ulv9vLai03AAUlv9zvihvLagUlv8Ulv8Ulv9vLai03ABvLagUlv9vLagUlv9vLahvLai03ABvLahzvihvLai03ABvLahzvihzvihzvigUlv8Ulv+03ABzvihvLagTjPNzvii03ACx2wRvLagUlv8TkflvLagUlv8Ulv8Ulv+03ABuj0tiJZtjJpyUzC8TjPRsiFBzuiuu2gmv2ghCpq5jtX1zvii03AAUlv9vLagaGhoShOpZH5FeIpcTjfQSiO87mq9tl0JjsHWMxjpmb1xgR3dpg09bKYpjW2lxtS5cIZRuLKcUlPxPpZISh+5pKaIcitthUXCg0RxuoTtwqzVaIJIwlb6WzCsShu1gI5hkJpxoKaF4u1drWHtfNYZdIpVsK6VrjUlnKJ8Tkfqq1w4Tjvag0h2CwUgeme5QqZcTivFttmaCyVeZAAAAWnRSTlMAoCDQ8GAQwIBA4DCAsEBQQHDA8EAwgPDAEJDQEKBgoMAwQMCAgNAwYKBg8NAQsNCg8BBgIHAwUJAgcHCwkCCQ4OBQcCCQ07Bw3OCwUOBQuHA87zz41qb4bYKEG2nxAAAACXBIWXMAAAsSAAALEgHS3X78AAAHSElEQVR42u3bd2PTRhgHYG1ZHjh2nIEhjuPEzDSFQkrCKrN778qxQ5sABUoZpXvv3X7l6jRPp2ENNzqL9/cHSWxZd4/G3XsiYRgIBAKBQCAQCAQCgUAgEAgEQnsarXJDS75Q63OTPTvn2u25cvnFHBhbmMqVc+2V8urYAlu9odF96+PFWu1Fzr52udXYPR6suV7cTLYvr1Kvi8+ydeXWev5YOm0BWDuZ3Sv5ZO1Lw9pnsvbmjGUOiPPT+WSp0zlk7T2tqrNUsRYmR8Hao1LmSsdawViqmhvWHIOz1Jyy1F3ULI1HwZqyWNS4Wr1RsGYslnoqD6xVD4uSCSwdq+VlqfP5ZFExgZVHwTrhYql7xny5ZbEOqETGfBXZCGCp481aCGKpU/lkZTsxj2bNf8aHpZ7IkvVkUJe/fLXdbq+Uyaxor7YnCda8HyvLiZlgfXL9+rVr97a3v9jUcjH8k41Gq7wexsrSddnwIM729oNNVy5G3UkAK8OCo6GZfvtue9M3r6VkZVhwvNnr/flgMyDRdrF3VqXP9VbvHhJ8tbX1npOtra370V3TgazsCqmF3r+b93//dcMvd59J7cqs4Gj88c/djaAsjq/rnb83NtK6TlDoevuvENeRaPvYFeLKqpCaCGFtLIELXBS4DqV3TdPomhhfFwMucD0ErlkaXftz6mLARZ1rOaeuxfSuUzl1ha0rz+fUpYJrtHkip66l9K75nLpmwbVzOZS+7qXSNZHedT6nLvUhdM1k5WJSr78uhblO0+c6/Hz6cj7D/zgPZEVcLdO5TAksECOzwpYpM1O0uSzWWr2+1u1e6HQ6x/0//srLL1HJYp4LYx3se1I38iz6/grKTSpZvoXU8tlAliufI9dVKll+ruXHorH67yLXp1SyfApEk/VIvR/JFfCbABmzvAWHxXq0H8l1y5+V+d9I7U/O0l036GSRE/ORGCzd9TGlLMbvVwCisXTX+5SyXE98TdbjR/uRXd7p6zQdf3+4mJilu67S87t5QU/a4rJ0121KWc7E/HRclu6ilWVPzOZvNXSis5DrBq0sa2I2Wcf6/ViuD2hlMWcTs/ofEsP8AYamJGb1ieGQLhbzwsbhiUQs5PqMWhazaK0iuzFZd1zDIW0sZml/xOUWmY/w4ZA6lpXYrP63znA4sys/rP439nCY9eJ4pKz+19ZwSC9rLQFLm75uUc7SVlydkwfr8Vg/mZchzSwzxzvd6Lpfrty6TcMTmjjnrlsfvmL+8crP1CyO4528k92n6keDZ6+bY8nCfBe63Tp5Au/8gMbCM+PLcgk7x7rdtbqG/P51VX3jzCUGAoFAIBAIBAKBQCAQCAQCCYg8GBRS76QwGMjgAhe4wAUuf5eiZ2cxClscOCkwVe1fCd9AEgYDUf+mVhHQNnzT7qJifU6Qa5ztMmLqOFYwX8DfLFZErBGx4vTBaLMmm02VkqlK8sAV7XxpTdTwTUSt1+hrTXA2kznCZX7W66oO8B4XsM0FqxUFP7C6q4A3JSVh6TsoykYEvW9N7TARVyerfWGN4yzzRqdK5mExwjuSAjp5KE3rZJs/o3dFc3tDwlrHDeuDbDfFyzLeVJzorRY49/3Faa9huzJ/rKG2jWunWhkQdPQiojU99xfqdM2vZVEw3ymhrhfwk4Ka4kXjuLE+TUW6x41bxzVuyNaR1GOePq0bvIT3ViR3hrQc6WIDR0eJN67viueMaE1VmNCmhqXoElgu64ayt6kZtwnn2rLid/JrpCtkiEUnqspInn5rTQlSeFPD4r7irE7YA6B130t6byvutgeevTX1bSK7GB69p3j25G1KiDvEE/u0OoFfPBXjlBbc/VP8XKL+seiugumSPdfz0KaSuRTnopP0iyWaSxmNS/7fXOieKthjU5EJdUmKlVokF2dvzwa6WEXB9zoyl6VxhAEupeKe1oe5qjxZBvi6yIzKxZlXn3NF+rtEsgNDXCy5/Q67rNHCGUF8XZxZFjhFR7hLr7rszeVioKsouzMylzm6OyO+rwuVTEqMcUM7WkUu7riRpJQPdDEGyJmhfV2yUTlFdgnm1Z2hy6ieeLseCXJV47jcNUvE+StJ/OsNu9rFKuAglxLT5Td/hdcbSeJfH1pFThNbsUQ5X4WY56uJ3vPWh6K7Pky4Zsd3iteFaO+Cs8aIcn+x+oF25j6/+0sk60NvPS8JqU+Yvv5irZKJxY+nZMwcUpgLHRbFtWyqGWU6GzgeYoSm8Wlj/UXcdwO+mgqGr5exZxL2HMoyYS6OWGwb1w/vrJBLblcVn+/Q9sUh62U9YiKYa3bnJXfXndsnWr0hOsdKjxJeb5gnz/t8o+l9bJLgeZRVs/Gu1TgaVIpMuMtdH1ZK5BMoJaw+FFj74hNZ4nkU15TTusIGywJeheO3gOQ8DrTqc86naPcb1kpK8Hs78lyRGJXzEpa+59GjiCQkeA40BhHjPy4Zi7gfIuYmxENfCAQCgUAgEAgEAoFAIBAIBJLX/AcIuMeF+5wRowAAAABJRU5ErkJggg== + links: + - name: Operator Deploy Guide + url: https://www.dynatrace.com/support/help/cloud-platforms/openshift/full-stack/deployment/deploy-oneagent-on-openshift-container-platform/ + - name: OpenShift Monitoring Info + url: https://www.dynatrace.com/technologies/openshift-monitoring/ + install: + spec: + deployments: + - name: dynatrace-operator + spec: + replicas: 1 + selector: + matchLabels: + name: dynatrace-oneagent-operator + template: + metadata: + labels: + dynatrace: operator + name: dynatrace-oneagent-operator + operator: oneagent + spec: + containers: + - command: + - dynatrace-oneagent-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: >- + registry.connect.redhat.com/dynatrace/dynatrace-oneagent-operator:v0.2.0 + imagePullPolicy: Always + name: dynatrace-oneagent-operator + resources: + limits: + cpu: 200m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + nodeSelector: + beta.kubernetes.io/os: linux + serviceAccountName: dynatrace-oneagent-operator + permissions: + - rules: + - apiGroups: + - dynatrace.com + resources: + - oneagents + verbs: + - get + - list + - watch + - update + - apiGroups: + - apps + resources: + - daemonsets + verbs: + - get + - list + - watch + - create + - update + - delete + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - dynatrace.com + resources: + - oneagents/finalizers + verbs: + - update + serviceAccountName: dynatrace-oneagent-operator + strategy: deployment + maintainers: + - email: support@dynatrace.com + name: 'Dynatrace LLC' + description: > + Install full-stack monitoring of [OpenShift + clusters](https://www.dynatrace.com/technologies/openshift-monitoring/) with + the Dynatrace OneAgent on your cluster. OneAgent connects back to + Dynatrace's hosted monitoring tools. + + ## Before Your Start + + 1\. Make sure to install the Security Context Constraint (SCC) in order for + the agent to properly monitor all aspects of your Pods: + + + ``` $ oc create sa dynatrace-oneagent ``` + + + ``` $ oc adm policy add-scc-to-user privileged + system:serviceaccount::dynatrace-oneagent ``` + + + 2\. Add a Secret within the Project that contians your API and PaaS tokens + + + Get an [API + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens) + for the Dynatrace API. This token is later referenced as `API_TOKEN`. + + + Get a [Platform-as-a-Service + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens). + This token is later referenced as `PAAS_TOKEN`. + + + ``` $ oc -n dynatrace create secret generic oneagent + --from-literal="apiToken=API_TOKEN" --from-literal="paasToken=PAAS_TOKEN" + ``` + + + You may update this Secret at any time to rotate the tokens. + + ## Required Parameters + + * `apiUrl` - provide the environment ID used in conjuction with this + monitoring agent in the API adddress, eg + `https://.live.dynatrace.com/api` + + ## Advanced Options ## + + **Image Override** - use a copy of the OneAgent container image from a + registry other than Red Hat's + + + **NodeSelectors** - select a subset of your cluster's Nodes to run OneAgent + on, based on labels + + + **Tolerations** - add specific tolerations to the agent so that it can + monitor all of the Nodes in your cluster + + + **Disable Certificate Checking** - disable any certificate validation that + may interact poorly with proxies with in your cluster + + + For a complete list of supported parameters please consult the [Operator + Deploy + Guide](https://www.dynatrace.com/support/help/shortlink/openshift-deploy#parameters). + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: mongodboperator.v0.3.2 + namespace: placeholder + + annotations: + alm-examples: >- + [{"apiVersion":"mongodb.com/v1","kind":"MongoDbStandalone","metadata":{"name":"my-standalone","namespace":"mongodb"},"spec":{"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbReplicaSet","metadata":{"name":"my-replica-set","namespace":"mongodb"},"spec":{"members":3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbShardedCluster","metadata":{"name":"my-sharded-cluster","namespace":"mongodb"},"spec":{"shardCount": 2, "mongodsPerShardCount": 3, "mongosCount": 2, "configServerCount": 3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}}] + + spec: + displayName: MongoDB + provider: + name: 'MongoDB, Inc' + maturity: stable + version: 0.3.2 + keywords: ["mongodb", "database", "nosql"] + + maintainers: + - email: support@mongodb.com + name: 'MongoDB, Inc' + description: | + The MongoDB Enterprise Kubernetes Operator enables easy deploys of MongoDB + into Kubernetes clusters, using our management, monitoring and backup + platforms, Ops Manager and Cloud Manager. + + + ## Before You Start + + To start using the operator you'll need an account in MongoDB Cloud Manager. + + * [Create a Secret with your OpsManager API key](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-credentials) + + + * [Create a ConfigMap with your OpsManager project ID and URL](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-onprem-project) + + + By installing this integration, you will be able to deploy MongoDB instances + with a single simple command. + + ## Required Parameters + + * `project` - Enter the name of the ConfigMap containing project information + + + * `credentials` - Enter the name of the Secret containing your OpsManager credentials + + + ## Supported MongoDB Deployment Types ## + + + * Standalone: An instance of mongod that is running as a single server and + not as part of a replica set, this is, it does not do any kind of + replication. + + + * Replica Set: A replica set in MongoDB is a group of mongod processes that + maintain the same data set. Replica sets provide redundancy and high + availability, and are the basis for all production deployments. This section + introduces replication in MongoDB as well as the components and architecture + of replica sets. The section also provides tutorials for common tasks + related to replica sets. + + + * Sharded Cluster: The set of nodes comprising a sharded MongoDB deployment. + A sharded cluster consists of config servers, shards, and one or more mongos + routing processes. Sharding is a A database architecture that partitions + data by key ranges and distributes the data among two or more database + instances. Sharding enables horizontal scaling. + + + links: + - name: Documentation + url: 'https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/index.html' + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAH8AAAB/CAYAAADGvR0TAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4ggYEhkp9JVi8gAAFENJREFUeNrtnXmcVeV5x7/Pe86dGUZQUdwAo4Kaam1cUAdm3DAYl1ZjmmhMYkUlkMYtMVVrVExqY7q4oabNp6EuMdpEq8ZGpf1oJCbKJgxqlWiIgIrACCgimwJznv5xlvue5d65dxjsvXPP4+d4t3OB+/7e37O/7wsNKhdNv9iZ8uqNQgOLadhfLnLA7CV/OOrT/3JMDn7D/XDh02s3bRr/h4ufz8FvNOnu1s9v2rL5/EZW+06j/eCJT09i1Pijdhb46ZpNGwa4Jw4x7097+9mGtHyN+KMn/fob/yyYK998byWLV727FXQPgfcXXjIjV/v9Uc7/nwkATHhq4t+q6pWKUjAOgroCf73wkhkc+KOOnPn9dwJceIkx5k6DwRjDyg/XsmD52+Eg7LHwkhkrc+b3Izl32nkAnDftgkcV7kRBUVQVxxhAw1ufOfBHHaaR2N+vwf/KE+fS7W0Z8LVp5z2t6BcIQPfhViSu9w4BLlt4yQxG3NmRg1/v8vO/uB/EmY3qOFDUC3iuiiq4xsHXBOAB3cptI+/s+KvFl87ggAaYAP3S5n/pV18WjNnBUZllxBwiAo44CIIYgxHBiMP6jzcxd8kixFIBAp7AV/546YyHcubXoXy03gVPf6noIaGS93xLT6DxAcU1DhIMQngJGFUe3P+OjhMB9r+jI2d+PciZj30JcUWkW6Yb5AQxBgeDiGCMYDCIBMw3ho82b2XOooUx5lviASe9cdmM6Tnz60AeO/NhdKveBHqCRgh6Edsjex+8doz0RIxn9r+j41BfA7TnzK9VGff0WbSu964V4QdGDIJgQpYHjyImYL/giKFblecXvo6RcsOgHrDHG5fNXN3fwHf7yw9pWbe1DZEbQNBoVvvPNHxHFSR8D1Q1dp/lECS14//uf0f7/t3CRuPBom/NzMGvFTnl4TP2VHS2IqAB3AKqgieKo4IHGAkifFVUFNcxKIogKdA1/rgXMGvJpTMPzW1+jcjJD5/u2y7hwZDJSRB9WIvve9FzP9YPX3kUn2vxFqR4fWbk7e33Aoy8vX/Y/7ot6Y576DSePutJTn749O+DjAd82y0SZe5EAk0QvCcUH0FA4K33VvvvV/bXHrbLqXu/suhbM1/LHb7/RznxodMwyJ+ImFccEdd36ASDH8b5Dl8Q3gVhXuj8SfC+4zg8+9rve3D40h4gMAp4sd5tf92q/elnT0PR/0Q914spdgJ1roE61+i1F5mAwMUT6S1h7u8PTl/dgj/2wVNvVThEAzx8e2/bdBJef2jMLd9Atbd//cEjb29/LAf/E5ZjfzGK439xyi6q+o2wQqfqUXT4Am8+8Nw8y7FLagXdtn/K50dMaT8OYMSU9hz8T0KeO6cTD+9nCq2hCbYJrBnPovvs/H4vma9avICHARZ/e2YO/ichHf9x0qkopyVr82GDBpE2KDZtqHWvhpogeL+lUCgJbtaVkN1GTGmfmqv97SyjH/hsyNfvpZMwCdWeUuqhdogS/CXB7oWcO2JK+3Bf/Y/Jwd8eMvtrzzD6gc8eC9rmqaXC1c/RqfoFHE81075HvgCWBthWq+//qS2gj+bM386i8IiStu+R8leNWXjb67dDvMgxrBp8zbgAOGrElDFfWPztWTn4fS2j7h/LkQ+ceKaiu0VAaqjOk2zGsvvF19ZDZPfRLPi1zFVWrgUYeduYHPy+ksPvH0vnub9B4W+8BGsjSGL2PAGVxplP4vt+Sb9igKMsjxDL+yPKqJG3jTl50eWzcvD7Sl489zccdv/Yg1T1mBg3LeRDhnuZXr+t/hNaQqHgOj1CngQ7OU+s4tCjAPvVCfvrQu2r6r1gVd80bs9Dey+AemrX7YqRgGrC69fIfJRgcnRF0YD1b7Avay607nfbmDPZsiUHf1vlT+87nkN+dsLexTRu3JVTjSduvIR6Twd8dhRgpX9LMzle6q3EMKheseSqeex36+gc/G2RBef9FlRPUWj1U7aaAEIDmy4Z6t1iOxpL+GA5gl4Gm8uC3HMWqGO/W0cftuQ7s3Pweyv73ndcyObJIavjSRvbU/fifrpGjVsxb59EgFecPGWZ3Jss0L/Wg9qv6Xr+gfcd1+bAbCeozTviPwrghvV6kUSzZrGG74hBwH8UgwiEzZ2OGFzH4dW3l7Fu00d9NhDBn7MROBh4a3ENa4CaVvuiXBxT82qHepbXL/HQL5b0EUmVedmGDJ/0cAXSCpyyuMZVf002cI786bEItCi021k5FX/4QxstqsWmXJGiLRcJ7vcfRSRKBdjNnapUFOb1LkJhMvBvuc2vUhaNfw6FQQojwyXVWM4YqjGvH5VEsVaLqd6MeN+2/64xlTA5Ow9ouQJe4lIYtu8tozty8HshnuqXvXj1naxcnP/cSyV80l4/VnJHoySPY6RH+kehnw2uVhT+fScHv3dyeXzwNeq/KC7FSoIdDwND0KP2bdUMSONM9rJY3Pty75H73jK6NQe/CtnvnvbBqowopmxJlWHTGkFT+Xs0I0ljN3daKrsS+98L+RSwRw5+hTL87na6VcbZ9hrNAFATmT6NR/Hx9K4mcoPxhVzbK4YOUsaX5uBXKO9cOBPfyy9n7232B80cVi9fmA3ESvhkNXdq34CbeVnz7KIc/OrkzzwbSEtd26ocqy+PhJOX8vpJN3d621DGreKrzfvc3HZYDn6lMTJ6UBHwEKSMjpykVlAt7fVnNHdGwEp5FvcMdrF+4GVcwMn73NyWg9+TDLtrtKMwFEpU5EJHzvrQixie5QymJ0LsDnuVZkUTMwvsHhVBx1tXzMkzfD1JNzLWsRmugooPsETZPcW/R2IFHN+DV8LQXVRRMUEKMPxMYgma0kxOmgoyzEdFmT6Aw3O1X5mM1WTEZoVu8UZMUmVem9BRCZdkG1eyEuBFXUAVMrks2BlFwOH73tS2Yw5+z2p1XFaRxqvI609z1s7yxU2HWhpfKmZ0T+X80DE0iQs4Kwe/Z/APTa6viK27s7J1ttdfbXOnJl35KsEtBXJ2TUABPSG3+WVkt7vaBgEFjaJ38JDAvqeZLyWehyAhQf+eiNXNE34mUcyvHiWrOJKeHxW7hQk5Jge/7JjJEBXfsfMiFoWUlcBpI3Lo1C7hkiz9UtxtJ6jrq6eokZRLJ71SgVrFXYL6qd5c7ZeRnYNwO8bwLAcs+VnKS1dKNnfaWT9T0ZYsPS/gKH4ieMHVHT33P9v7prYhOfglxIMhsZ46jdttuxQbX2xZfXNn2LpdcA3lV+lkAV0EtzsGspSLFATIwS/DsB2ChFtmNi9ksO39q/auuTMxfcpyPQ10hUo/mUhQHZTb/AwZPLUNYGcPMBQ3SkRBRYNuHX9m+EkeuyYnMTNgYuz3k0Rhy5f/OnQnQ21h+mKnDog2dSw5AXbJmZ8haybOQWFgejPEeMq2VJnXs5o7PXvcJavM62f7wnu9Sku7qki5q/y3BRiQg196bAfGnTVSS6/CnL5nq2dNLse2l2dZSR6NL+UuklIqA3vbf2IhB78MO7I8+hAkz4/YYuCFyzPC1TZZzZ3JvF9sJU/vmdwbGZiDX1r20MTOKWECx4uFcHFVrclevNhzDxL782BNKlNFzN7LjKU9iWtqkUxNJXkUXS+RI1bcDtlDMYHjpgkl7QXungabK4f7Knqov8LW2mhRk16/KK5r+gTgWGhaJ1Jj4LNOiDdlSjHHl1nmdaLPLc/fXqhhfU+iFR69a9hUa+ZplQpDtq+CqX/wSXFeLIb7QHsKjhAu0wlCQaxVPFb6N4rrJbg1SPwE6/3K9fFpKSZrDwCXvFcBNufgl5bV9vq7MMZPTweNGjnsoo79WTSVxAT2XvxCj81+wDHGdyQrZW85nd+zfJQ7fGXC/axxTfbc99Tc6VmsVs06REGjtK+UOGcnc+lWun+cKto+FFifM7+EeMqHRgJeBupcokRN0fe3tYOHX5zRmMkAzQKagP1Blg8tbuci2Wq6r2Vdzvwyah8oEcRlLbDKDKeKmoH4Hj6aTA6FMWTyeI3t55mtzcEvLe96mraimuq5tdV9Vmt3Yv+9jOROBLZsH7AzNm9SD97PwS+lEye9sCL8N6l1SEKsBaua5s4UlzXe3FltvFYZyLGyrtX7Lx6szMEvP5wvJ7N0sRi/THNnvAwbP1ghy2RUw/keQSZ74YclH6y4eu7WHPzy8lRy1L2kzdf4ku2wuTOaJJa697dlIb7lOumNmtKTJ35FUUCPK3pKNoXU3LGstQj+Q1piG1UyGJ+eFOk0bkyD2Dt3EqzBz4CqsrV5Ve3P+1QOfo92f+48YItmeP3pHn57V83k2XiasXmTvcwqDPO0t0yu9qf9Mge/Uruv2RF3chdNz8rwkfAPsvbwKf4hyZp+KTb3TYj3znfnrRr+D0fm4FcgL0SJnxJePwn7H2/uJHHAAtnNnfKJxfevArzz3Xk5+OVk0E+OAvh1qbNtyYj9yzd3SvxbGt+fY/NWb/vpr+JKn85aZFgt2nyAx1KAa7H33o6hY15/LOGTbACLO4ihryCS7BDoE7CT5mR6Dn7lE0CBB2MnY2Tw39um5s7q9+Cs8uQtW57Mwa9ObshKxKQOTbK47SXUf1ZzZywrCGwtofarBLec/Peya+ZtzcGvzu4vAV2qatvrDJ/cbu4kq7kzWeaNr+CNFmv2DdBZ8v1aZVetqn3WTZq7ybaVqdCbnps7S63vKzqF2tdAJ2UVsGDYD4+sSfBdaluuBh0fdubYnTqVNHfaZ+l4QStX6Cs4wfKfrVs9ZPv11M5fds28DTnze6H6102a2wU8mqnuS2yhni7zxhs8U3F/H1O/mBZWgB/WMrNqFvx1k+aGtv8GoDt5nl6m1x9L4JMq83qprKHS3e31GdhiOQ0Kbyy7Zt7vht84Kge/97LlZdClWXbf9vq9MsmfeEtXMczzAM+rDtwkyF54kSr1XgHwzrWdNTuyQh3IoJ8cdQzIc0b83nuDf7iC/drgvzYIjpHgeBWJ3ncQRARXgvtFcI1h2dtr6e7W9IBoOrNQhYFYA4wAPlhew+CbOgCedZPmPg88kQJBExk7SLR3pb38ZCa/e4sXi/GSTK66P9e/bll+bWdNA19HzD8a4EgR5orFcqF44FLI5kgDBIctOYGWcAIN4QQHNUnwuHTxB7339rNnxOrl13XuVg/jWhcnaq6b9ALrJr0wT5VfJcc9eyl3afarlfDxVCtlcjXl/OupE6mrI9SBs4H3SjV3UqK5UxNef/i1yNb3Sa8GAB8CU4f+YFRdDKZTT8hvfnxZd8sZwzYDp/gLMHwTQGACwv31JEjoiP+/xD3BcxG8bmXj2s29Nn4Zq3qOX35d59J101fkzN8esnbiC1OAWSFjk2pd1Gr7DmieLvMG3+khxq/wDL3w739i2XWdc4bVCevrEvydph4N8OcKG8s1dybbvWJl3lDtJ1ZoVnKsWtbqoOCMnosBll3XmYO/ndm/RtGrifFZMxI6JZo7g46eJnVioGeBXOqkrcT6/jNWTO58e6+/H1VX4yj1CP5OU49m7cQXGDy17QGBrxoJbHxWwkfEP1c3CgWLCZ8dNxZYvPK9aCMH6d3OGtMFxinoismdOfifhAT79g0E3jbCYBMAKhG4xcfoEGYER8LJIQzd0MpLq7p8h7B3of1moKVrcqfW4xiaegV/zcQ5rJk4Zz1whMLmrNZtteZ3uA9nsblTGZKxLV7lob0CjO2a3Kl71pm6r3vwQ/avmTjnTYGz00uxrJbu1N59/n+70lqy8aOcqxcUiW/smtw5E6CrztR9vwB/zcQ57DK1jfe+Pue/QCfan3lJniaaOz1gT7NDopOnCK4Em7IaDS+iS5Qfd02ef92QG4+o5+GrryRPlmx6fBm7/nsb7319zvwdzhg+FGFUmPAJfYAw4SPi+/Xhhk0dW4ay6OP32aAfR/UB0R5P0J4DfHHQ2L303cnz63rshH4mQ+4a/YhB/jL0+p0gCnCCvXfcwPFTUa7aeDRPbvgjszYsrdTpWwAcvvz6+Vv6w1iZfga8rJ4w+4vA42o5eGGyx473W9XFxfCZAXvSXaLAkzjQ4RWFY/sL8P0O/NUTZuvud41h5YRZZwC/S2b2bH9gL28gHsrQwo4MMG7ZjReAJQptmtgtrN7FpR/K7neNoQXGfgyPKZxerAKGXb7K8O5BYPxunt0Lg3hnc8m9kuYDY7uun7+pv42T6W8/aOWEWaycMIuPwevyNcDP7eSMBrt47OPthAq4jsMRA4exVb0spf8ydI+mxrZQy8HvQbomzGLoXWNYPmHmVxWuDIEHKOAwmBbECCKGk4ccxGB3QBTxB3H8j4FRXde/vKXr+vmag19nsnzCLIbd3c6yC2feDHxToRtgR68JFx94YwweylUjPkerFEB1M8qVXde/eBHB/f1VhAaSfe7p2FeQBQfozq3neAfhOAWaCk00NTXT3NyCNLXwT68/fvBzl097ba+/O5wV33uxX4+HaRTgP3V3B29dMOPNN2X50GO6h/mt38ZEl2NcWp3Cxc9dPu21S+/5Zr8HvuGYH8rUqVfc6zru+EKhiaZCE81NLTS3DFjluk0HGnE+OPGkCxtiHNxGBN8x5hERM96IwTEOxnEwxv39uM9N/KCRxsE0IvjGOAuNMVt8le/gOC6OcZ9tuHGgIUWXGuNsdYyDBPbecZyXcvAbQM6/4B83OkZWi3FwHRfHdTGOuzQHv2FUvzsj8vSdAq5bWJGD3zDgm07HMRingOO67DBghw9y8BvH43/diIPruriOi1tokhz8BvL4HccNVT5OoUAOfqP8cMdd5YPv4LpNFNzmHPxGkTPOvHyN4zg+8wtNNLe05OA3GPspuAUKhSYU2TkHv4Gk4BQ8t9BEU6GZ5qbmQTn4jeTxu4WX3EKBQnMzheaW3XPwG0Se++0DtB97zqjWloG7NhVa7m5pGjCYXBpHXlsQ3wZ/w/plDfX7/w9sJTyL9hMvGQAAAABJRU5ErkJggg== + mediatype: image/png + + customresourcedefinitions: + owned: + - name: mongodbstandalones.mongodb.com + version: v1 + kind: MongoDbStandalone + group: mongodb.com + displayName: MongoDB Standalone + description: MongoDB Deployment consisting of only one host. No replication of data. + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + + - description: The service where the MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + - name: mongodbreplicasets.mongodb.com + version: v1 + kind: MongoDbReplicaSet + group: mongodb.com + displayName: MongoDB Replica Set + description: MongoDB Replica Set Deployment + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Number of members in this Replica Set. + displayName: Members + path: members + x-descriptors: + - 'urn:alm:descriptor:text' + + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + - name: mongodbshardedclusters.mongodb.com + description: MongoDB Sharded Cluster Deployment + displayName: MongoDB Sharded Cluster + group: mongodb.com + kind: MongoDbShardedCluster + version: v1 + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many Config Servers will be deployed + displayName: Config Server Count + path: configServerCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many MongoDB Servers per Shard will be deployed + displayName: MongoDB Servers per Shard + path: mongodsPerShardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many mongos will be deployed + displayName: Mongos (MongoDB Shard) to be deployed + path: mongosCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: Amount of Shards to be deployed + displayName: Shards + path: shardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + install: + strategy: deployment + spec: + deployments: + - name: mongodb-enterprise-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: mongodb-enterprise-operator + template: + metadata: + labels: + k8s-app: mongodb-enterprise-operator + spec: + serviceAccountName: mongodb-enterprise-operator + imagePullSecrets: + - name: '' + + containers: + - name: mongodb-enterprise-operator + image: quay.io/mongodb/mongodb-enterprise-operator:0.3 + imagePullPolicy: Always + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MANAGED_SECURITY_CONTEXT + value: 'true' + - name: OPERATOR_ENV + value: prod + - name: MONGODB_ENTERPRISE_DATABASE_IMAGE + value: quay.io/mongodb/mongodb-enterprise-database:0.3 + - name: IMAGE_PULL_POLICY + value: Always + - name: IMAGE_PULL_SECRETS + value: '' + + permissions: + - serviceAccountName: mongodb-enterprise-operator + rules: + - apiGroups: + - '' + resources: + - configmaps + - secrets + - services + verbs: + - get + - list + - create + - update + - delete + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - mongodb.com + resources: + - '*' + verbs: + - '*' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/couchbase.1.0.0.clusterserviceversion + packageName: couchbase-enterprise + channels: + - name: preview + currentCSV: couchbase-operator.v1.0.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/dynatrace-monitoring.0.1.0.clusterserviceversion + packageName: dynatrace-monitoring + channels: + - name: preview + currentCSV: dynatrace-monitoring.v0.2.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/mongodb-enterprise.v0.3.2.clusterserviceversion + packageName: mongodb-enterprise + channels: + - name: preview + currentCSV: mongodboperator.v0.3.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_08-certified-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_08-certified-operators.catalogsource.yaml new file mode 100644 index 000000000..77cdb1ff6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_08-certified-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_08-certified-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: certified-operators + displayName: Certified Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..035e4e8f4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..b7c53648f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:f3b170c8c1cd29c5452afd961e73bada7402623310290926c649cce0b4310470 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..91e8282d0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,43 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - openshift-operator-lifecycle-manager + - '-debug' + image: quay.io/coreos/olm@sha256:f3b170c8c1cd29c5452afd961e73bada7402623310290926c649cce0b4310470 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..965817229 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,28 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_13-packageserver.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_13-packageserver.yaml new file mode 100644 index 000000000..d1b8dad1a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/0000_30_13-packageserver.yaml @@ -0,0 +1,151 @@ +##--- +# Source: olm/templates/0000_30_13-packageserver.yaml +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.packages.apps.redhat.com +spec: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5VENDQWQyZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01URXdNalV6TkROYUZ3MHlPREV3TURnd01qVXpORE5hTUJ3eApHakFZQmdOVkJBTVRFWEJoWTJ0aFoyVXRjMlZ5ZG1WeUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUF3dkdzdXhBeWJ4ZnFsVlZWK2JkRlJqQmo3WkZRY0Q4OUdBUlpiT1FnVjZPMWlBazEKU21Ic3l2VGNJZSt1ajAvM2RQcEFPeUlaZkJxTzVEeUJqNGlaQnMxL2NEVE5VVzBDZmxnZ205ai9xZzRaR3lSTQpRZUhONEdDaGsrVWpTOERlU1B6VUlyaG50SUxiMkU2TFZxWlJ0UkdvdldYN0hTNGtFYS8zRThrdDhSY20vUmxiCnh3MmJpNkZPL2Y1ZzNMYmFEMXJqcFpiaC9nQ1NGOHNRZjJOV2dUZ1pwZkwzeFRKYXN1ak1oVVJrYmtjUFlBYkwKa084Rlo5K3Q3T2loSTZnMFJLM3NZTkEwV1VxL3AxL2w2cTVqZXdIaHdwZTFmZHFKWVdpVkpNaldscW9Ncm5sOAptMlhNV3hvcFU5L1BSSjk3Z3R2UmJaTUxreE5udVFkc0dVb285d0lEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBRlNKREFsMlZWUlFyYjg4VENBTnFObVlGRlpWRjlCLwplaHAyLysrYXRMMTV5d0EyV0tqcHhOTUxqaGtlSkM1SFE5a0ZZKzFsdEtxTmcwRSt3UFpRUklEaHQvMk9RdUVKCm1qdVVvajlhZi9XdHZBaGQ3eTdGVC9iMWtPNVdvREF6WXU2dzhoWnJMMVRoc1k0VEx5d1NnUGY0TmVJQnRaVHMKN0VSSGtKUjdjVkJrQzFSRWUwL0dlbmh2SFYrSVo2MkkyaXQxbVlsRXNBelMrbUtNOHE2RmxBWUYyVllIbFFJegp3bmtRTmd4ZEpNYnNkQi9mbGZUOHhSMDFPVDdSR2d1aXJMbk4rOWR3c1JlaVRyZERXbGR3azJXWE5SU1Q4Tnp3CjlxMVc1ZkU0bHhnUEx1NXpDM1o4ODJGZUJKZFFFdFBBTElFU0syWFo3TGI1ejJXUFpiOEpRL3M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + group: packages.apps.redhat.com + groupPriorityMinimum: 2000 + versionPriority: 15 + service: + name: package-server + namespace: openshift-operator-lifecycle-manager + version: v1alpha1 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: packagemanifest-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: package-apiserver-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aggregated-apiserver-clusterrole +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: package-server-certs + namespace: openshift-operator-lifecycle-manager + labels: + app: package-server +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURhakNDQWxLZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01URXdNalV6TkRSYUZ3MHhPVEV3TVRFd01qVXpORFJhTUJreApGekFWQmdOVkJBTVREbkJoWTJ0aFoyVXRjMlZ5ZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXpjSmtUSkh2K0VGaVoxNTVVamJrVER4Smw2RGFZWGpFNE9NZTN4Wjh4VitpMVJvcnlPNmIKMk5ETk1lSElJYWVVYXg1MVZaS0hyTDZWQlpqZFdSc0NvNFBJNHdPdDl6bEYvL013dUtvWEhJWTVSbzNkcms4Tgp2dzhGK1BGanJGYkVOZEN6enJSUDVlQkRDaVVzYWM0WStpenJRLzJ6VEZGQlBwODFTYS95S1g4aWN6eHd6b3R1ClhXbkd3amtSYUNvenIvV1o4TlBuTXRnd0NlbFdEcFZOY3JNbGU3b0M2OWV0Z0Q1Vm5HNFQ2LzgwZW1wVW9SSWUKQmxMWFc3NXM1YzJKakx3bFVrS25ZYWF4V2FRUUtzc29CcUJiWFpyS1REVUJlNzdMeHNVWFZhYVZxbm93UzVQMQpyZENzaDdVSDJQM21LSGhiK1E0NVdPcndqbnkxa0R4SVFRSURBUUFCbzRHNU1JRzJNQTRHQTFVZER3RUIvd1FFCkF3SUZvREFkQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXcKQURCM0JnTlZIUkVFY0RCdWdqTndZV05yWVdkbExYTmxjblpsY2k1dmNHVnVjMmhwWm5RdGIzQmxjbUYwYjNJdApiR2xtWldONVkyeGxMVzFoYm1GblpYS0NOM0JoWTJ0aFoyVXRjMlZ5ZG1WeUxtOXdaVzV6YUdsbWRDMXZjR1Z5CllYUnZjaTFzYVdabFkzbGpiR1V0YldGdVlXZGxjaTV6ZG1Nd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFBMDEKZDV0V2drNFJtb1NWKzRoTXpVWTdPUkRxRVladTFSNTd5OUdEVWxCNlRQY3NNaVkwSWljMW9IU0Z5bm5HNnd4TwpPMmRRTFk0ZmdlYkJKYkVpWTMvWThURk51NCtmanNOUytTTFFoV2pLeXJJVndBSmtibGhyc1FONnU4SngvV1dvCmlKazBCMUNVVFRnSHN4U285WGhPM2w1RWtlcWF0ams5TGFrN0dscldGaGkzNFBaZGVUcjZnZHgwRjBZQkxmcEkKT0oxNjVlV09yUEhmMllaYXhDdVRhS2h3Sjl1V1d0ZzUyUVMwYVplbm9XaUdsZmgxa1Z4UVVLV3M2N0dGcXkxSQp6WTl0NzlTRHhTc1dmUVdRd0xSNko5dnRtT3Zwd09vejhiMkpXaWxua2lVZlBjaElhMDd3NlFGRlplTDdiUWVhCjI0OFl2SzdJRjFZdzlhNjJFejQ9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBemNKa1RKSHYrRUZpWjE1NVVqYmtURHhKbDZEYVlYakU0T01lM3haOHhWK2kxUm9yCnlPNmIyTkROTWVISUlhZVVheDUxVlpLSHJMNlZCWmpkV1JzQ280UEk0d090OXpsRi8vTXd1S29YSElZNVJvM2QKcms4TnZ3OEYrUEZqckZiRU5kQ3p6clJQNWVCRENpVXNhYzRZK2l6clEvMnpURkZCUHA4MVNhL3lLWDhpY3p4dwp6b3R1WFduR3dqa1JhQ296ci9XWjhOUG5NdGd3Q2VsV0RwVk5jck1sZTdvQzY5ZXRnRDVWbkc0VDYvODBlbXBVCm9SSWVCbExYVzc1czVjMkpqTHdsVWtLbllhYXhXYVFRS3Nzb0JxQmJYWnJLVERVQmU3N0x4c1VYVmFhVnFub3cKUzVQMXJkQ3NoN1VIMlAzbUtIaGIrUTQ1V09yd2pueTFrRHhJUVFJREFRQUJBb0lCQURpeDJZVW5xU0dVa3BLOAorMXpsOXgzeWRxeXJDOEZUejV2UHVRL3JXRkhpT2pIUjFrSzFUSWYvY0tyUDlaOGdWOHIwUjR4ZXBiZTVnOEpaCkRwU2cxcWRMaHF6V3RMYXNOMWVCSU9taEpHRWRzdVozN0o4ODlTS3g5d2xUS2cyd2tydnBWOElhK1BEMFRFU2QKWFpHQjBtd011SDZ4aHhmK1E2WUhwRjA3ZDlScXp3NVByY0JLand5WExiRTFqQVFYWHRZN1NCUTJrZEphM1phdwpsV09oU3JMWG9mWFJ3Vm1sVnRGdWdHL3pWNXhsTUVNQlRpY3Y3d21sNXF2aFFJRUlJOVdCWHc5MUNTTk8xZ2x2CmhmY0VxaUc5YUkwczNTMjIvSnlPT0U0UW45L1JtTUFwMHZUd2RqYVRWU2Z6amRHQUpYU01EZUlWOXlJcHVFd2UKSHpjK2crRUNnWUVBNW0xSmF5ZE1YMUtleU1uRExNMW1zcHBtNXAyK2g0VUVzbFp0cC9Ta1FWTnZhMDFVOUN4SApRWGwvRllNQklBcE45K1BLRFRLSElrRXI0WW4yOUx0SjFBOEdqOUw3Sjc3UUI3SW1uMjhIQXpDa2dKWEtlOG9lClpCK1ZjcGtNTWlneHhwNnk3ejBtNktFYjhHdGpQcEtneE9GUS8vUXllQ0dUYkF0NTRGNjk1U1VDZ1lFQTVKaEUKNTZmNnB2RVN6bkgrSExodUFhdk1lanFGUVNoeGlDdHhUVDZCNWdyQ3RaaUdQaFA5WjVla0Z3bWkxR25WSDFORAo2cWROOXVZNkdCSzFkYklCTnoxakxwQlJjU3ZRQ1pHaTBYZHRJK3cvVy9MckxpMXNkcFJZZFgvUjBZWEluTWVHCk9ZRHNpZGhmWlZUOHV2RU13NGhtc2JNMEpITTlaZDFJQmhWQ0FlMENnWUJZcFJwbGVveks3d0hleEordEVLZTkKZGVDNFAxOFl5M2R2RkFqRFlENEFVNVM5ZHRhRHlMVHczMGlnZ2ZGZzNoWDRrMDBibnFDVjhQUnNvNks1cTROUApiU2hkRkJGQ3pRbENyS3BuRTFOalNzYytJR0h4RldSenFDTGFIejZ0M1FDcEpFdzU5UkNPMWN2bHhhbzhYRFExCkNXa2J6bG5NRlQ2ZGhoeXcwRUhGY1FLQmdBc0JOWmY5WXppME5GYVI4RXpMcUNnV2NES1dMS0lWWTFuTjFaZUYKWWRXRVFSbGk3VnVCdE5wTzE0eHdYMUZnZ3UwT0loL2l6QU1OMUZBaVhtLzdFTW5xLzZKWE9rUjdlbmxyZEc0bgpGSzc5Q1pQUW52ZkxJZ1NYWWFiT2IzaHB1MTJvMFZKbFhYM0pWOVpXQUJDejJBeDF2WlBpYjZrdGp4QWZWZjlNCitLK0ZBb0dCQU9HUWsybjdtc2RiU1owQ1JYRjhBcTBYbWhqb2lhc3lKWUlUbGtLOXlid0tkSUd0bjlHcE9yVzYKVmwxdE9rOFAybDNqak16Wm9LNmJob3FjUkZ6RmF6Qyt6eTNVNHpSRGV0VEtNdW5pZm4xNnFWRFFmOEJhcGprbgoxaVd2RjFmU2k5MHJyUHVld0lZc29xVVVsQ2FQQXpGTDdHQ2FUM2lpZG5jcWZma0QwZHhrCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: package-server + namespace: openshift-operator-lifecycle-manager + labels: + app: package-server +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: package-server + template: + metadata: + labels: + app: package-server + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: package-server + command: + - /bin/package-server + - -v=4 + - --global-namespace + - openshift-operator-lifecycle-manager + - --debug + image: quay.io/coreos/olm@sha256:f3b170c8c1cd29c5452afd961e73bada7402623310290926c649cce0b4310470 + imagePullPolicy: Always + ports: + - containerPort: 443 + volumeMounts: + - name: certs + mountPath: /apiserver.local.config/certificates + readOnly: true + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + volumes: + - name: certs + secret: + secretName: package-server-certs + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + imagePullSecrets: + - name: coreos-pull-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: package-server + namespace: openshift-operator-lifecycle-manager +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 443 + selector: + app: package-server diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/image-references new file mode 100644 index 000000000..f32e8167a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.2/image-references @@ -0,0 +1,11 @@ +##--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: olm + from: + kind: DockerImage + name: quay.io/coreos/olm@sha256:f3b170c8c1cd29c5452afd961e73bada7402623310290926c649cce0b4310470 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_00-namespace.yaml new file mode 100644 index 000000000..ecb479521 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_00-namespace.yaml @@ -0,0 +1,10 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + labels: + openshift.io/run-level: "1" + annotations: + openshift.io/node-selector: "" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8ab035f63 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..c321e207e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,718 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + # FIXME(alecmerdler): Doesn't allow boolean values + type: object + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..8742215dc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_03-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..35f0c24a1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_04-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..8facb62fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..898664cc5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,11756 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + provider: + name: Red Hat, Inc + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: svcat.v0.1.34 + namespace: placeholder + spec: + displayName: Service Catalog + description: Service Catalog lets you provision cloud services directly from the comfort of native Kubernetes tooling. This project is in incubation to bring integration with service brokers to the Kubernetes ecosystem via the Open Service Broker API. + keywords: ['catalog', 'service', 'svcat', 'osb', 'broker'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Documentation + url: https://svc-cat.io/docs + - name: Service Catalog + url: https://github.com/kubernetes-incubator/service-catalog + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-info"] + verbs: ["get","create","list","watch","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["service-catalog-controller-manager"] + verbs: ["get","update"] + clusterPermissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["create","patch","update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get","create","update","delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get","list","update", "patch", "watch", "delete", "initialize"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceinstances","servicebindings"] + verbs: ["get","list","watch", "update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers/status","clusterserviceclasses/status","clusterserviceplans/status","serviceinstances/status","serviceinstances/reference","servicebindings/status"] + verbs: ["update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers/status","serviceclasses/status","serviceplans/status"] + verbs: ["update"] + - serviceAccountName: service-catalog-apiserver + rules: + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authentication.k8s.io"] + resources: ["tokenreviews"] + verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] + deployments: + - name: svcat-catalog-apiserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-catalog-apiserver + template: + metadata: + labels: + app: svcat-catalog-apiserver + spec: + serviceAccountName: "service-catalog-apiserver" + containers: + - name: apiserver + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + args: + - apiserver + - --enable-admission-plugins + - "NamespaceLifecycle,DefaultServicePlan,ServiceBindingsLifecycle,ServicePlanChangeValidator,BrokerAuthSarCheck" + - --secure-port + - "5443" + - --etcd-servers + - http://localhost:2379 + - -v + - "10" + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 5443 + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + readinessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + - name: etcd + image: quay.io/coreos/etcd:latest + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 40Mi + requests: + cpu: 100m + memory: 30Mi + env: + - name: ETCD_DATA_DIR + value: /etcd-data-dir + command: + - /usr/local/bin/etcd + - --listen-client-urls + - http://0.0.0.0:2379 + - --advertise-client-urls + - http://localhost:2379 + ports: + - containerPort: 2379 + volumeMounts: + - name: etcd-data-dir + mountPath: /etcd-data-dir + readinessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + volumes: + - name: etcd-data-dir + emptyDir: {} + - name: svcat-controller-manager + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-controller-manager + template: + metadata: + labels: + app: svcat-controller-manager + spec: + serviceAccountName: svcat-controller-manager + containers: + - name: controller-manager + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - controller-manager + - --secure-port + - "8444" + - "--cluster-id-configmap-namespace=default" + - "--leader-elect=false" + - -v + - "10" + - --resync-interval + - 5m + - --broker-relist-interval + - 24h + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 8444 + readinessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + maturity: alpha + version: 0.1.34 + apiservicedefinitions: + owned: + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceClass + displayName: ClusterServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServicePlan + displayName: ClusterServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceBroker + displayName: ClusterServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceInstance + displayName: ServiceInstance + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBinding + displayName: ServiceBinding + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceClass + displayName: ServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServicePlan + displayName: ServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBroker + displayName: ServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + customresourcedefinitions: + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/svcat.v0.1.34.clusterserviceversion.yaml + packageName: svcat + channels: + - name: alpha + currentCSV: svcat.v0.1.34 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_07-certified-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_07-certified-operators.configmap.yaml new file mode 100644 index 000000000..7041f14b1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_07-certified-operators.configmap.yaml @@ -0,0 +1,1358 @@ +##--- +# Source: olm/templates/0000_30_07-certified-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: couchbaseclusters.couchbase.com + spec: + group: couchbase.com + version: v1 + names: + plural: couchbaseclusters + singular: couchbasecluster + shortNames: + - couchbase + - cbc + kind: CouchbaseCluster + listKind: CouchbaseClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - baseImage + - version + - authSecret + - cluster + - servers + properties: + adminConsoleServices: + type: array + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + buckets: + type: array + items: + type: object + required: + - name + - type + - memoryQuota + properties: + enableFlush: + type: boolean + enableIndexReplica: + type: boolean + ioPriority: + type: string + enum: + - high + - low + name: + type: string + pattern: '^[a-zA-Z0-9._\-%]*$' + evictionPolicy: + type: string + enum: + - valueOnly + - fullEviction + - noEviction + - nruEviction + memoryQuota: + type: integer + minimum: 100 + type: + type: string + enum: + - couchbase + - ephemeral + - memcached + replicas: + type: integer + maximum: 3 + minimum: 0 + conflictResolution: + type: string + enum: + - seqno + - lww + baseImage: + type: string + antiAffinity: + type: boolean + exposeAdminConsole: + type: boolean + paused: + type: boolean + servers: + type: array + minLength: 1 + items: + type: object + required: + - size + - name + - services + properties: + name: + type: string + minLength: 1 + pattern: '^[-_a-zA-Z0-9]+$' + pod: + type: object + properties: + automountServiceAccountToken: + type: boolean + couchbaseEnv: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + labels: + type: object + nodeSelector: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + requests: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + tolerations: + type: array + items: + type: object + required: + - key + - operator + - value + - effect + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + volumeMounts: + type: object + required: + - default + properties: + analytics: + type: array + items: + type: string + data: + type: string + default: + type: string + index: + type: string + serverGroups: + type: array + items: + type: string + services: + type: array + minLength: 1 + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + size: + type: integer + minimum: 1 + disableBucketManagement: + type: boolean + volumeClaimTemplates: + type: array + items: + type: object + required: + - metadata + - spec + properties: + metadata: + type: object + required: + - name + properties: + name: + type: string + spec: + type: object + required: + - resources + - storageClassName + properties: + resources: + type: object + properties: + limits: + type: object + required: + - storage + properties: + storage: + type: string + requests: + type: object + required: + - storage + properties: + storage: + type: string + storageClassName: + type: string + serverGroups: + type: array + items: + type: string + version: + type: string + pattern: '^([\w\d]+-)?\d+\.\d+.\d+(-[\w\d]+)?$' + softwareUpdateNotifications: + type: boolean + authSecret: + type: string + minLength: 1 + cluster: + type: object + required: + - dataServiceMemoryQuota + - indexServiceMemoryQuota + - searchServiceMemoryQuota + - eventingServiceMemoryQuota + - analyticsServiceMemoryQuota + - indexStorageSetting + - autoFailoverTimeout + - autoFailoverMaxCount + properties: + autoFailoverTimeout: + type: integer + maximum: 3600 + minimum: 5 + autoFailoverOnDataDiskIssues: + type: boolean + clusterName: + type: string + indexStorageSetting: + type: string + enum: + - plasma + - memory_optimized + analyticsServiceMemoryQuota: + type: integer + minimum: 1024 + eventingServiceMemoryQuota: + type: integer + minimum: 256 + searchServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverMaxCount: + type: integer + maximum: 3 + minimum: 1 + dataServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverOnDataDiskIssuesTimePeriod: + type: integer + maximum: 3600 + minimum: 5 + indexServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverServerGroup: + type: boolean + tls: + type: object + properties: + static: + type: object + properties: + member: + type: object + properties: + serverSecret: + type: string + operatorSecret: + type: string + exposedFeatures: + type: array + items: + type: string + enum: + - admin + - xdcr + - client + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: Age + type: date + description: >- + CreationTimestamp is a timestamp representing the server time when this + object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is + represented in RFC3339 form and is in UTC. + + + Populated by the system. Read-only. Null for lists. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + JSONPath: .metadata.creationTimestamp + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: oneagents.dynatrace.com + spec: + group: dynatrace.com + names: + kind: OneAgent + listKind: OneAgentList + plural: oneagents + singular: oneagent + scope: Namespaced + version: v1alpha1 + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbreplicasets.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbreplicasets + singular: mongodbreplicaset + shortNames: + - mrs + kind: MongoDbReplicaSet + listKind: MongoDbReplicaSetList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - members + properties: + members: + type: integer + maximum: 50 + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbshardedclusters.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbshardedclusters + singular: mongodbshardedcluster + shortNames: + - msc + kind: MongoDbShardedCluster + listKind: MongoDbShardedClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - shardCount + - mongodsPerShardCount + - mongosCount + - configServerCount + properties: + configServerCount: + type: integer + maximum: 50 + minimum: 1 + mongodsPerShardCount: + type: integer + maximum: 50 + minimum: 1 + mongosCount: + type: integer + minimum: 1 + shardCount: + type: integer + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbstandalones.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbstandalones + singular: mongodbstandalone + shortNames: + - mst + kind: MongoDbStandalone + listKind: MongoDbStandaloneList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + properties: + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"couchbase.com/v1","kind":"CouchbaseCluster","metadata":{"name":"cb-example","namespace":"default"},"spec":{"authSecret":"cb-example-auth","baseImage":"registry.connect.redhat.com/couchbase/server","buckets":[{"conflictResolution":"seqno","enableFlush":true,"evictionPolicy":"fullEviction","ioPriority":"high","memoryQuota":128,"name":"default","replicas":1,"type":"couchbase"}],"cluster":{"analyticsServiceMemoryQuota":1024,"autoFailoverMaxCount":3,"autoFailoverOnDataDiskIssues":true,"autoFailoverOnDataDiskIssuesTimePeriod":120,"autoFailoverServerGroup":false,"autoFailoverTimeout":120,"clusterName":"cb-example","dataServiceMemoryQuota":256,"eventingServiceMemoryQuota":256,"indexServiceMemoryQuota":256,"indexStorageSetting":"memory_optimized","searchServiceMemoryQuota":256},"servers":[{"name":"all_services","services":["data","index","query","search","eventing","analytics"],"size":3}],"version":"5.5.1-1"}}] + name: couchbase-operator.v1.0.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Manages Couchbase clusters + displayName: Couchbase Cluster + kind: CouchbaseCluster + name: couchbaseclusters.couchbase.com + resources: + - kind: Service + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: The name of the secret object that stores the admin credentials. + displayName: Auth Secret + path: authSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: The name of the secret object that stores the server's TLS certificate. + displayName: Server TLS Secret + path: tls.static.member.serverSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: The name of the secret object that stores the Operator's TLS certificate. + displayName: Operator TLS Secret + path: tls.static.operatorSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: Specifies if the Operator will manage this cluster. + displayName: Paused + path: paused + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies if the Couchbase Server Web Console will be exposed externally. + displayName: Expose Console + path: exposeAdminConsole + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies whether or not two pods in this cluster can be deployed on the same Kubernetes node. + displayName: Anti Affinity + path: antiAffinity + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies if update notifications will be displayed in the Couchbase UI. + displayName: Show Update Notifications + path: softwareUpdateNotifications + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies if the Operator will create or delete buckets. + displayName: Disable Bucket Management + path: disableBucketManagement + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: The desired number of member Pods for the Couchbase cluster. + displayName: Size + path: servers[0].size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The maximum number of failover events tolerated before manual intervention is required. + displayName: Auto Failover Max Count + path: cluster.autoFailoverMaxCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:slider' + - 'urn:alm:descriptor:com.tectonic.ui:sliderStart:1' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed. + displayName: Resource Requirements + path: servers[0].pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The desired number of member Pods for the deployment. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The current status of the Couchbase cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the application. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - description: The status of each of the member Pods for the Couchbase cluster. + displayName: Member Status + path: members + x-descriptors: + # FIXME: Format doesn't match with what the OpenShift console's donut chart expects + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The current version of the Couchbase cluster. + displayName: Current Version + path: currentVersion + - description: The cluster identifier as provided by the Couchbase cluster. + displayName: Cluster ID + path: clusterID + - description: Specifies if the Operator is currently managing this cluster. + displayName: Control Paused + path: controlPaused + - description: The port that the web console can be accessed on from any node in the Kubernetes cluster. + displayName: Admin Console Port + path: adminConsolePort + - description: The SSL port that the web console can be accessed on from any node in the Kubernetes cluster. + displayName: SSL Admin Console Port + path: adminConsolePortSSL + - description: Conditions for the cluster + displayName: Conditions + path: conditions + x-descriptors: + # FIXME: Format doesn't match with normal Kubernetes conditions (map vs array) + - 'urn:alm:descriptor:io.kubernetes.conditions' + version: v1 + keywords: + - couchbase + - database + - key value + - nosql + - open source + displayName: Couchbase Operator + provider: + name: Couchbase + maturity: stable + version: 1.0.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAK4AAACvCAYAAABkUOVLAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAABLSSURBVHic7d17cFz1dQfw77l39ZZlgbHNpH7IxliPlVaStX7gMEVOmeCQQBoIpjNtKYmhbtJ0KFACbdOZlDZMYSAuk0AYDKVDMgVMgU5CsGlpbFLHD7wrrx4rycaWReIkY2wj62FJ1t77O/1DMjEeW3ufe3dX5zPjGY907+93bH/90+7de88PEEIIIYQQQggROAq6gHywr6ZmjlZQMJtSKCOgEABMhMp1GCMAwMAEF+CMSqUGV/f2ngq22vwgwU1jR2trqOLk0NWsVD2Il4JRxUAVgReD6Aow5gDQbAypQDgF5pMM+oCAfmY6SoSj0M3Ovs6a9zfgVdOvP0++kOCehwGKNzRUs6mtJcJagJrAHAZQnMEyxkGUBDhBjF+wrvZEOzt7Mzh/TpjxwX2vvn6hzqH1SvF6Ir4OoDlB13QRJwl4l5m3GwXYvqaj41jQBQVtRgY3VtPQAF3bAOCLYDQEXY9tTB0g/i8FbF3V3Z4MupwgzJjgxsIti4hTX2HgdoBqg67HQ0kQXlFk/vuqrq5fBV1MpuR1cHe0toYqjg/cBKK7GXwD7L2Jyi0EE8xvg7Utw/Mr31y3c6cRdEl+ysvg7qqunlWsFX0VhPsAWhR0PQH4LYOeLdLNJyOdnQNBF+OHvAru3vr6+SGlfxPAXQAqgq4ncIRBBj9bqOPxxo6OD4Mux0t5Edx9NTVzNK34rwh8H4BZQdeThc4AeN7QzEfWdHUdD7oYL+R0cHcvuKakYNbYfUT8ICSwVgwB/C/Do0Ob1/X3jwddjBs5G9x4OHITg54EY0nQteSgXzHzt6I9HT8kgIMuxomcC248vGIZs/ksgHVB15LrCPyO0nnTys7OvqBrsStngrujtTU06/hHfwmi7wAoC7qevEEYY6bHqET/TjQeTwVdjlU5EdxYQ0MNG/RDIooGXUu+ImC/ofAnq3vbDwVdixVZf0F+f23kDphaTELrLwZW6joSsdrIPUHXYkXWrrgHmpoqzQl+AcAfBl3LTMOM181U8VfWHN43FHQtl5KVwY01NNTApNfz7J6CXPM+M9+ysqejK+hCLibrXirEaxtvh6nFJLSBu5qI9sTqmm4LupCLyargxmoj9zDhPyBXDbJFOcCv7K9r+nbQhVwoK14q7GhtDVV8OPB9BjYFXYu4OAZeoJLQpmy5ZBZ4cGMtLaUYM14HcEPQtYh0+K2JobIvrz22ZyzoSgINbnskUpYy6McAPhNkHcI6Bv3cnCi6KegrDoEFt6Oh4bIJU9sGYHVQNQjH9uqF9LnmROJ0UAUE8uasPRIpmzC1H0NCm6vWmBO8fVd1dWB35GU8uLsXXFOSStGbAK7N9NzCU6uL9eJt7ZFIIFeAMhrcWEtLQWHF6BsgtGZyXuGbT6cMbN3R2hrK9MQZDS6NGd+DXD3IM3TjrBMDz2R61owFNxZu/Ae5TpunGBtj4caHMjllRq4qxGsbb2fCS5maTwSCmfi2lcmO1zIxme9BitU0NEDT9kA+xp0JRhSwJhPddXx9qbCrunoWNG0rJLQzRbkGvB5b2jLb74l8DW6xXvwigBo/5xBZZzmKzef8nsS34MbqGv8CchP4DMVf3l8b2ejnDL68xp16EvcAgHI/xhc54Qyb3LLyYMdBPwb3fMXd0doaUsp4CRLama6MdHpxK27T/Rjc8+DOOjFwvzzYKKasWho+5MvDl56+VNhXHVmi69QJuYogfmcUmhmJdnUd8XJQT1dcXafnIaEVn1QKU3/a60E9C268rnEDpC2SuBjCZ+O1jV/ydkgP7KiqKp5VOrsHQJUX44m81Dc8Ohj2qkukJytueUnl/ZDQiuktnVU227M3aq5X3H01NXN0ragP0gFcpEMYnICxdG0y+ZHboVyvuJpe+CAktMIKxuwi6Pd5MZSrFbdtWfNcVaj6IB82COtGCkJ8lds9KVytuKpQPQgJrbCnPJUi16uu4xV377LVFaGi8V+C4fstbCLvDGE8tCjaFx90OoDjFbeg4OwmCa1wqIJLjK+6GcDRihtraSnAmHEEwEI3k4sZ7YPheZctc7oDpqMVl84aN0FCK9xZXH7ioxudnuwouErhbqcTCnEOKXKcI9svFWLhlkVg4yiyrLfulBEAKYCHATIAFAJYEHBNmWYAOAZAAagAoQyMkoBrujiCaehctaaj45jdUx10IDHuRCZDSxgD4+fE6IZGR5jxITMN6DpOK6QGTMM4rZeVDV2qb2t7JDLPMOl+ZjyA/H48/iyAByaGSp+7sA0oA9TZ0FA5SlRGE1Sq6TSXFOaC+EoCz1dMczXClYp5MRE1AijISMUMvcDAHQAesXuq/RW3LtKdoTb3bQQ8yiWhN6Px+KjbwWLhpi1gvsuLwrIS4aFosv1Rt8PEWlpKeTR1MxHdC2CVB5VNj9AZTbZH7J9mw1SPhA67k9h0hhlfi/a0/8jL7Trb6pujSqn9Xo2XbUIGFjQdav+1V+MxQPG6xk0AngBQ6tW4F0OaXtfS1dZj5xx7P/J1bYOt4+07Tpq5dmVPu+d7zA6ODGTl7jEeGW881P4bLwckgKPd7c+AcAMIjj8osEQZtnNlL7js6+PmZ5VGt7R0dfmyok/dBzrhx9hZ4KRfm0lHk+27oOiP4eNm1QyyfZO55eC+V1+/EEC93QmsIuLHV3Uldvs1/pSc3CncAl//XNGexE8Z2OLjFJG26uZP2TnBcnB1Dq23X49FhEGtQHvct/GFa2aI/wmTVy78QKaubOXLcnCVYt+CS8C2IPcTEOlNXmvl//VrfAK8Dy4DRITfd1aSpQn+27exhZfe9nHs69jGVS5LwW2rX1ED4ArHJaVhKq3Pr7GFh1jztDfCBeYlapuWWT3YUnCVMq9xXk96IR0n/BxfeENpcPXUgoXxP231WEvBJcJa5+Wkpyjl14t+4aEQka9XL1gpyzmz9uaM0ey4GiEsIqImq8emDe7UVkB1rioSwgIm1Fvt7pg2uLNPDC4HUOy6KiHSYZQsrjl0lZVD0wZXMYfdVySENaGQtU9n07/GJbb0P0AIL7DipVaOSxtcYukJJjKHmaqsHJc2uCzN7EQGEfESK8dZuBzGi9wWI4R1tNjKUVau485zWYkQdsy1ctC0wWVAA1GlN/UIYcnlVm62mTa4e8LhSjB82e5HiEsIJZqa0rb2mja4RSi63Lt6hLDGMM20uZu2r4LJZlE2dv1wikA/A1RmegZkELOWV3fX6SqU9pPaaYOrMReB8qeHRkt3wnGvKpE5Brgw3THTLqg02cJIiIzSWBWlPWa6b7JGDlo0CeESUdqXc9OvuIod9S4Vwg220P8i3XXcfG2gIbIYgyS4IvfopKV9lGva4GpayJPtK4Www8oziNMG9yzOut4BUAi76EzhqXTHTBvca5LJ0yCY3pUkRFqplr74ULqD0l3HVWAMeFeTEGl9ZKXzpJX7cfPq40SR9U5aOchCcOmXbisRwjr+wMpRVu6hOeqyEiEsYyZLebPwlC/63RYjhFVE1hZKCw9Lsp8d+oT4BGJY6tyZ/vF0jfN50w+RbTS909Jh6Q7o66x5H4SxdMe5oZuhfLpfXTg3uiLZ5s2KuwGvmgB1u6/p0kyoWX6OL7xhgst9nqKLJrdyTcvqSnfARTFpkUaWHkkWwdIU+9qqgIGE5VosDci8x3k5FsYHLPdFFcFRxL52pgfzL6weam3FNa0P6IjCZ3wdX7jGgEZMX/BzjhA0ywukpeBGD3YcgsWP4hwhXL+vOmKpZ5QIRiwcuR2A5c1FHDje3JN43+rB1vaAAJiAd53XlL4OXcf3fRxfuBBb3nIFMbnemT0NW/myfBmKmbfbr8UOunF/OPKYnb2uhP9iLS2lHDJeBrDQz3kIsJUvy8E1CrAdPu8ZS0wPxMONr03tGywCFgu3LOLx1DsE/IHPUzFzyFZwba1usXBjBxgN9mpyZBSElxj0QjSZ2GP12p7wRmJ54+8ZBdgIxjcBlGViymh3u62dnez1TWC8AWQkuKVgbCTwxnhd4+kYYxcIbcx8hDTq0wytb8XBA7/JQB15a0dVVXFlSeVCU+MFrHghaVQFxhIQNRjgpow2OyS8Yf8UG96rawxrQLbcuzAOoA+Eo1B8EkQnQTjBjBMgPsmknaSUOqVo4uSq3t6BmbJqb8VtelW4e65manM1jeYp0uYDfCUYiwEsYuYFRLQQwPyga/2YrmqjnZ29dk6x/UYoVtfYBSAXd+IZBTAC0DAIp6F4GMAIaRhRjCEQj5Kis9BwBsAEgUYApBTUMLFmMOMMLnjen3Ue1Q3T1q6YrGsVrDQdAIj4MmCq1RVN/kjmyY9VCwAQFCrPfV9NfZ/A5QAVMEPXiCsYVIHJH+flACoAVCKX3uAydUR7Eo12T7PfYonwChgP2z4veKWTv3geGB//0/K5yxhMk7+ZevvJU7+hqS9O9v775HtTUgBrNu8PYoBIXfili7/tpd99ny74IhHAOZTPSyL1spPTbN+VZej8gjz5KzxihAx60cmJtoO7pqPjGJjfdjKZEOcj0FtNh9p/7eRcZ/fBsrbF0XlCnI/Uc05PdRTc4fmVbwIsT/8KN/qH5l6+zenJjoK7budOA0RPOp1UCIA3r9u503EbW8ePzIwb41tAGHR6vpjRBkrI/Dc3AzgO7rUHDw4z+Fk3k4uZiUE/CCeTI27GcPWQIqUKHgMw7GYMMeOM6BP0r24HcRXc6KH4SQBPuS1CzCCMzSsOH3Ddj871Y+F6IT0K4LTbccQMQBgsDKnNXgzlOrjNicRpgB/zohiR55j/OdLZ6UnbWk8acZSQ+QQAy88LiZmIjsyeGP2eV6N5EtxwMjlBGh7yYiyRn4jUvVcfPmzrTrppx/NqIACI10X+h0HXezmmyH0E2ub1drSe9uzSlHY3gDNejily3qjSzW94PainwW3uTfQT0z96OabIbcT09ys7Oy01srPD8y6JQ/MrNxOw3+txRU7ae6Tnas/ekJ3Pl1voY/X1V0HpBwBIF8aZ64ypsGJ1b/shPwb3pS9ttKvrCBHd78fYIjcQ0Tf8Ci3g80N1+2sbXyPCLX7OIbIPE15ZmWz/Iz/n8LUT+Fk1ficAX5tCiyxDOGieLf5z/6fx2f7qSDXp9B4mH50W+W1EI231iuQB3xcr3/deWHmw4yBAd8HnvmMicIoYd2QitEAGggsA0e7EqwT+VibmEsEgpodaetptt1JyPF+mJgKAWLjpaTB/LZNzigwgei6aTNydySkzu01TsX4PwG9ldE7hKwZ+Mjy3MuOLUcZ7+OxecE1JYcXoTwGsy/TcwnM/Gx4d/Py6/v7xTE+c8Y3x1h7bM4aS0BcA/F+m5xae2ltCxheDCC0QQHABIBqPj+qFdDOAvUHML9whxm6Mh9a7fVLXjcC2Im1OJE4XhPh6Ar8TVA3CPiJ+d0yNr4/2xQPtqRHoHrqNHR1nzg6V3Sxv2HIDAz8ZOjO0/tqDBwNvSRD45s9rj+0Z6+uuvhnETwddi5gG4XkqCd0a1GvaC2VVZ+BYbeQeEH0XWfAfSnyMGfTwyu7Et4Mu5HxZFVwA2B+O3EpML0Du5c0GQ8S4M5OfiFmVdcEFgH01jct1Da8jN/eayA+Eg4px66ru9mTQpVxMVv5IXt3bfsiYKF4L0H8GXctMxIRXxo3xldkaWiBLV9zz7a+N3EFET2FyVxnhr2Ei+puWZCLru3BmfXAB4EBt09Um8Y8ArAq6ljy2l0j/05Zk2+GgC7EiJ4ILAAxobeGmu5j5Ccjq66VREB7uSy5/fANezZndlHImuOfsq44s0TV6BoTPBl1LriPQNk3h6829if6ga7Er54J7TjwcuYlZ2wzwVUHXkoMOA/R30e7Eq0EX4lTOBhcA3l+2rGiwqOyvAfwtGLODricHnCamR4q11JPhZHIi/eHZK6eDe86u6upZxaHir0MCfCkjYDxVGFKPetWfNmh5Edxz2pY1z1UF6n4QNmFyM+aZboBBP1Bq/Lure3tPBV2Ml/IquOckw+HyMaVvBNG9ABYHXU8A+kF4BmOhZ4K+/dAveRncc3a0tobKPzz9eWK+Cxo+B4YedE2+IZjMeEsj3nIkWf1WLl3aciKvg3u+vZHIAj2l/RlpfDsYDUHX4xmmDpB6OWTQi043dM5FMya454vXr6iFMjYw6EsAIsitvwcG0A7CG9DU1mhnZ2/QBQUhl/7BfNFW3fwpU1frCVgP4DoA84Ku6SKOA3iXgO3Moe3Rnvhvgy4oaDM+uBfaV9O4PKTTWlZqLQPNRFQHoDSDJYwSkFTAASLarSvsbu5JyI5GF5DgprEVt+mLaw5dpencQIwlICwBowqgKgBzpn6FbAxpADg1+Yv7mekoEfeTRn2aSZ1NPYkjBCiv/xz5RoLrgQNNTZWGaV6ucUERjFQpAJgIleswJh/fDhWMKkqdDen6R5MbGgohhBBCCCGEEEIIIYQQQgghhBAz1v8D+o/bXqYjxQQAAAAASUVORK5CYII= + mediatype: image/png + links: + - name: Couchbase + url: 'https://www.couchbase.com' + - name: Documentation + url: 'https://docs.couchbase.com/operator/1.0/overview.html' + - name: Downloads + url: 'https://www.couchbase.com/downloads' + install: + spec: + deployments: + - name: couchbase-operator + spec: + replicas: 1 + selector: + matchLabels: + name: couchbase-operator + template: + metadata: + labels: + name: couchbase-operator + spec: + containers: + - command: + - couchbase-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: 'registry.connect.redhat.com/couchbase/operator:1.0.0-1' + name: couchbase-operator + ports: + - containerPort: 8080 + name: readiness-port + readinessProbe: + failureThreshold: 19 + httpGet: + path: /readyz + port: readiness-port + initialDelaySeconds: 3 + periodSeconds: 3 + serviceAccountName: couchbase-operator + permissions: + - rules: + - apiGroups: + - couchbase.com + resources: + - couchbaseclusters + verbs: + - '*' + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - '' + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - secrets + verbs: + - '*' + - apiGroups: + - '' + resources: + - persistentvolumes + verbs: + - get + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + serviceAccountName: couchbase-operator + strategy: deployment + maintainers: + - email: support@couchbase.com + name: Couchbase + description: > + The Couchbase Autonomous Operator allows users to easily deploy, manage, and + maintain Couchbase deployments on OpenShift. By installing this integration + you will be able to deply Couchbase Server clusters with a single command. + + + ## Supported Features + + + * **Automated cluster provisioning** - Deploying a Couchbase Cluster has + never been easier. Fill out a Couchbase specific configuration and let the + Couchbase Operator take care of provisioning nodes and setting up cluster to + your exact specification. + + + * **On-demand scalability** - Automatically scale your cluster up or down by + changing a simple configuration parameter and let the Couchbase Operator + handle provisioning of new nodes and joining them into the cluster. + + + * **Auto-recovery** - Detect Couchbase node failures, rebalance out bad + nodes, and bring the cluster back up to the desired capacity. Auto-recovery + is completely automated so you can sleep easy through the night knowing that + the Couchbase Operator will handle any failures. + + + * **Geo-distribution** - Replicate your data between datacenters to move + data closer to the users who consume it and protect against disaster + scenarios where an entire datacenter becomes unavailable. + + + * **Persistent storage** - Define persistent network-attached storage for + each node in your cluster to allow pods to be recovered even if the node + they were running on is no longer available. + + + * **Rack/zone awareness** - Tell the Couchbase Operator about availability + zones in your datacenter and let the operator take care of ensuring that + nodes in your cluster are deployed equally across each zone. + + + * **Supportability** - When things go wrong, use the cbopinfo tool provided + with the Couchbase Operator to collect relevant data about your Couchbase + deployment so that you can quickly address issues. + + + * **Centralized configuration management** - Manage your configuration + centrally with OpenShift. Updates to the configuration are watched by the + Couchbase Operator and actions are taken to make the target cluster match + the desired configuration. + + ## Required Parameters + + * `authSecret` - provide the name of a secret that contains two keys for the + `username` and `password` of the super user + ([documentation](https://docs.couchbase.com/operator/1.0/couchbase-cluster-config.html)) + + + ## About Couchbase Server + + + Built on the most powerful NoSQL technology, Couchbase Server delivers + unparalleled performance at scale, in any cloud. With features like + memory-first architecture, geo-distributed deployments, and workload + isolation, Couchbase Server excels at supporting mission-critical + applications at scale while maintaining submillisecond latencies and 99.999% + availability. Plus, with the most comprehensive SQL-compatible query + language (N1QL), migrating from RDBMS to Couchbase Server is easy with ANSI + joins. + selector: + matchLabels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + labels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"dynatrace.com/v1alpha1","kind":"OneAgent","metadata":{"name":"oneagent"},"spec":{"apiUrl":"https://ENVIRONMENTID.live.dynatrace.com/api","args":["APP_LOG_CONTENT_ACCESS=1"],"image":"registry.connect.redhat.com/dynatrace/oneagent"}}] + name: dynatrace-monitoring.v0.2.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Dyantrace OneAgent monitoring agent + displayName: Dynatrace OneAgent + group: dynatrace.com + kind: OneAgent + name: oneagents.dynatrace.com + resources: + - kind: DaemonSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for the OneAgent to connect back to Dynatrace. + displayName: API and Pass Tokens + path: tokens + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: >- + 'Location of the Dynatrace API to connect to, including your + specific environment ID' + displayName: API URL + path: apiUrl + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + version: v1alpha1 + keywords: + - monitoring + displayName: Dynatrace OneAgent + provider: + name: 'Dynatrace LLC' + maturity: stable + version: 0.2.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAANcAAADKCAMAAAAB6yXCAAABsFBMVEVMaXEaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhq03AAaGhpzvigaGhoUlv8aGhpvLai03AC03ABzvihzvihzvihzvii03AAaGhpzvihzvii03AC03ABzvii03AC03ABvLagUlv8Ulv9vLai03AAUlv9zvihvLagUlv8Ulv8Ulv9vLai03ABvLagUlv9vLagUlv9vLahvLai03ABvLahzvihvLai03ABvLahzvihzvihzvigUlv8Ulv+03ABzvihvLagTjPNzvii03ACx2wRvLagUlv8TkflvLagUlv8Ulv8Ulv+03ABuj0tiJZtjJpyUzC8TjPRsiFBzuiuu2gmv2ghCpq5jtX1zvii03AAUlv9vLagaGhoShOpZH5FeIpcTjfQSiO87mq9tl0JjsHWMxjpmb1xgR3dpg09bKYpjW2lxtS5cIZRuLKcUlPxPpZISh+5pKaIcitthUXCg0RxuoTtwqzVaIJIwlb6WzCsShu1gI5hkJpxoKaF4u1drWHtfNYZdIpVsK6VrjUlnKJ8Tkfqq1w4Tjvag0h2CwUgeme5QqZcTivFttmaCyVeZAAAAWnRSTlMAoCDQ8GAQwIBA4DCAsEBQQHDA8EAwgPDAEJDQEKBgoMAwQMCAgNAwYKBg8NAQsNCg8BBgIHAwUJAgcHCwkCCQ4OBQcCCQ07Bw3OCwUOBQuHA87zz41qb4bYKEG2nxAAAACXBIWXMAAAsSAAALEgHS3X78AAAHSElEQVR42u3bd2PTRhgHYG1ZHjh2nIEhjuPEzDSFQkrCKrN778qxQ5sABUoZpXvv3X7l6jRPp2ENNzqL9/cHSWxZd4/G3XsiYRgIBAKBQCAQCAQCgUAgEAgEQnsarXJDS75Q63OTPTvn2u25cvnFHBhbmMqVc+2V8urYAlu9odF96+PFWu1Fzr52udXYPR6suV7cTLYvr1Kvi8+ydeXWev5YOm0BWDuZ3Sv5ZO1Lw9pnsvbmjGUOiPPT+WSp0zlk7T2tqrNUsRYmR8Hao1LmSsdawViqmhvWHIOz1Jyy1F3ULI1HwZqyWNS4Wr1RsGYslnoqD6xVD4uSCSwdq+VlqfP5ZFExgZVHwTrhYql7xny5ZbEOqETGfBXZCGCp481aCGKpU/lkZTsxj2bNf8aHpZ7IkvVkUJe/fLXdbq+Uyaxor7YnCda8HyvLiZlgfXL9+rVr97a3v9jUcjH8k41Gq7wexsrSddnwIM729oNNVy5G3UkAK8OCo6GZfvtue9M3r6VkZVhwvNnr/flgMyDRdrF3VqXP9VbvHhJ8tbX1npOtra370V3TgazsCqmF3r+b93//dcMvd59J7cqs4Gj88c/djaAsjq/rnb83NtK6TlDoevuvENeRaPvYFeLKqpCaCGFtLIELXBS4DqV3TdPomhhfFwMucD0ErlkaXftz6mLARZ1rOaeuxfSuUzl1ha0rz+fUpYJrtHkip66l9K75nLpmwbVzOZS+7qXSNZHedT6nLvUhdM1k5WJSr78uhblO0+c6/Hz6cj7D/zgPZEVcLdO5TAksECOzwpYpM1O0uSzWWr2+1u1e6HQ6x/0//srLL1HJYp4LYx3se1I38iz6/grKTSpZvoXU8tlAliufI9dVKll+ruXHorH67yLXp1SyfApEk/VIvR/JFfCbABmzvAWHxXq0H8l1y5+V+d9I7U/O0l036GSRE/ORGCzd9TGlLMbvVwCisXTX+5SyXE98TdbjR/uRXd7p6zQdf3+4mJilu67S87t5QU/a4rJ0121KWc7E/HRclu6ilWVPzOZvNXSis5DrBq0sa2I2Wcf6/ViuD2hlMWcTs/ofEsP8AYamJGb1ieGQLhbzwsbhiUQs5PqMWhazaK0iuzFZd1zDIW0sZml/xOUWmY/w4ZA6lpXYrP63znA4sys/rP439nCY9eJ4pKz+19ZwSC9rLQFLm75uUc7SVlydkwfr8Vg/mZchzSwzxzvd6Lpfrty6TcMTmjjnrlsfvmL+8crP1CyO4528k92n6keDZ6+bY8nCfBe63Tp5Au/8gMbCM+PLcgk7x7rdtbqG/P51VX3jzCUGAoFAIBAIBAKBQCAQCAQCCYg8GBRS76QwGMjgAhe4wAUuf5eiZ2cxClscOCkwVe1fCd9AEgYDUf+mVhHQNnzT7qJifU6Qa5ztMmLqOFYwX8DfLFZErBGx4vTBaLMmm02VkqlK8sAV7XxpTdTwTUSt1+hrTXA2kznCZX7W66oO8B4XsM0FqxUFP7C6q4A3JSVh6TsoykYEvW9N7TARVyerfWGN4yzzRqdK5mExwjuSAjp5KE3rZJs/o3dFc3tDwlrHDeuDbDfFyzLeVJzorRY49/3Faa9huzJ/rKG2jWunWhkQdPQiojU99xfqdM2vZVEw3ymhrhfwk4Ka4kXjuLE+TUW6x41bxzVuyNaR1GOePq0bvIT3ViR3hrQc6WIDR0eJN67viueMaE1VmNCmhqXoElgu64ayt6kZtwnn2rLid/JrpCtkiEUnqspInn5rTQlSeFPD4r7irE7YA6B130t6byvutgeevTX1bSK7GB69p3j25G1KiDvEE/u0OoFfPBXjlBbc/VP8XKL+seiugumSPdfz0KaSuRTnopP0iyWaSxmNS/7fXOieKthjU5EJdUmKlVokF2dvzwa6WEXB9zoyl6VxhAEupeKe1oe5qjxZBvi6yIzKxZlXn3NF+rtEsgNDXCy5/Q67rNHCGUF8XZxZFjhFR7hLr7rszeVioKsouzMylzm6OyO+rwuVTEqMcUM7WkUu7riRpJQPdDEGyJmhfV2yUTlFdgnm1Z2hy6ieeLseCXJV47jcNUvE+StJ/OsNu9rFKuAglxLT5Td/hdcbSeJfH1pFThNbsUQ5X4WY56uJ3vPWh6K7Pky4Zsd3iteFaO+Cs8aIcn+x+oF25j6/+0sk60NvPS8JqU+Yvv5irZKJxY+nZMwcUpgLHRbFtWyqGWU6GzgeYoSm8Wlj/UXcdwO+mgqGr5exZxL2HMoyYS6OWGwb1w/vrJBLblcVn+/Q9sUh62U9YiKYa3bnJXfXndsnWr0hOsdKjxJeb5gnz/t8o+l9bJLgeZRVs/Gu1TgaVIpMuMtdH1ZK5BMoJaw+FFj74hNZ4nkU15TTusIGywJeheO3gOQ8DrTqc86naPcb1kpK8Hs78lyRGJXzEpa+59GjiCQkeA40BhHjPy4Zi7gfIuYmxENfCAQCgUAgEAgEAoFAIBAIBJLX/AcIuMeF+5wRowAAAABJRU5ErkJggg== + links: + - name: Operator Deploy Guide + url: https://www.dynatrace.com/support/help/cloud-platforms/openshift/full-stack/deployment/deploy-oneagent-on-openshift-container-platform/ + - name: OpenShift Monitoring Info + url: https://www.dynatrace.com/technologies/openshift-monitoring/ + install: + spec: + deployments: + - name: dynatrace-operator + spec: + replicas: 1 + selector: + matchLabels: + name: dynatrace-oneagent-operator + template: + metadata: + labels: + dynatrace: operator + name: dynatrace-oneagent-operator + operator: oneagent + spec: + containers: + - command: + - dynatrace-oneagent-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: >- + registry.connect.redhat.com/dynatrace/dynatrace-oneagent-operator:v0.2.0 + imagePullPolicy: Always + name: dynatrace-oneagent-operator + resources: + limits: + cpu: 200m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + nodeSelector: + beta.kubernetes.io/os: linux + serviceAccountName: dynatrace-oneagent-operator + permissions: + - rules: + - apiGroups: + - dynatrace.com + resources: + - oneagents + verbs: + - get + - list + - watch + - update + - apiGroups: + - apps + resources: + - daemonsets + verbs: + - get + - list + - watch + - create + - update + - delete + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - dynatrace.com + resources: + - oneagents/finalizers + verbs: + - update + serviceAccountName: dynatrace-oneagent-operator + strategy: deployment + maintainers: + - email: support@dynatrace.com + name: 'Dynatrace LLC' + description: > + Install full-stack monitoring of [OpenShift + clusters](https://www.dynatrace.com/technologies/openshift-monitoring/) with + the Dynatrace OneAgent on your cluster. OneAgent connects back to + Dynatrace's hosted monitoring tools. + + ## Before Your Start + + 1\. Make sure to install the Security Context Constraint (SCC) in order for + the agent to properly monitor all aspects of your Pods: + + + ``` $ oc create sa dynatrace-oneagent ``` + + + ``` $ oc adm policy add-scc-to-user privileged + system:serviceaccount::dynatrace-oneagent ``` + + + 2\. Add a Secret within the Project that contians your API and PaaS tokens + + + Get an [API + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens) + for the Dynatrace API. This token is later referenced as `API_TOKEN`. + + + Get a [Platform-as-a-Service + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens). + This token is later referenced as `PAAS_TOKEN`. + + + ``` $ oc -n dynatrace create secret generic oneagent + --from-literal="apiToken=API_TOKEN" --from-literal="paasToken=PAAS_TOKEN" + ``` + + + You may update this Secret at any time to rotate the tokens. + + ## Required Parameters + + * `apiUrl` - provide the environment ID used in conjuction with this + monitoring agent in the API adddress, eg + `https://.live.dynatrace.com/api` + + ## Advanced Options ## + + **Image Override** - use a copy of the OneAgent container image from a + registry other than Red Hat's + + + **NodeSelectors** - select a subset of your cluster's Nodes to run OneAgent + on, based on labels + + + **Tolerations** - add specific tolerations to the agent so that it can + monitor all of the Nodes in your cluster + + + **Disable Certificate Checking** - disable any certificate validation that + may interact poorly with proxies with in your cluster + + + For a complete list of supported parameters please consult the [Operator + Deploy + Guide](https://www.dynatrace.com/support/help/shortlink/openshift-deploy#parameters). + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: mongodboperator.v0.3.2 + namespace: placeholder + + annotations: + alm-examples: >- + [{"apiVersion":"mongodb.com/v1","kind":"MongoDbStandalone","metadata":{"name":"my-standalone","namespace":"mongodb"},"spec":{"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbReplicaSet","metadata":{"name":"my-replica-set","namespace":"mongodb"},"spec":{"members":3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbShardedCluster","metadata":{"name":"my-sharded-cluster","namespace":"mongodb"},"spec":{"shardCount": 2, "mongodsPerShardCount": 3, "mongosCount": 2, "configServerCount": 3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}}] + + spec: + displayName: MongoDB + provider: + name: 'MongoDB, Inc' + maturity: stable + version: 0.3.2 + keywords: ["mongodb", "database", "nosql"] + + maintainers: + - email: support@mongodb.com + name: 'MongoDB, Inc' + description: | + The MongoDB Enterprise Kubernetes Operator enables easy deploys of MongoDB + into Kubernetes clusters, using our management, monitoring and backup + platforms, Ops Manager and Cloud Manager. + + + ## Before You Start + + To start using the operator you'll need an account in MongoDB Cloud Manager. + + * [Create a Secret with your OpsManager API key](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-credentials) + + + * [Create a ConfigMap with your OpsManager project ID and URL](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-onprem-project) + + + By installing this integration, you will be able to deploy MongoDB instances + with a single simple command. + + ## Required Parameters + + * `project` - Enter the name of the ConfigMap containing project information + + + * `credentials` - Enter the name of the Secret containing your OpsManager credentials + + + ## Supported MongoDB Deployment Types ## + + + * Standalone: An instance of mongod that is running as a single server and + not as part of a replica set, this is, it does not do any kind of + replication. + + + * Replica Set: A replica set in MongoDB is a group of mongod processes that + maintain the same data set. Replica sets provide redundancy and high + availability, and are the basis for all production deployments. This section + introduces replication in MongoDB as well as the components and architecture + of replica sets. The section also provides tutorials for common tasks + related to replica sets. + + + * Sharded Cluster: The set of nodes comprising a sharded MongoDB deployment. + A sharded cluster consists of config servers, shards, and one or more mongos + routing processes. Sharding is a A database architecture that partitions + data by key ranges and distributes the data among two or more database + instances. Sharding enables horizontal scaling. + + + links: + - name: Documentation + url: 'https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/index.html' + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAH8AAAB/CAYAAADGvR0TAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4ggYEhkp9JVi8gAAFENJREFUeNrtnXmcVeV5x7/Pe86dGUZQUdwAo4Kaam1cUAdm3DAYl1ZjmmhMYkUlkMYtMVVrVExqY7q4oabNp6EuMdpEq8ZGpf1oJCbKJgxqlWiIgIrACCgimwJznv5xlvue5d65dxjsvXPP4+d4t3OB+/7e37O/7wsNKhdNv9iZ8uqNQgOLadhfLnLA7CV/OOrT/3JMDn7D/XDh02s3bRr/h4ufz8FvNOnu1s9v2rL5/EZW+06j/eCJT09i1Pijdhb46ZpNGwa4Jw4x7097+9mGtHyN+KMn/fob/yyYK998byWLV727FXQPgfcXXjIjV/v9Uc7/nwkATHhq4t+q6pWKUjAOgroCf73wkhkc+KOOnPn9dwJceIkx5k6DwRjDyg/XsmD52+Eg7LHwkhkrc+b3Izl32nkAnDftgkcV7kRBUVQVxxhAw1ufOfBHHaaR2N+vwf/KE+fS7W0Z8LVp5z2t6BcIQPfhViSu9w4BLlt4yQxG3NmRg1/v8vO/uB/EmY3qOFDUC3iuiiq4xsHXBOAB3cptI+/s+KvFl87ggAaYAP3S5n/pV18WjNnBUZllxBwiAo44CIIYgxHBiMP6jzcxd8kixFIBAp7AV/546YyHcubXoXy03gVPf6noIaGS93xLT6DxAcU1DhIMQngJGFUe3P+OjhMB9r+jI2d+PciZj30JcUWkW6Yb5AQxBgeDiGCMYDCIBMw3ho82b2XOooUx5lviASe9cdmM6Tnz60AeO/NhdKveBHqCRgh6Edsjex+8doz0RIxn9r+j41BfA7TnzK9VGff0WbSu964V4QdGDIJgQpYHjyImYL/giKFblecXvo6RcsOgHrDHG5fNXN3fwHf7yw9pWbe1DZEbQNBoVvvPNHxHFSR8D1Q1dp/lECS14//uf0f7/t3CRuPBom/NzMGvFTnl4TP2VHS2IqAB3AKqgieKo4IHGAkifFVUFNcxKIogKdA1/rgXMGvJpTMPzW1+jcjJD5/u2y7hwZDJSRB9WIvve9FzP9YPX3kUn2vxFqR4fWbk7e33Aoy8vX/Y/7ot6Y576DSePutJTn749O+DjAd82y0SZe5EAk0QvCcUH0FA4K33VvvvV/bXHrbLqXu/suhbM1/LHb7/RznxodMwyJ+ImFccEdd36ASDH8b5Dl8Q3gVhXuj8SfC+4zg8+9rve3D40h4gMAp4sd5tf92q/elnT0PR/0Q914spdgJ1roE61+i1F5mAwMUT6S1h7u8PTl/dgj/2wVNvVThEAzx8e2/bdBJef2jMLd9Atbd//cEjb29/LAf/E5ZjfzGK439xyi6q+o2wQqfqUXT4Am8+8Nw8y7FLagXdtn/K50dMaT8OYMSU9hz8T0KeO6cTD+9nCq2hCbYJrBnPovvs/H4vma9avICHARZ/e2YO/ichHf9x0qkopyVr82GDBpE2KDZtqHWvhpogeL+lUCgJbtaVkN1GTGmfmqv97SyjH/hsyNfvpZMwCdWeUuqhdogS/CXB7oWcO2JK+3Bf/Y/Jwd8eMvtrzzD6gc8eC9rmqaXC1c/RqfoFHE81075HvgCWBthWq+//qS2gj+bM386i8IiStu+R8leNWXjb67dDvMgxrBp8zbgAOGrElDFfWPztWTn4fS2j7h/LkQ+ceKaiu0VAaqjOk2zGsvvF19ZDZPfRLPi1zFVWrgUYeduYHPy+ksPvH0vnub9B4W+8BGsjSGL2PAGVxplP4vt+Sb9igKMsjxDL+yPKqJG3jTl50eWzcvD7Sl489zccdv/Yg1T1mBg3LeRDhnuZXr+t/hNaQqHgOj1CngQ7OU+s4tCjAPvVCfvrQu2r6r1gVd80bs9Dey+AemrX7YqRgGrC69fIfJRgcnRF0YD1b7Avay607nfbmDPZsiUHf1vlT+87nkN+dsLexTRu3JVTjSduvIR6Twd8dhRgpX9LMzle6q3EMKheseSqeex36+gc/G2RBef9FlRPUWj1U7aaAEIDmy4Z6t1iOxpL+GA5gl4Gm8uC3HMWqGO/W0cftuQ7s3Pweyv73ndcyObJIavjSRvbU/fifrpGjVsxb59EgFecPGWZ3Jss0L/Wg9qv6Xr+gfcd1+bAbCeozTviPwrghvV6kUSzZrGG74hBwH8UgwiEzZ2OGFzH4dW3l7Fu00d9NhDBn7MROBh4a3ENa4CaVvuiXBxT82qHepbXL/HQL5b0EUmVedmGDJ/0cAXSCpyyuMZVf002cI786bEItCi021k5FX/4QxstqsWmXJGiLRcJ7vcfRSRKBdjNnapUFOb1LkJhMvBvuc2vUhaNfw6FQQojwyXVWM4YqjGvH5VEsVaLqd6MeN+2/64xlTA5Ow9ouQJe4lIYtu8tozty8HshnuqXvXj1naxcnP/cSyV80l4/VnJHoySPY6RH+kehnw2uVhT+fScHv3dyeXzwNeq/KC7FSoIdDwND0KP2bdUMSONM9rJY3Pty75H73jK6NQe/CtnvnvbBqowopmxJlWHTGkFT+Xs0I0ljN3daKrsS+98L+RSwRw5+hTL87na6VcbZ9hrNAFATmT6NR/Hx9K4mcoPxhVzbK4YOUsaX5uBXKO9cOBPfyy9n7232B80cVi9fmA3ESvhkNXdq34CbeVnz7KIc/OrkzzwbSEtd26ocqy+PhJOX8vpJN3d621DGreKrzfvc3HZYDn6lMTJ6UBHwEKSMjpykVlAt7fVnNHdGwEp5FvcMdrF+4GVcwMn73NyWg9+TDLtrtKMwFEpU5EJHzvrQixie5QymJ0LsDnuVZkUTMwvsHhVBx1tXzMkzfD1JNzLWsRmugooPsETZPcW/R2IFHN+DV8LQXVRRMUEKMPxMYgma0kxOmgoyzEdFmT6Aw3O1X5mM1WTEZoVu8UZMUmVem9BRCZdkG1eyEuBFXUAVMrks2BlFwOH73tS2Yw5+z2p1XFaRxqvI609z1s7yxU2HWhpfKmZ0T+X80DE0iQs4Kwe/Z/APTa6viK27s7J1ttdfbXOnJl35KsEtBXJ2TUABPSG3+WVkt7vaBgEFjaJ38JDAvqeZLyWehyAhQf+eiNXNE34mUcyvHiWrOJKeHxW7hQk5Jge/7JjJEBXfsfMiFoWUlcBpI3Lo1C7hkiz9UtxtJ6jrq6eokZRLJ71SgVrFXYL6qd5c7ZeRnYNwO8bwLAcs+VnKS1dKNnfaWT9T0ZYsPS/gKH4ieMHVHT33P9v7prYhOfglxIMhsZ46jdttuxQbX2xZfXNn2LpdcA3lV+lkAV0EtzsGspSLFATIwS/DsB2ChFtmNi9ksO39q/auuTMxfcpyPQ10hUo/mUhQHZTb/AwZPLUNYGcPMBQ3SkRBRYNuHX9m+EkeuyYnMTNgYuz3k0Rhy5f/OnQnQ21h+mKnDog2dSw5AXbJmZ8haybOQWFgejPEeMq2VJnXs5o7PXvcJavM62f7wnu9Sku7qki5q/y3BRiQg196bAfGnTVSS6/CnL5nq2dNLse2l2dZSR6NL+UuklIqA3vbf2IhB78MO7I8+hAkz4/YYuCFyzPC1TZZzZ3JvF9sJU/vmdwbGZiDX1r20MTOKWECx4uFcHFVrclevNhzDxL782BNKlNFzN7LjKU9iWtqkUxNJXkUXS+RI1bcDtlDMYHjpgkl7QXungabK4f7Knqov8LW2mhRk16/KK5r+gTgWGhaJ1Jj4LNOiDdlSjHHl1nmdaLPLc/fXqhhfU+iFR69a9hUa+ZplQpDtq+CqX/wSXFeLIb7QHsKjhAu0wlCQaxVPFb6N4rrJbg1SPwE6/3K9fFpKSZrDwCXvFcBNufgl5bV9vq7MMZPTweNGjnsoo79WTSVxAT2XvxCj81+wDHGdyQrZW85nd+zfJQ7fGXC/axxTfbc99Tc6VmsVs06REGjtK+UOGcnc+lWun+cKto+FFifM7+EeMqHRgJeBupcokRN0fe3tYOHX5zRmMkAzQKagP1Blg8tbuci2Wq6r2Vdzvwyah8oEcRlLbDKDKeKmoH4Hj6aTA6FMWTyeI3t55mtzcEvLe96mraimuq5tdV9Vmt3Yv+9jOROBLZsH7AzNm9SD97PwS+lEye9sCL8N6l1SEKsBaua5s4UlzXe3FltvFYZyLGyrtX7Lx6szMEvP5wvJ7N0sRi/THNnvAwbP1ghy2RUw/keQSZ74YclH6y4eu7WHPzy8lRy1L2kzdf4ku2wuTOaJJa697dlIb7lOumNmtKTJ35FUUCPK3pKNoXU3LGstQj+Q1piG1UyGJ+eFOk0bkyD2Dt3EqzBz4CqsrV5Ve3P+1QOfo92f+48YItmeP3pHn57V83k2XiasXmTvcwqDPO0t0yu9qf9Mge/Uruv2RF3chdNz8rwkfAPsvbwKf4hyZp+KTb3TYj3znfnrRr+D0fm4FcgL0SJnxJePwn7H2/uJHHAAtnNnfKJxfevArzz3Xk5+OVk0E+OAvh1qbNtyYj9yzd3SvxbGt+fY/NWb/vpr+JKn85aZFgt2nyAx1KAa7H33o6hY15/LOGTbACLO4ihryCS7BDoE7CT5mR6Dn7lE0CBB2MnY2Tw39um5s7q9+Cs8uQtW57Mwa9ObshKxKQOTbK47SXUf1ZzZywrCGwtofarBLec/Peya+ZtzcGvzu4vAV2qatvrDJ/cbu4kq7kzWeaNr+CNFmv2DdBZ8v1aZVetqn3WTZq7ybaVqdCbnps7S63vKzqF2tdAJ2UVsGDYD4+sSfBdaluuBh0fdubYnTqVNHfaZ+l4QStX6Cs4wfKfrVs9ZPv11M5fds28DTnze6H6102a2wU8mqnuS2yhni7zxhs8U3F/H1O/mBZWgB/WMrNqFvx1k+aGtv8GoDt5nl6m1x9L4JMq83qprKHS3e31GdhiOQ0Kbyy7Zt7vht84Kge/97LlZdClWXbf9vq9MsmfeEtXMczzAM+rDtwkyF54kSr1XgHwzrWdNTuyQh3IoJ8cdQzIc0b83nuDf7iC/drgvzYIjpHgeBWJ3ncQRARXgvtFcI1h2dtr6e7W9IBoOrNQhYFYA4wAPlhew+CbOgCedZPmPg88kQJBExk7SLR3pb38ZCa/e4sXi/GSTK66P9e/bll+bWdNA19HzD8a4EgR5orFcqF44FLI5kgDBIctOYGWcAIN4QQHNUnwuHTxB7339rNnxOrl13XuVg/jWhcnaq6b9ALrJr0wT5VfJcc9eyl3afarlfDxVCtlcjXl/OupE6mrI9SBs4H3SjV3UqK5UxNef/i1yNb3Sa8GAB8CU4f+YFRdDKZTT8hvfnxZd8sZwzYDp/gLMHwTQGACwv31JEjoiP+/xD3BcxG8bmXj2s29Nn4Zq3qOX35d59J101fkzN8esnbiC1OAWSFjk2pd1Gr7DmieLvMG3+khxq/wDL3w739i2XWdc4bVCevrEvydph4N8OcKG8s1dybbvWJl3lDtJ1ZoVnKsWtbqoOCMnosBll3XmYO/ndm/RtGrifFZMxI6JZo7g46eJnVioGeBXOqkrcT6/jNWTO58e6+/H1VX4yj1CP5OU49m7cQXGDy17QGBrxoJbHxWwkfEP1c3CgWLCZ8dNxZYvPK9aCMH6d3OGtMFxinoismdOfifhAT79g0E3jbCYBMAKhG4xcfoEGYER8LJIQzd0MpLq7p8h7B3of1moKVrcqfW4xiaegV/zcQ5rJk4Zz1whMLmrNZtteZ3uA9nsblTGZKxLV7lob0CjO2a3Kl71pm6r3vwQ/avmTjnTYGz00uxrJbu1N59/n+70lqy8aOcqxcUiW/smtw5E6CrztR9vwB/zcQ57DK1jfe+Pue/QCfan3lJniaaOz1gT7NDopOnCK4Em7IaDS+iS5Qfd02ef92QG4+o5+GrryRPlmx6fBm7/nsb7319zvwdzhg+FGFUmPAJfYAw4SPi+/Xhhk0dW4ay6OP32aAfR/UB0R5P0J4DfHHQ2L303cnz63rshH4mQ+4a/YhB/jL0+p0gCnCCvXfcwPFTUa7aeDRPbvgjszYsrdTpWwAcvvz6+Vv6w1iZfga8rJ4w+4vA42o5eGGyx473W9XFxfCZAXvSXaLAkzjQ4RWFY/sL8P0O/NUTZuvud41h5YRZZwC/S2b2bH9gL28gHsrQwo4MMG7ZjReAJQptmtgtrN7FpR/K7neNoQXGfgyPKZxerAKGXb7K8O5BYPxunt0Lg3hnc8m9kuYDY7uun7+pv42T6W8/aOWEWaycMIuPwevyNcDP7eSMBrt47OPthAq4jsMRA4exVb0spf8ydI+mxrZQy8HvQbomzGLoXWNYPmHmVxWuDIEHKOAwmBbECCKGk4ccxGB3QBTxB3H8j4FRXde/vKXr+vmag19nsnzCLIbd3c6yC2feDHxToRtgR68JFx94YwweylUjPkerFEB1M8qVXde/eBHB/f1VhAaSfe7p2FeQBQfozq3neAfhOAWaCk00NTXT3NyCNLXwT68/fvBzl097ba+/O5wV33uxX4+HaRTgP3V3B29dMOPNN2X50GO6h/mt38ZEl2NcWp3Cxc9dPu21S+/5Zr8HvuGYH8rUqVfc6zru+EKhiaZCE81NLTS3DFjluk0HGnE+OPGkCxtiHNxGBN8x5hERM96IwTEOxnEwxv39uM9N/KCRxsE0IvjGOAuNMVt8le/gOC6OcZ9tuHGgIUWXGuNsdYyDBPbecZyXcvAbQM6/4B83OkZWi3FwHRfHdTGOuzQHv2FUvzsj8vSdAq5bWJGD3zDgm07HMRingOO67DBghw9y8BvH43/diIPruriOi1tokhz8BvL4HccNVT5OoUAOfqP8cMdd5YPv4LpNFNzmHPxGkTPOvHyN4zg+8wtNNLe05OA3GPspuAUKhSYU2TkHv4Gk4BQ8t9BEU6GZ5qbmQTn4jeTxu4WX3EKBQnMzheaW3XPwG0Se++0DtB97zqjWloG7NhVa7m5pGjCYXBpHXlsQ3wZ/w/plDfX7/w9sJTyL9hMvGQAAAABJRU5ErkJggg== + mediatype: image/png + + customresourcedefinitions: + owned: + - name: mongodbstandalones.mongodb.com + version: v1 + kind: MongoDbStandalone + group: mongodb.com + displayName: MongoDB Standalone + description: MongoDB Deployment consisting of only one host. No replication of data. + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + + - description: The service where the MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + - name: mongodbreplicasets.mongodb.com + version: v1 + kind: MongoDbReplicaSet + group: mongodb.com + displayName: MongoDB Replica Set + description: MongoDB Replica Set Deployment + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Number of members in this Replica Set. + displayName: Members + path: members + x-descriptors: + - 'urn:alm:descriptor:text' + + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + - name: mongodbshardedclusters.mongodb.com + description: MongoDB Sharded Cluster Deployment + displayName: MongoDB Sharded Cluster + group: mongodb.com + kind: MongoDbShardedCluster + version: v1 + + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many Config Servers will be deployed + displayName: Config Server Count + path: configServerCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many MongoDB Servers per Shard will be deployed + displayName: MongoDB Servers per Shard + path: mongodsPerShardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many mongos will be deployed + displayName: Mongos (MongoDB Shard) to be deployed + path: mongosCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: Amount of Shards to be deployed + displayName: Shards + path: shardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + + install: + strategy: deployment + spec: + deployments: + - name: mongodb-enterprise-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: mongodb-enterprise-operator + template: + metadata: + labels: + k8s-app: mongodb-enterprise-operator + spec: + serviceAccountName: mongodb-enterprise-operator + imagePullSecrets: + - name: '' + + containers: + - name: mongodb-enterprise-operator + image: quay.io/mongodb/mongodb-enterprise-operator:0.3 + imagePullPolicy: Always + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MANAGED_SECURITY_CONTEXT + value: 'true' + - name: OPERATOR_ENV + value: prod + - name: MONGODB_ENTERPRISE_DATABASE_IMAGE + value: quay.io/mongodb/mongodb-enterprise-database:0.3 + - name: IMAGE_PULL_POLICY + value: Always + - name: IMAGE_PULL_SECRETS + value: '' + + permissions: + - serviceAccountName: mongodb-enterprise-operator + rules: + - apiGroups: + - '' + resources: + - configmaps + - secrets + - services + verbs: + - get + - list + - create + - update + - delete + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - mongodb.com + resources: + - '*' + verbs: + - '*' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/couchbase.1.0.0.clusterserviceversion + packageName: couchbase-enterprise + channels: + - name: preview + currentCSV: couchbase-operator.v1.0.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/dynatrace-monitoring.0.1.0.clusterserviceversion + packageName: dynatrace-monitoring + channels: + - name: preview + currentCSV: dynatrace-monitoring.v0.2.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/mongodb-enterprise.v0.3.2.clusterserviceversion + packageName: mongodb-enterprise + channels: + - name: preview + currentCSV: mongodboperator.v0.3.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_08-certified-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_08-certified-operators.catalogsource.yaml new file mode 100644 index 000000000..77cdb1ff6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_08-certified-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_08-certified-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: certified-operators + displayName: Certified Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..035e4e8f4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..9a0e3ce53 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:3f3909a6bdf6f4bf429e114832c8cfc03c731f9403b91417d5dc246ad0448772 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..853c5406d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,42 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - openshift-operator-lifecycle-manager + image: quay.io/coreos/olm@sha256:3f3909a6bdf6f4bf429e114832c8cfc03c731f9403b91417d5dc246ad0448772 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..965817229 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,28 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_13-packageserver.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_13-packageserver.yaml new file mode 100644 index 000000000..43b4b9544 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/0000_30_13-packageserver.yaml @@ -0,0 +1,151 @@ +##--- +# Source: olm/templates/0000_30_13-packageserver.yaml +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.packages.apps.redhat.com +spec: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5VENDQWQyZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01Ua3hPRFEyTlRaYUZ3MHlPREV3TVRZeE9EUTJOVFphTUJ3eApHakFZQmdOVkJBTVRFWEJoWTJ0aFoyVXRjMlZ5ZG1WeUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUF3SmQ5Yk5mdzliMW1PczRncDdlZ0FWKzlFNEgvVUhReDBZSzhoMXFvb2c0eTZWWjIKMVdkUDhLaW5EalJVK0tUamxOazQ4b0Z1aXFKU2VNTmRYS2Y4bUEvK3F6Q2ZFRWt3OEdNMnZLSVB2NkRQeUY0NApBWGhjbVJjMzlFQ0oyU2d0TmxGRU5senhiWFdjQ1ZHRnk4VVJGaVpqdFNJdEpTRTFjVWNnT0dYWGFhVE5ib2Z0Cklvd3FtK0YxWHFEQVhCM1h2c2M2bUkwM0ovZjIvU1AxNC91TVo5SmlaSXg2OCs5OFdPRDhHdmpibWhuSzk5azcKWHdzMm1ZQm04dVR6REZQSjJNd3BPb2xrTEg5ekpjVU9zMVJuV2hvYm5Fek05MGt0NUVPSEdseW9KdGhZTHRWWgovWVlMN2t5YjF4TjlYZ2RKalVOazUwcFhLYlE5RGpQWGczMmwzd0lEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBQnlWVjk5Ris1K0pxcmVoN3VFTjlRMDNZd1QrUnR1MgowYzJqQ0g4REltSHdUVlJhUTNxdzJwd1NUV0VJaEpGT2wvOG1tdkl2VHdoNmM1OGxrNVhYeDl4cHVQc0dtTWtjClFZWkFIZVRSeElWS08renFLUHdSZmdXRzV3WTB6UGNZZUFadU5mbVlzR2NmVHNGK2JFc2FsMXY0S0laQkFNU3QKUlFDaW5jWCtpT1BTK0dEMUtMSGJWUEQrM0RkUUtVeC85cURJSHk2VERCUTJtaVJmN2hFblNWM2dPWlVmWWFvTQptazVuMTRjOG9aMFVOUkVZZHluVmNBL2ZnbGNkcnR2UFp5eE9Ca0tadWxINGhJVDhQTVprcTBuYmxTRlh2anJTCjUwVTlVZ3hsc2tOc3kvbGtLNkJhNFozUEE0d2NPSVphd1psUmtWMmRvcyt3OHVGbnI3Q1BWQlE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + group: packages.apps.redhat.com + groupPriorityMinimum: 2000 + versionPriority: 15 + service: + name: package-server + namespace: openshift-operator-lifecycle-manager + version: v1alpha1 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: packagemanifest-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: package-apiserver-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aggregated-apiserver-clusterrole +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: package-server-certs + namespace: openshift-operator-lifecycle-manager + labels: + app: package-server +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURhakNDQWxLZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01Ua3hPRFEyTlRaYUZ3MHhPVEV3TVRreE9EUTJOVFphTUJreApGekFWQmdOVkJBTVREbkJoWTJ0aFoyVXRjMlZ5ZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXAyU2pFc3VneExNcUxnQ0JKcjdPRUV4dGpPRE9DdXp3d1VQL2RkcWVIL2RtMURmNkhVM0wKaVhrSk5WQ051TUFiK3BIcExzb2tiZ3ZjNkhCbTNHL2sveURod3Q3NlZrQ2lHdlN6WHZOVVl6RU8valNQcGVOOQoxSmFCa3IxWHp1UFJ6bXo4RUNuckpRb200Ukk3RDhQb1A3ZlA4cFJwU2plOWx4Z0ZlWnVDVm5qMG85YjlwcVdhCnVFQllOYTRydWFqRzFDblVhRzJ6aVBDUzhqbUYxN1J4RnBQR2JZWFFDaytCcVNHNHAyS0dEY2hOT3kraGhsWjEKRVVpMEFIa0dwMG5hdElPbDVNS1JpQnl1YVUxemFyK210V0NPREZ1Ly8xUnBlbXlCNjhYV2hoZ1BHdno1TWpaLwp5ZUFLTnMySnh3dzVmWDRlNFVXQUR1SnBnaHZYaGFQemNRSURBUUFCbzRHNU1JRzJNQTRHQTFVZER3RUIvd1FFCkF3SUZvREFkQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXcKQURCM0JnTlZIUkVFY0RCdWdqTndZV05yWVdkbExYTmxjblpsY2k1dmNHVnVjMmhwWm5RdGIzQmxjbUYwYjNJdApiR2xtWldONVkyeGxMVzFoYm1GblpYS0NOM0JoWTJ0aFoyVXRjMlZ5ZG1WeUxtOXdaVzV6YUdsbWRDMXZjR1Z5CllYUnZjaTFzYVdabFkzbGpiR1V0YldGdVlXZGxjaTV6ZG1Nd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFNFYKUmpCQ3o4VWtGTWFZcHp2REFtVC8zcjU1K1NRZ1UvbDgzMFlHYnV1MWhobCtkOHB3R0Q3UmhqV0ZTQkhaeklocgptQmVEeEtoZVBtaFB4NDFETkpLSzgwR0QyNG54WG56YTRNWWRXMllzdjFuN0c1MXVONi9yWlZXUTlJWlZhZ2o5CmF1OUZ5cWh4bTlHVElaNTdlWXh1Y3U3Mi9WaElSZmQwREpmcE1TK3VhZmFveCtVU0llS1pxM1hBUzAyL3RwUnEKTlRsYnlDTjRWOUk1bW1ZRTU1bHVaRU5oclZWaDhSRHU2WTJVQ3NnMitjZHNqVDdFY1lVY1R2KzBkcWF6cWZGYgpXRkltUlJzaDBQY2w0blRWWEJOZlcrVjc4NXFGaVp1OEhuYWlhVDdCWlY4QzdCMllmTm51MnMzc3pNeHM3Mlc2CmFCdXFSN0syMUlVV2ZzZ2Q0aEE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBcDJTakVzdWd4TE1xTGdDQkpyN09FRXh0ak9ET0N1end3VVAvZGRxZUgvZG0xRGY2CkhVM0xpWGtKTlZDTnVNQWIrcEhwTHNva2JndmM2SEJtM0cvay95RGh3dDc2VmtDaUd2U3pYdk5VWXpFTy9qU1AKcGVOOTFKYUJrcjFYenVQUnptejhFQ25ySlFvbTRSSTdEOFBvUDdmUDhwUnBTamU5bHhnRmVadUNWbmowbzliOQpwcVdhdUVCWU5hNHJ1YWpHMUNuVWFHMnppUENTOGptRjE3UnhGcFBHYllYUUNrK0JxU0c0cDJLR0RjaE5PeStoCmhsWjFFVWkwQUhrR3AwbmF0SU9sNU1LUmlCeXVhVTF6YXIrbXRXQ09ERnUvLzFScGVteUI2OFhXaGhnUEd2ejUKTWpaL3llQUtOczJKeHd3NWZYNGU0VVdBRHVKcGdodlhoYVB6Y1FJREFRQUJBb0lCQUZaVUlZSUZBSEhSVU5TTwpzQXpTWktXbE5PNXQxZlZ1Z3krNUtOdVlGdXEzaGhHMm1NaGFJYmxSY2IxTVFQcmlJTXZXU21NMkh4bWVCcHpkCnN6N0dlbHhWa2ZrVlZCZjlsMXk5akhCUW45blVLRDVUenkybnFISmwrSWM4SFRmMjZISkVaSzdWWDQ4bnNDdHQKWW9aYjY4Qkl4UGIvTVZuMGExT3NNTTZwczh0eUdpKzgzWG9valhOc1kyRmFTSlc2OXpPR0NEN3NIK1lwSk1yZQpTdDhoVnF0cGs1Qml0cm1GOFdRcFhiRDNMQ0tjeWVKSmJvQjNEVVVCNkJjdHl4b050M2pNU24vNEFZUEx4SW5YCjVRN3dJTEpyL2tkU3VvUlBkb0pxckN6WXZZQjE2TUE2QzZNbnFmeWZKNXppZjhWNkgvUlhJU0twOWczRHdWWm0Ka2tiK2pnRUNnWUVBMmpGb2VRczdFVTQzbjkrOFJVSTRJZXJhczBiSGNYeGdxR2hPZ1FCczVKc2g1bUVWQmk2cgphWXpHVXZhbXNjT3pnRytqWFg4UlNhZGx6VmlHNmNMY0gxcEw1cC96ZkFveWJaNHZRU09FQ2xYU0pzU25VQ3JGCmZsUUZkZDFXb3Q4dVQxWGY4UFEvWEFzWVRpQkdwT3R3MTRhMHVsVm4vRm01WW5LNHhKdEVJS0VDZ1lFQXhHWFoKd0hGbzAvV2tpYXBnZjhDOUpOMnlNNWtBTGh5VXpVZVJTQ29waUtUYnp0Y2ZydW92bXBOTDNSbytRWXFGNU4yRQo0ZXUwR21pNzFTVFVjVkM3dkFQWjRNS0hiNkJPcTAzN1E5WWtLQVdoV1VmVllzSElNaWl3UlJZS0hTOTQrNlNWCmRJczZOeStla1RYUXAyNXRBcDNabFRCNWNrb0NlV1FzVklEelVORUNnWUFZc21MNjRIU05IdWRZNTBBdUxyS2YKMUM5dy8xL3Z6bjQ2VWFRaEllVXhjd1hCUjlmVFhWRDFuNE9MUEhQZHh5TDROS3F2R0lUaWExb3doZ2F2U3VrVAplMnIvN2Jibm9WZlg1SUhBdzc1Y1ZSNTJXT2YvUVBnZHRuRHZ5Ri9ZQzU3NFIrWVRKZkpOL3N0L2ZGUENzd3VRCnVhU1hPcmVNYnJOM0d6a2l0OWhjUVFLQmdFWkhuREI5Wk9IVW1WaWFHNFliMXBPR3Nlbzg2ZytXTXJseXpzNWcKS0JTNXlkNnVwS3ZYS2NuS3crOFBJUkFiSGViVVRtVDZENjBUcFlPVWRtRkdYcWZkU081aExrNEhzNThoZkxTOQp3SnFCeVVkRnFWcDV0Y1lkUVZhM21FN3hXZjNTMjVpazZlUXRxalNVYVdKQTVjbDE2eEswRWdHUDhtcTJLaGJqClBpN0JBb0dBQ056VzhOZkMvTG0ybGNiOW9LWnd2ckUwUThvRnZJbGRWRi9DS00rSVhMcDZwTXd3cUtCaDZ5VDMKT2NjaFNsTUFwUzJwQTZCRCtZZEJ4MHAwYmxPSUJuMnRLekJwSU1zZEFaYVo5VllUM3pFYWZ5VFFxQ2cxZTRuVAptRis1RVhRY01WZGFJQkwySFdpcnUxeWovdHozdHpTVzZUWUlQT3d2TisrbnlJeHRLZ1E9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: package-server + namespace: openshift-operator-lifecycle-manager + labels: + app: package-server +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: package-server + template: + metadata: + labels: + app: package-server + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: package-server + command: + - /bin/package-server + - -v=4 + - --secure-port=5443 + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/coreos/olm@sha256:3f3909a6bdf6f4bf429e114832c8cfc03c731f9403b91417d5dc246ad0448772 + imagePullPolicy: Always + ports: + - containerPort: 5443 + volumeMounts: + - name: certs + mountPath: /apiserver.local.config/certificates + readOnly: true + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + volumes: + - name: certs + secret: + secretName: package-server-certs + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + imagePullSecrets: + - name: coreos-pull-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: package-server + namespace: openshift-operator-lifecycle-manager +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 5443 + selector: + app: package-server diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/image-references new file mode 100644 index 000000000..9d5e878bd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.7.4/image-references @@ -0,0 +1,11 @@ +##--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: olm + from: + kind: DockerImage + name: quay.io/coreos/olm@sha256:3f3909a6bdf6f4bf429e114832c8cfc03c731f9403b91417d5dc246ad0448772 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_00-namespace.yaml new file mode 100644 index 000000000..e09ac2c0a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_00-namespace.yaml @@ -0,0 +1,15 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + labels: + openshift.io/run-level: "1" +--- +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operators + labels: + openshift.io/run-level: "1" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8ab035f63 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..55ec96299 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,760 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..1cdf63651 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_03-installplan.crd.yaml @@ -0,0 +1,79 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..9894ebd30 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_04-subscription.crd.yaml @@ -0,0 +1,74 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..0b17256bd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,120 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..c35648f53 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,13200 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: clusterloggings.logging.openshift.io + spec: + group: logging.openshift.io + names: + kind: ClusterLogging + listKind: ClusterLoggingList + plural: clusterloggings + singular: clusterlogging + scope: Namespaced + version: v1alpha1 + validation: + openAPIV3Schema: + properties: + spec: + description: Specification of the desired behavior of the Logging cluster. + properties: + visualization: + description: Specification of the Visualization component for the cluster + properties: + type: + description: The type of Visualization to configure + type: string + kibana: + description: Specification of the Kibana Visualization component + properties: + resources: + description: The resource requirements for Kibana + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + replicas: + description: Number of instances to deploy for a Kibana deployment + format: int32 + type: integer + proxySpec: + description: Specification of the Kibana Proxy component + properties: + resources: + description: The resource requirements for Kibana + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + required: + - replicas + required: + - type + logStore: + description: Specification of the Log Storage component for the cluster + properties: + type: + description: The type of Log Storage to configure + type: string + elasticsearch: + description: Specification of the Elasticsearch Log Store component + properties: + resources: + description: The resource requirements for Kibana + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + replicas: + description: Number of nodes to deploy for Elasticsearch + format: int32 + type: integer + storage: + description: 'The storage backing for Elasticsearch. More info: ' + type: object + required: + - replicas + - storage + required: + - type + collection: + description: Specification of the Collection component for the cluster + properties: + logCollection: + description: Specification of Log Collection for the cluster + properties: + type: + description: The type of Log Collection to configure + type: string + fluentd: + description: Specification of the Fluentd Log Collection component + properties: + resources: + description: The resource requirements for Fluentd + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + required: + - type + #eventCollection: + #normalizer: + curation: + description: Specification of the Curation component for the cluster + properties: + type: + description: The kind of curation to configure + type: string + curator: + description: The specification of curation to configure + properties: + resources: + description: The resource requirements for Curator + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + schedule: + description: 'The cron schedule that the Curator job is run. Defaults to "30 3 * * *"' + type: string + required: + - schedule + required: + - type + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: deschedulers.descheduler.io + spec: + group: descheduler.io + names: + kind: Descheduler + listKind: DeschedulerList + plural: deschedulers + singular: descheduler + scope: Namespaced + version: v1alpha1 + validation: + openAPIV3Schema: + properties: + spec: + strategies: + type: array + uniqueItems: true + minItems: 1 + maxItems: 4 + collectionFormat: pipes + items: + type: string + schedule: + type: string + pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$' + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: elasticsearches.logging.openshift.io + spec: + group: logging.openshift.io + names: + kind: Elasticsearch + listKind: ElasticsearchList + plural: elasticsearches + singular: elasticsearch + scope: Namespaced + version: v1alpha1 + validation: + openAPIV3Schema: + properties: + spec: + description: Specification of the desired behavior of the Elasticsearch cluster + properties: + nodes: + description: Specification of the different Elasticsearch nodes + properties: + roles: + description: The specific Elasticsearch cluster roles the node should perform + type: object + replicas: + description: Number of nodes to deploy + format: int32 + type: integer + spec: + description: Specification of the Elasticsearch node + properties: + image: + description: The image to use for the Elasticsearch node + type: string + resources: + description: The resource requirements for the Elasticsearch node + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + storage: + description: The type of backing storage that should be used for the node + properties: + hostPath: + description: Use host node storage + type: object + emptyDir: + description: Use ephemeral storage + type: object + volumeClaimTemplate: + description: 'Volume claims that act similarly to the VolumeClaimTemplates + field of StatefulSets. A number of PVCs will be generated based on the number of + node replicas' + type: object + persistentVolumeClaim: + description: Use a specifically named Persistent Volume Claim + type: object + nodeSpec: + description: Specification to be applied to all the Elasticsearch nodes + properties: + image: + description: The image to use for the Elasticsearch nodes + type: string + resources: + description: The resource requirements for the Elasticsearch nodes + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + serviceAccountName: + description: The service account for the Elasticsearch nodes in this cluster + type: string + configMapName: + description: The configmap for the Elasticsearch nodes in this cluster + type: string + secretName: + description: The secret for the Elasticsearch nodes in this cluster + type: string + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: meterings.metering.openshift.io + annotations: + catalog.app.coreos.com/description: An instance of Metering + catalog.app.coreos.com/displayName: Metering + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: meterings + singular: metering + kind: Metering + listKind: MeteringList + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prestotables.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering Presto Table" + catalog.app.coreos.com/description: "A table within PrestoDB" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: prestotables + singular: prestotable + kind: PrestoTable + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reports.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering Report" + catalog.app.coreos.com/description: "A metering report summarizes metrics based on the query specified" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reports + kind: Report + additionalPrinterColumns: + - name: Query + type: string + JSONPath: .spec.generationQuery + - name: Schedule + type: string + JSONPath: .spec.schedule.period + - name: Running + type: string + JSONPath: .status.conditions[?(@.type=="Running")].reason + - name: Failed + type: string + JSONPath: .status.conditions[?(@.type=="Failure")].reason + - name: Table Name + type: string + JSONPath: .status.tableName + - name: Last Report Time + type: string + JSONPath: .status.lastReportTime + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportdatasources.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering data source" + catalog.app.coreos.com/description: "A resource describing a source of data for usage by Report Generation Queries" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reportdatasources + singular: reportdatasource + kind: ReportDataSource + shortNames: + - datasource + - datasources + additionalPrinterColumns: + - name: Table Name + type: string + JSONPath: .status.tableName + - name: Earliest Metric + type: string + JSONPath: .status.prometheusMetricImportStatus.earliestImportedMetricTime + - name: Newest Metric + type: string + JSONPath: .status.prometheusMetricImportStatus.newestImportedMetricTime + - name: Last Import Time + type: string + JSONPath: .status.prometheusMetricImportStatus.lastImportTime + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportgenerationqueries.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering generation query" + catalog.app.coreos.com/description: "A SQL query used by Metering to generate reports" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reportgenerationqueries + singular: reportgenerationquery + kind: ReportGenerationQuery + shortNames: + - rgq + additionalPrinterColumns: + - name: View Disabled + type: string + JSONPath: .spec.view.disabled + - name: View Name + type: string + JSONPath: .status.viewName + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportprometheusqueries.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering prometheus query" + catalog.app.coreos.com/description: "A Prometheus query by Metering to do metering" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reportprometheusqueries + singular: reportprometheusquery + kind: ReportPrometheusQuery + shortNames: + - rpq + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: storagelocations.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering storage location" + catalog.app.coreos.com/description: "Represents a configurable storage location for Metering to store metering and report data" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: storagelocations + kind: StorageLocation + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAIj5JREFUeNrsnX1wVOW9x5/dBBIgLxvAKFFkGape0Zo4tFNfppLcueKlRQlzi0A7HRKsdG5va5Iy3r96b7Ktf9w71Ztgp+OI1Sx3Wt/wDol2ZLRqFjuibaEktmClRQJULOElGxKSAHm553dyTrpJNpvz9pzzPOd8vzPbDUKzZ3fP5/v8fr/neX5PiEHS6qPrWUR5KtP+WK49L1EeUe3n1L+3qnblkdR+7lQex7WfE/rf33xi/O8hyRTCRyAF6GUa1PRcqoFdLthlJjSj6NBMo1MxhnZ8ezAAyDzs5RroZQ6M4J6qcMOW9qJvfqd94MC+jv7f/jpx3VO7YAowACgF+HIN+JUCjur24P9aFVv0RPOE/3bpsML/rNmJ4XNde/s/2Ju4qq4hgbsABhDEEX6t34CfCf50uvLXTjYy0J8Y+vR4a/LlZkQIMABfQl+pjfCV7O8FOhZ0+NPpcudfOofPn2np2RXfu+i/drTg7oEByAz9Wg36SFDetx34p0QHJz5JhnLntPS99Vpr0Te+DTOAAUgR3tcEDXoe8Kczg0t/PtwyOjiwvWDNg0gTYADCQE+gV2ngR4P6OfCEf7IG2n/TmRVZsP2TlTfEsQYBBuAV+OXK02YN/kDLTfhTNXIhyUYGB+LJ53fsxGwCDMAt8An4+iCP9iLAP1lUPLx06GBMSQ/i+FZgADzC/FotzI/gExEL/lQN93QnL33Usf3EhoompAcwALvgRzXoqwC++PBPNoLR/ovx5EvPblfSg058YzAAs+DXI7+XE/7JdYLLx4/G+97+ZQxGAAMwGurX49OQH/7JRhAuiMT+tCSE1AAGgBw/SPCjRgADyAR/FUNVPxDwTzCC5PnO/vfeDvysQSjA4NOqvUbm4w05gN+AEZw7k+j/IFEX1NWFoQCCH9FG/FqgHWz4dfV3/Y31dp1u6v5qWSxoaUEoYPDTGv1m5PmAX9fg4CDr7e1Vfx69kEwOf3q8umTlvS0wAH+BH9XAR7gP+NPCPyEt+OTjxOW3Xq1e8oMfd8IA5Idfn9bDqM8ZfiWXVqfbBg93TPjvWQWFLGd5GctVHuGCiNDwpyh5Zd/bsWsrNzXBAOTN9Xdj1OcHP7X36n2zlfW90aJAb6yGNuu6KJt7RznLv28ty1tVKSr84xrpPpcIFy1YV1xcnIQBINcH/Ip6Xomz7me3G4Z+OmUp0UDRQ7Vs/pYa1yIDM/Dr8nNtIOQz8FHh5wh/35st7HSsTu3j56TcMgIr8E+IBk6f8t1MQchH8Jdpo34ZcHYWfsrrP9tWrYT7fAdASg/oOihFEA3+FLVTgfC6r3+rHQaAkN/38FNh79OH17HhC+4NegvrGtjC2noR4ddFH0Z1cXGx9ClB2Afw02q+3YDfefgp1z+xocJV+ElnGxvUiENQ+Jl2r+3+2x/aG2W/B7Ilz/dR5ecIv1MQWhG9PsnOWgRO8I/ryu/erdVSz3Wy1gXCksJPH3ob4Pcn/E5cB2/4L/3yRdbX8AjT7sE27Z6UTlkSwk8f+B6G3Xtc4Ke5/VPf3cRGLw0Kcb3qUWKhkKnCoIvw67pGeWz8biH7zU971BOUpVFIMvir2FixD+IAP1X7Kee3O7/PQ9e/1GbIBDyAf7KqlXQgjhTAefgbAD8/+Ennn9suJPwkI6mAAPCTmrV7FSmAg/DTnYvFPRzhp8U9NN0nqig6yZQKCAK/rnIlHYgq6UArIgBn4K8CxvzgJ51tjAn/XrqfbRozArHh11Wl3bswAMAvNvw0+uvTbiKL1iNMvk5B4ZfGBMKCgh9RHgcBP3/4ST2v7JTmfZ1/drss8KeawEFt3QoMwAj8bGyOH2v6XYBfNYBdcWneG0UrNDUoCfy6ynpHWNu7JeKZgIgRAOB3EX6Cyendfbx15tWXZIKfKfCzwZGxxWuimYBQBqDlS4DfJfhJtNlHNl367a9lg388EmBjy9dhANPAj5zfRfhVA3h/r3Tv9cqB92SEX1e5EgU0wwAAv+fwk9ze6eeUho78UUb4dVWJYgJhAeBvAPzewC9rCkAa7b0gK/ypJtAYaANIOZYL8gB+mTXy2QmZ4ddVq5hAVSANQNvVh7X9gN+aAZw6KTv8upoVE6gMlAFoe6d3A2PA75UEgT/VBMoCYQDaQh/07wP8tpR1461+gZ9d/WBV5M5D53aPjo5GfG8A2siPuX5B4KdOvDIqlF/oF/jZjY3NLDsyPzpw9OM2XxuA1sCzHCiLM/LLagDZN97iG/h1zVl2U1lvx/5mXxqA1robe/oFC/vn3imfH9PobzYCEB1+XXm3rai6+PGhKl8ZQMqhHZBgOX/u8lLpPpNZK+7yJfzjpnzj8sYzr71c5gsDQNFPXPjVEWdVpXSfy+zy1b6FX1Nk4Zr1zW5sHHIjAqCFPij6CQh/6mtJZQArV/sZfl1lX/r9qUapDQB5v/jwq6+3frM0n03O/RsN5f+Swz9mdFcvqurt2F8ppQGkhP6QwPCrOecd5dLMBuSs2RgI+MdTtNtWNB9/oiEqnQEwnNcnBfy6FtaJvyVj1oq7ZywA+gl+vR6waPN3mqUyAGX0p7C/HEjLAb/++jyO5XY0Utn2o6DBP2Z8C64qP//O67VSGIACP4Ur2OEnEfzjN2y9uIfd5m7ayrIzLP/1K/y6iipW1/NIBXhEAJjykxB+Nb9eXiakCRD487Y9Flj4eaYCjp4NqFX9scvPZfipqWffmy3sysnjaY/2otV+tOCHQvxwwczeTMdwiXJOAFX8C57ePe3oHxD4x9V/5HD1vJtuiQtnAFrV/xhGf3fgH9EOyaA++Wa6+pIJ0LTfTHP/natv9/ycQMCfVtTDbWkoFEqKZgAUO2LOnzP8BD4d4knHZNnp50fTflT5n84IvD4pGPBPr8unP4vnXFNSLYwBaGv9DwJtvvBTD/+/PrzO0T7+FBFc98zuaVMDL9IBwD+zet5PVETuqkjY/T1OFQEbgTZf+AnCY0pY7vQhHtQU9OjdS1VzSSe6XioMZhW4k9nRXH/Rq/sB/0zGfdOtjjBnOwLQGntixR9n+Gkk5ikC/PqX2tSZgHQi46Fr4NVFmEb9edt+lHGlH+CfoupQKBT3zAC0wh+F/lEgLi/8Rk1AjxjoKHGnjIDAn7NpqzrPn2mNP+CfqqGe7mR2YZGtgqBdA2hgWPTDDX6CjApxbopMYNl7x2acLqSUgWYg6BqtpCW0pVd9rFw94+YewJ9RMcUAGlw3AEz78YWfqvA8cn4jyl9Vya59xthyjoGBAZb8/Qds6MA+9bQeatc9/NmJCW27Ka8fe75LbeZJz0Y7+gD+GWVrWjDbxgvXAn4+8JMozPbq1N7eN1vUkX2mvQF0RHdfX59asMu20aUX8NtSpO/DA1QQtJQnWooAtPX+x4A5H/gJfKrMeylaJ0CpQCb4JTyi22/wp4qiANMjhtVpQOT9nOAn9byy0/P3QSY0XaEP8IunkZERS0yaNgBt9K8C6nzgVw1gV1yI99OzayfglwD+oaEhdvZ4Z9XhHz4adSMCqAHq/OCn6rpXuf9k0QYjwC8+/MlkkoXy8lnePavquRqAVvnH6M8JfvWmfbNVmPdFew30NADwiwv/6Oio+ufZi6NVXV1dEW4GwFD55wo/qf/9hFDvjyISwC8+/CrMY1OrpjbkmZ0GRPjPEX7SyIWkUO/xYtdpNgT4uYiiq/4P9k74b0b6NqSDPyVqq3m3hDXdc4oZupEMTwNizT9/+El/WhIS6n3SIh7amQf4nTN4I9u56f6i7dqTuzVngj9F1cXFxXGnUwBM/XGGP0gKIvxUVKX1HWcbG2bs5UB7QNR/2xQzCz8b7uk2zKohA1BG/3KGDT+AH/BbFgFNvRzMNnEhs6DNYEbhJ2UVFkU7X28pdzIC2Izb1h34c5eLdYqa2YM4AX96+O3s6FTN4wf/Zgh+XbOX3lDjiAFg6s/dkT9cINYki9ljuAH/RNGajq5Yne3fM/jCDnblwD7D/z57wVWVRhYGGYkAAL+LYT918BVJWQ5t8glqtZ9G/mGHZnb6Yt8zd98+sLHKCQOoAfzu5fz5q9YKNfo7kQIEFf5M+ymsiLZY05Zrw9HkvLzNtgxAa/YZBfzuibrxiHJQJzXsAPx2cn/nN3Vdeu1F49GbgWLgTBFADeD34LXXi5F1GTmJF/BPLx6rOoePHDJn4kuWbbZjAJWA34vX937SJVyy2Fb4j+W9jMumLuq2ZCqNy8mptGQA2jFfEcDvvsYO7Wjw9Bry6n8C+AU0gNRWa4bSgIJI5ETiV5VWIoC1gN87zd9S41ktgHJ/q6M/4J9o5I7/Tq2/ohnlLi9da8UAKgG/hyF4QcST66HKf179k4BfUAOg1MyCzEUAQQv/RV3eS7vC3Lwu/UguK4t/AH+a74/Dmg6LkVnkyFOPV5qJAFYC/mBd30zn8QF+K9/dZse/IzpHwYry7rlvrRkDqAT8wblOwM8vBZiptboZzZnh9KRMyr7q6nJDBhCUxT+y7eqj612656DjeeVMh3ECfnuie8yJg1Xp+6Hj02woevQXPyszEgGUA34xRasEqVc/TRHavamomJTX8CRyfheigOJ6ewf5qgenKt+V3Y1Z+fc+MIXtUJoIoM3PJuCX/fzUWYa2iVLr7sFpjvaebsTPuX+DrVV+gN+8zr/0HOv694dcTc8ma7j7XGLRTTdXzGQAo4BfLumbTi4d6mC9Hb9LA/1d6ohv5CBOwO+89GYel/e/p+7oM7qYh9Zj0JSsU1uyR3p72DXLbghNawBa5582wC+n0L1XXPhTm3nQ53jptZfYlQPvpR3xCXyK0JxuxkLq37+vIvqVysR4bSEI+T/gB/xeiKC/cOHClE4+BLeegqU2+QjlF3A5ZHVCNFiymBif1gBWAn7AD/idgZ9G/uHh4RlqMne5el3hOXMnMB72cwQA+AG/l/BT+C+aQtnZ5WkNQJv/B/yAH/D7FH71O2jbw94t+TvrYT+O/oAf8AP+qep59UX22X8+MoH1VAMoBfyAH/D7Hv4JrKcaQBngB/yA3/fwT2DdNwYA+AE/4DcE/1QDkL0ACPgBP+A3DL8qvRCoRwBRwA/4AX8w4E+NAsIyh/+AH/ADfkvwjw/6ugGUAn7AD/gDA/848/pS4AjgH9tVR2e4977Ryi4dbp9wpluudmJP3n1rWf6qSu6HeAJ+wM8R/vEIQN0NKNMWYB7w01bas40xU+e40XUsrKvn0vkV8AN+zvCruucUC4W047+7gwg/NdWg01t7lVHfqqg7z8LaesAP+KWCX1MR1QDKggg/hfjHVt9uC37S2cYG9unD61QzAfyAXyL4SWXhoMJ/YkOFY0c3kYnQ77NjAoAf8LsMPylCRcDyoIX9BOuwAyP2BIAVU6F04tpndgN+j+Cn75bMuP/9vaq505/pmZqpkuigjvxVa8f/HHD41QiAagANyg/1QYCfRPCbKfaZvrnrG1nRllrA7yL8BDkVcalJqhFR4Xb+QzXTfk8BgZ8UoxRgSVDgpxuEJ/xjNYGY4VQA8Nsf8btidezo3UsNw68bxmnt/zf5fggQ/KRSMoBoEODX4eQtSi2MvA7gd6aOc/65JluRA/0OMpEAwq/WAMJBgZ8W+PA4r326SAPw84ffzHkImUQmcur7m4MGvyoygIjf4Vdv4jdaXXsfFAX0TTO9CPjth/08irgX/u9/2cWWnwcKfor+hVkHwHttP+/cf8rrvb8X8HMo+P314XWOwz8eJSqf3dCRPwYF/nED8D38er7npiaHp4DfmdSKt5FfbHgkKPCPpwC+h9/t0X+y4QB+Z+RGEZciAPo8gwC/5wbg5y29ugEAfofCcxeLuIPP7wgE/J4aAPbzA35T1+ZiEZeigJHPTvoefs8MwG34c5e7X+ekY7gBv7MRgJu6nNjje/g9MQAvRn5q3sFj337G1yxZDPgdTKd4Vf4zRQF+h991A/Ay7J97R7nLEcBdgN9BA3BbI6dO+h5+Vw3A65w//761rqcAgB8SGX7XDECEgl/eqkrX0oCc+zey8KLFgB8SGn5XDECkaj/18HMl3dj6KOCXXKH8At/Dz90ARJvqo+vhPSOQu2mro6M/4He/fkPKvvFW38PP1QBEneenjj1ZnFp6003j5OgP+FOM1eWp3GwONRzR4OdmACIv8qE6wPUvtTluAqH8Qpb/xE71GfBzuKfWb3Yx/C/kMosjGvxcDECGFX7UE85JE6CRP/L8O46F/oB/qqiI65bmKGlcEOB33ABkWt5LJhDdc9B2fjm7fDUreHo34HchcqP7y43RP9dhAxAVft0A2oMG/+R0gK7b7BQhzfMXPN3C8h9H2O+WqOFqFucj2aiG49T3KTr8ijqpK3Abs9ka3C8be2jbcN8brepzunZTFOpnK7khzfM7XSUG/MZEewKoKQiXAUE19d1BgZ+UsG0AQdjVNzAwwPr6+rj9fsBvEqxX4uoZDE6KDJ3gd2r0lwB+1QAoBegE/NOLtvQCfrFU8C+bWeEPfwr47StJBnAc8E8PP7b0iiW9dXf2V9azQpp5sbnrkgp+AYWf1BEG/IBfNvj11t3q9Osv3rFUuNOLuPO2PRZU+FVRDYDy/zbAD/hlgn/K3/f2sMt796iNPK4c2Kf+OV2oz6uIKyP8itaZMgDAD/hFhD+dqKXXcMqefl79GSSGn1RBBkATq92AH/D7BX43JTH8pKIQ/a9iAqOAH/AD/kDBz+45xUJ6ETAB+AE/4A8O/ExbAawbQBLwA37AHxj4SZ2pBtAB+AE/4A8M/OPMh1PDAcAP+AF/IOCfEgF0An7AD/gDA//4oB/S/0QzAYAf8AP+QMCvzgCkRgCscMOWdsAP+AG//+FPTfnHDaDom99pB/yAH/D7Hv70BjBwYF8H4Af8gN/38JM6phhA/29/nXDr1emsN+q6Q48Rzoc+An7AD/inaJz10ARYDh0czeHUf51aOfXs2qlCP/mkV+rHl7+qkhU9VOPo8V2A375RpzuYk3r0hy325gP83ksvAE41gCOH2nJuWF7uKCSH29npWJ0KvhHRTAQ1fwzbbP4I+M2LorFexaj1voiZjuQmo6aOynToqtGW3YBfjNFfMYCKtAZw8f22BuVLdewAPau92+jmuu6Z3cxqNAL4zYN/tjGmfl/DFlIy+r7o3MVMbbsBvzCKKQbQMKUGoNYBPtib8Bp+PfQ8saFCjR4AP1/4u59rYkfvXsrOK8/DFusx9H3Rd02/J12kB/jFzP+nRACkyyePjdrNwwncY6tvt32ludoJPkbTAcBvbtSn9tpGUzMzWljXwBbW1gN+wfP/KRGAemMM9Nu+I5xq2Uy9+c8/tx3wOwy/btA84CedbWxQ7wHAL/bon9YAhj493mo39B887Nyaou5nm2acKgT85tOrdNV9R+FS7oOjq25jV7rPAX5x1DqjASRfbrY1LFAF2UkNa5VpwO9M2P+pEvYPc157MT6YHPkj64s9AvhligCue2pX++XOv1geHjLB6rSpAH7zqZmT0ZkRUZfewRd2AH7v1ank/+0zGoA66p4/Y4niS5xurnQ3LeA3aaKKMfMwZyPq3/FjtUsv4Bdr9J/WAHp2xfdaDdd5aHK+CvjNixZjeSXq0U8mAPjFyv+nNYBF/7Wj5cqJT5IivgvAb+HmfyXOveg34+f62oueRQGAnyWV8L/FsAGQQrlzTMeLTq7jTxUtOQX81tX97HYh7sKB558G/N5oWpanNYC+t15rtWIAWTbX8KcTLQgC/NbTJ7cLf9OJju4C/OKE/xkNoOgb37aUBhjdGGJGI5//AuC3qD6PCn9pv8dTJ9WpQcAvRvif0QBUMP582PTdU7h+s6NXT8c/Z315FeC3WjM5JFafl2EXDADwGwv/ZzSA0cEB08mjukXUwShg3vcfA/w2UwCRNHLqJOB3VzstG0DBmgfbB9p/Y/oOouaiTtQCZpevVh+A37p4rfe3bEgH9gF+90SLfxKWDYCUFVlgOgqg3Xu0i8+OCdD57Xn1TwJ+CPBzGv0NGcAnK2+IW+nbl6Nt5bUyNUijfsHTu1kovxDwQ4DfuuK2DeDmEyw5MjgQt/LqZAJL9xxk87fUGoscShaz/Md3qg/A70+F8gsAvztqUcL/TtsGQEo+v2On1augdKC4vpEte++Y2uuPioSpqQHN8VMrqUjjz1nRqweQ8zssfRGVKKLUDvC7IkOpe8gwQMf+fGx29HNRHleKRT78RDsAaSmwKMpreJLlrNkI+PmKin9LDQ3QhiE6dDAG+OUL++feuVKoO3PWirsBP38ZZtWwARSseTA+3NOdBPxy5fwipQAU/ocXLQb8fEWMtjhuACpQH3VsB/zywK+OuFr/fhGUc/9GwO9C7q+E/0kuBnBiQ0WTE1EA4HdXTi/PtiKa1clZswHw81eTmX9sygBoSnC0/2Ic8MsDv2oAX6vitlXbqOZs2mp5ahfwG1bczOivGrPZVzjT2BCdv6XmmJWjuwD/zKKlu9RabfhCD+t/PzHh72j6NOeWMgXmJWpYbwZq+r3UDdir0b/o1f2WDADwm9JSI3P/tgyANPDh/ubcz6+oAvz24U89j89szz79UFUK8Y0co+bVlCAt7LKyvgPwmx79TR/IYckAzEYBgD89+HbO45ssWlBFpytnOp+PXpOiADcbhOQqof+8bY8BfgFHf8sGQBodHW1QnuoBv3n4zzbF1ANPeDRRJSMo1lZcem0CVPW3sqEL8Lsz+tsygI+uZ5EbPjx/LKuwKAL4jcFPub1bvflp/wWd2Ds5SqPjurpPHmfnH7qfa3cewO+aktrob2k0CVt9VZoRyLQuAPBPurGVUJ/O43Mr/KbTficfAaaf1Tc8Zx4rfP4dNTznIQr5Ab9r2m4VflsRwHgU0HHuYFZkfhTwN2cM+enATC+UpfVmmH1zadqDOqlBR1/se4506qFlvnO3/cjShh/A7/7ob9sASBd++XJV/lfXNwP+9OqK1amjsZciEyjc0cpCn7s54+eqnuBjwQgI/DlbH1We77J0fYDfsqoV+ON2fkHIiasYOtvVlrXgqnLAPzXsd+qodLsyOhdPdQE6xGNIiQwy1QgIer1lm531/YDfstoV+G+3fV84cSVKFFCW9cUvH7wYygL8+vUquT7l/CKJQnPK/c2ITvMZTokKsm+8xbFmLYDflipm6vfnmgGQ/vaH9sbw1SW1gH9sqo3gF60jL2muEqpTuO61AL8tWZ72m6ywU1fU/dWy2OiFZDLo8JNogY+I8JMoz3frcA7Az0XEmGMnvTpmADQtOPzp8eqgw0/ge130m9EEnvgPwC+v6uxU/bkZAKlk5b0tw598nAgq/ProL7quHHiPa39+wM9NCbtVf64GQLr81qvVWpgSOPhp9Bep/14mDb7wNOCXL/R3fErJcQNY8oMfd17Z93YsaPCrN/krO6W5my4n9qgVfsAvjWJWNvu4bgCkays3NY10n0sECX71Rt8Vl+qOIhMA/NKE/lwKS2FeVxwuWrDOzKyA7PBT+C9q5T9TLQDwBzP0524AxcXFhmcF/NLJRzbxjAAAv2Oq5hH6czcAEs0KjJw+1eR3+NX3cahDyruLx5oAwO+YaMFPC88XCPN+B7RASHlq9zP8JDe77DgpJ3YBAn4uohuqjveLcDcAWiCUbmrQb917Rzh093FDww5GAIDf2bzfyQU/nhkA6bqvf6s9tZDhx9bdskYAgF9I0Wo/V26osFvvqLi4WK0HoG8/4IdmzPvjbr1Ytpvv7JrPl9V9dD2j/tXlgB/wQ1Pzfqd2+QkXAaRoHWP2wxvR4M810Jcf8EMZ1Kk8XD+5xXUDoKKgVg9I+gV+9YO0cFKSCMq2eFw34HdUxMI6N4p+IkQAZALtWiTgm7Bf1ggglF8A+L1XtVtFPyEMQDOBBDO5xFHknD/nllI5IwCTHXwBPxf4W7x68bCX71wxgbjyFJMdftJ0J/GILLPn9QF+x9XkZsVfOAPQTKBBeYrLDD+JDuqULQ2YZSL/B/yOi6b76ry+iLAIn4RiAtXTmYBMU310Sq9MylmzAfB7B78Q/eLDonwi6UxAtnn+vFWVUoX/Rtp7A37HlRAFfqEMIMUE2mWEX08DMh3PLZJyN30b8Lsvy7NfgTAATRUK/O2yrvCjE3llyP1nOsYL8HOBv8KLuX6pDIAWCinwVzCLqwW9Xt5LUcDCugah78S8hicBP+AXNgJg2gdFJpCQCX5d87fUqEYgouhkoExn+QF+53N+UeEnhUT/9N4tYUR0lSzw6xLxbEAK/Que3g343VNcpIKfNBHApGhg2ilCUeEn5SwvY4ueEOeawiWLWf7jccAP+CcoS4ZPsrmXtVbnM9ptc4cM8OuihUGzFkdZ35ut3oZ5+YWs4CcvsqyS6wG/O6IVfv8qw4VmyfKJKibwhmICx5UfK2WAfzwSuLmUDc0vZpfaXvcOfiXsn27NP+B3XLS2/79ludgsmT5ZxQTaFROg9rv/rMCfKzr8o6OjLElHIyy7WRl9F4+dx3f5kmuvT9BHnn8HI787oiLfJgX+F2W66JCMn/S7JazszkPndmdH5kdFh39oaGj8v1EL7osNj7hyPHfupq1s3rbHkPO7o042tp9fusaQIVk/cQWwyMDRj9vmLLupTAb4UzWw48ds4IUdbLS3x/HXpkr/nK2PZlzoA/gdlbBz/L42AF29Hfub825bUSUL/OP/ToF/UDEBp4yAwM+5fwPLWbMx478D/I5Kikq/rw2AdPHjQ1Vzb1zeqPwYkQH+yaJOyXRMF9UIzJgBTe3NXrlaAX+jocYegN/RfL/O6738MIAUnXnt5bKFa9ZTVbBMJvgni0yADusgIxhSny9MAD5rkfJQYM++6daMK/oAP9eQv1rGfN/XBkB6t4RFvvT7U42zr15UJSP8vAT4nQv5tZE/6Zc3FPLjt9Tbsb8y77YVzW6kBIA/MCG/p737eCnsx28rv/QLLSf+J3b7lXNnEoAf8NsU3UO3+xF+30YAqTr/zuu1RRWr652OBgB/IEb9mAJ+k5/fZNjv3+L8f/xKk9PRAOAPzKjf5Pc3GgrSt0rThbOvXtSYXVgUAfzQNKO+L6b3YADTAxzp+/BAo5XFQ4Df14ozn1X4kQKkc7xQKJlf+oVqJS2ouHL+bDvgD7z0pbzVQYM/kBGAlbQA8CPchwH4WLSA6IsfHKvNXRytYZNmCwC/L8HfzsaadiSD/mHAANLUB3Kjy6qyCyKAH3k+DCCIOv5EQ3T+P62pH4wsqBqdMw/w+wN8mtPvxEcBAzCswz98NJp3z6r62YujVWEDx2gBfoAPA/Churq6qC5QO3whWZNVEIkAfuT4MIAAioqF/9DeVTnc012fVVgUBfxCiUb5mPJoAfgwAP532+st5bOX3lCTveCqSsDvqWiTznYF+gQ+ChiAJ3WCwgc2VoXn5W3mFRUA/rSj/U421pIL+T0MQKCoYMmyzaGcnEqnagWAf0JuT6P9Toz2MADhdSLxq8rc5aVr2dhBJhHAbwv6Vr/ux4cBBEBHnnq8Mu+e+9ZmX3V1ufLHKOCfMbxPAHoYgC919Bc/K8u/94Hy4e5za0PZ2eXp1hcEEH4VeHr2S7NNGABkuG4wq2RxeXjO3JVkCL1te4IAPwG/VwMe+TwMANJFx54pT5QqlLKxFudlkr+ldu3RgREeBgBZN4UyrX5Qqj2XCQh6pwY6PbcDdhgAxNcYIpoRRFIMoZT9fdYhygwWHTNlKdqDlNQA14FPaqBj5Z2k+n8BBgCYs/pPRyOn1wAAAABJRU5ErkJggg== + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: clusterlogging.v0.0.1 + namespace: placeholder + annotations: + olm-examples: '[{"apiVersion": "logging.openshift.io/v1alpha1","kind": "ClusterLogging","metadata":{"name": "example","annotations":{"io.openshift.clusterlogging.alpha/allinone": ""}},"spec": {"logStore":{"type": "elasticsearch","elasticsearch":{"replicas":1,"storage":{"emptyDir": {}}}},"visualization":{"type": "kibana","kibana":{"replicas": 1}},"curation":{"type": "curator","curator": {"schedule": "30 3 * * *"}},"collection": {"logCollection":{"type": "fluentd","fluentd":{"nodeSelector":{"logging-infra-fluentd: "true"}}}}}]' + test: "yes" + spec: + displayName: Cluster Logging + + description: | + The Cluster Logging Operator for OKD provides a means for configuring and managing your aggregated logging stack. + + Once installed, the Cluster Logging Operator provides the following features: + * **Create/Destroy**: Launch and create an aggregated logging stack in the `openshift-logging` namespace. + * **Simplified Configuration**: Configure your aggregated logging cluster's structure like components and end points easily. + + keywords: ['elasticsearch', 'kibana', 'fluentd', 'logging', 'aggregated', 'efk'] + + maintainers: + - name: Red Hat + email: aos-logging@redhat.com + + provider: + name: Red Hat + + links: + - name: Elastic + url: https://www.elastic.co/ + - name: Fluentd + url: https://www.fluentd.org/ + - name: Documentation + url: https://github.com/openshift/cluster-logging-operator/blob/master/README.md + - name: Cluster Logging Operator + url: https://github.com/openshift/cluster-logging-operator + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: cluster-logging-operator + rules: + - apiGroups: + - logging.openshift.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + - apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - "*" + - apiGroups: + - batch + resources: + - cronjobs + verbs: + - "*" + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - "*" + - serviceAccountName: elasticsearch-operator + rules: + - apiGroups: + - logging.openshift.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - pods/exec + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + - servicemonitors + verbs: + - "*" + clusterPermissions: + - serviceAccountName: cluster-logging-operator + rules: + - apiGroups: + - scheduling.k8s.io + resources: + - priorityclasses + verbs: + - "*" + - apiGroups: + - oauth.openshift.io + resources: + - oauthclients + verbs: + - "*" + deployments: + - name: cluster-logging-operator + spec: + replicas: 1 + selector: + matchLabels: + name: cluster-logging-operator + template: + metadata: + labels: + name: cluster-logging-operator + spec: + serviceAccountName: cluster-logging-operator + containers: + - name: cluster-logging-operator + image: quay.io/openshift/cluster-logging-operator:latest + imagePullPolicy: IfNotPresent + command: + - cluster-logging-operator + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: "cluster-logging-operator" + - name: ELASTICSEARCH_IMAGE + value: "docker.io/openshift/origin-logging-elasticsearch5:latest" + - name: FLUENTD_IMAGE + value: "docker.io/openshift/origin-logging-fluentd:latest" + - name: KIBANA_IMAGE + value: "docker.io/openshift/origin-logging-kibana5:latest" + - name: CURATOR_IMAGE + value: "docker.io/openshift/origin-logging-curator5:latest" + - name: OAUTH_PROXY_IMAGE + value: "docker.io/openshift/oauth-proxy:latest" + - name: RSYSLOG_IMAGE + value: "docker.io/viaq/rsyslog:latest" + - name: elasticsearch-operator + spec: + replicas: 1 + selector: + matchLabels: + name: elasticsearch-operator + template: + metadata: + labels: + name: elasticsearch-operator + spec: + serviceAccountName: elasticsearch-operator + containers: + - name: elasticsearch-operator + image: quay.io/openshift/elasticsearch-operator:latest + imagePullPolicy: IfNotPresent + command: + - elasticsearch-operator + ports: + - containerPort: 60000 + name: metrics + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: "elasticsearch-operator" + maturity: alpha + version: 0.0.1 + customresourcedefinitions: + owned: + - name: clusterloggings.logging.openshift.io + version: v1alpha1 + kind: ClusterLogging + displayName: Cluster Logging + description: A Cluster Logging instance + resources: + - kind: Deployment + version: v1 + - kind: DaemonSet + version: v1 + - kind: CronJob + version: v1beta1 + - kind: ReplicaSet + version: v1 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + - kind: Secret + version: v1 + - kind: Service + version: v1 + - kind: Route + version: v1 + - kind: Elasticsearch + version: v1alpha1 + specDescriptors: + - description: The desired number of Kibana Pods for the Visualization component + displayName: Kibana Size + path: visualization.kibana.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Resource requirements for the Kibana pods + displayName: Kibana Resource Requirements + path: visualization.kibana.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Kibana Visualization component + displayName: Kibana Node Selector + path: visualization.kibana.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: The desired number of Elasticsearch Pods for the Log Storage component + displayName: Elasticsearch Size + path: logStore.elasticsearch.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Resource requirements for the Elasticsearch pods + displayName: Elasticsearch Resource Requirements + path: logStore.elasticsearch.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Elasticsearch Log Storage component + displayName: Elasticsearch Node Selector + path: logStore.elasticsearch.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: Resource requirements for the Fluentd pods + displayName: Fluentd Resource Requirements + path: collection.logCollection.fluentd.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Fluentd log collection component + displayName: Fluentd node selector + path: collection.logCollection.fluentd.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: Resource requirements for the Rsyslog pods + displayName: Rsyslog Resource Requirements + path: collection.logCollection.rsyslog.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Rsyslog log collection component + displayName: Rsyslog node selector + path: collection.logCollection.rsyslog.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: Resource requirements for the Curator pods + displayName: Curator Resource Requirements + path: curation.curator.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Curator component + displayName: Curator Node Selector + path: curation.curator.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: The cron schedule for the Curator component + displayName: Curation Schedule + path: curation.curator.schedule + statusDescriptors: + - description: The status for each of the Kibana pods for the Visualization component + displayName: Kibana Status + path: visualization.kibanaStatus.pods + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch Client pods for the Log Storage component + displayName: Elasticsearch Client Pod Status + path: logStore.elasticsearchStatus.pods.client + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch Data pods for the Log Storage component + displayName: Elasticsearch Data Pod Status + path: logStore.elasticsearchStatus.pods.data + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch Master pods for the Log Storage component + displayName: Elasticsearch Master Pod Status + path: logStore.elasticsearchStatus.pods.master + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The cluster status for each of the Elasticsearch Clusters for the Log Storage component + displayName: Elasticsearch Cluster Health + path: logstore.elasticsearchStatus.clusterHealth + - description: The status for each of the Fluentd pods for the Log Collection component + displayName: Fluentd status + path: collection.logCollection.fluentdStatus.pods + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Rsyslog pods for the Log Collection component + displayName: Rsyslog status + path: collection.logCollection.rsyslogStatus.pods + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - name: elasticsearches.logging.openshift.io + version: v1alpha1 + kind: Elasticsearch + displayName: Elasticsearch + description: An Elasticsearch cluster instance + resources: + - kind: Deployment + version: v1 + - kind: StatefulSet + version: v1 + - kind: ReplicaSet + version: v1 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + - kind: Service + version: v1 + - kind: Route + version: v1 + specDescriptors: + - description: The name of the serviceaccount used by the Elasticsearch pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: The name of the configmap used by the Elasticsearch pods + displayName: Config Map + path: configMapName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ConfigMap' + - description: The name of the secret used by the Elasticsearch pods + displayName: Secret + path: secretName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: nodeSpec.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current health of Elasticsearch Cluster + displayName: Elasticsearch Cluster Health + path: clusterHealth + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: The status for each of the Elasticsearch pods with the Client role + displayName: Elasticsearch Client Status + path: pods.client + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch pods with the Data role + displayName: Elasticsearch Data Status + path: pods.data + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch pods with the Master role + displayName: Elasticsearch Master Status + path: pods.master + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + categories: openshift optional + certifiedLevel: Primed + containerImage: registry.svc.ci.openshift.org/openshift/origin-v4.0:descheduler-operator + createdAt: 2019/11/15 + description: An operator to run the OpenShift descheduler + healthIndex: B + repository: https://github.com/openshift/descheduler-operator + support: Red Hat + name: descheduler.v0.0.1 + namespace: openshift-descheduler-operator + spec: + description: | + # Descheduler for Kubernetes + + ## Introduction + + Scheduling in Kubernetes is the process of binding pending pods to nodes, and is performed by + a component of Kubernetes called kube-scheduler. The scheduler's decisions, whether or where a + pod can or can not be scheduled, are guided by its configurable policy which comprises of set of + rules, called predicates and priorities. The scheduler's decisions are influenced by its view of + a Kubernetes cluster at that point of time when a new pod appears first time for scheduling. + As Kubernetes clusters are very dynamic and their state change over time, there may be desired + to move already running pods to some other nodes for various reasons + + * Some nodes are under or over utilized. + * The original scheduling decision does not hold true any more, as taints or labels are added to + or removed from nodes, pod/node affinity requirements are not satisfied any more. + * Some nodes failed and their pods moved to other nodes. + New nodes are added to clusters. + + Consequently, there might be several pods scheduled on less desired nodes in a cluster. + Descheduler, based on its policy, finds pods that can be moved and evicts them. Please + note, in current implementation, descheduler does not schedule replacement of evicted pods + but relies on the default scheduler for that. + + ## Note + + Any api could be changed any time with out any notice. That said, your feedback is + very important and appreciated to make this project more stable and useful. + + customresourcedefinitions: + owned: + - description: Represents an instance of a Descheduler application + displayName: Descheduler Operator + kind: Descheduler + name: deschedulers.descheduler.io + version: v1alpha1 + displayName: Descheduler + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - services + - pods + - configmaps + - secrets + - names + - nodes + - pods/eviction + verbs: + - '*' + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - batch + - extensions + resources: + - jobs + verbs: + - '*' + - apiGroups: + - descheduler.io + resources: + - '*' + verbs: + - '*' + serviceAccountName: openshift-descheduler + deployments: + - name: descheduler-operator + spec: + replicas: 1 + selector: + matchLabels: + app: descheduler-operator + template: + metadata: + labels: + app: descheduler-operator + spec: + containers: + - command: + - descheduler-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: descheduler-operator + image: registry.svc.ci.openshift.org/openshift/origin-v4.0:descheduler-operator + imagePullPolicy: Always + name: descheduler-operator + restartPolicy: Always + serviceAccount: openshift-descheduler + serviceAccountName: openshift-descheduler + terminationGracePeriodSeconds: 5 + strategy: deployment + labels: + olm-owner-enterprise-app: descheduler-operator + olm-status-descriptors: descheduler.v0.0.1 + maintainers: + - email: support@redhat.com + name: Red Hat + provider: + name: Red Hat + version: 0.0.1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + namespace: placeholder + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + provider: + name: Red Hat, Inc + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: metering-operator.v0.12.0 + namespace: placeholder + labels: + operator-metering: "true" + spec: + displayName: Metering + description: Metering can generate reports based on historical usage data from a cluster, providing accountability for how resources have been used. + keywords: [metering metrics reporting] + version: 0.12.0 + maturity: alpha + maintainers: + - email: sd-operator-metering@redhat.com + name: Red Hat + provider: + name: Red Hat + labels: + alm-owner-metering: metering-operator + alm-status-descriptors: metering-operator.v0.12.0 + selector: + matchLabels: + alm-owner-metering: metering-operator + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: false + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: false + install: + strategy: deployment + spec: + permissions: + - rules: + - apiGroups: + - metering.openshift.io + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/attach + - pods/exec + - pods/portforward + - pods/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - replicationcontrollers + - replicationcontrollers/scale + - secrets + - serviceaccounts + - services + - services/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/rollback + - deployments/scale + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/rollback + - deployments/scale + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - get + - list + - watch + - update + - delete + serviceAccountName: metering-operator + deployments: + - name: metering-operator + spec: + replicas: 1 + selector: + matchLabels: + app: metering-operator + strategy: + type: Recreate + template: + metadata: + labels: + app: metering-operator + spec: + containers: + - args: + - run-operator.sh + env: + - name: HELM_RELEASE_CRD_NAME + value: Metering + - name: HELM_RELEASE_CRD_API_GROUP + value: metering.openshift.io + - name: HELM_CHART_PATH + value: /openshift-metering-0.1.0.tgz + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: HELM_HOST + value: 127.0.0.1:44134 + - name: HELM_WAIT + value: "false" + - name: HELM_RECONCILE_INTERVAL_SECONDS + value: "30" + - name: RELEASE_HISTORY_LIMIT + value: "3" + image: quay.io/coreos/metering-helm-operator:0.12.0 + imagePullPolicy: Always + name: metering-operator + resources: + limits: + cpu: 50m + memory: 25Mi + requests: + cpu: 50m + memory: 25Mi + - args: + - tiller + env: + - name: TILLER_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TILLER_HISTORY_MAX + value: "3" + image: quay.io/coreos/metering-helm-operator:0.12.0 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: tiller + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readiness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 50m + memory: 100Mi + requests: + cpu: 50m + memory: 50Mi + restartPolicy: Always + securityContext: + runAsNonRoot: true + serviceAccount: metering-operator + terminationGracePeriodSeconds: 30 + customresourcedefinitions: + owned: + - description: An instance of Metering + displayName: Metering + kind: Metering + name: meterings.metering.openshift.io + version: v1alpha1 + - description: A table within PrestoDB + displayName: Metering Presto Table + kind: PrestoTable + name: prestotables.metering.openshift.io + version: v1alpha1 + - description: A resource describing a source of data for usage by Report Generation + Queries + displayName: Metering data source + kind: ReportDataSource + name: reportdatasources.metering.openshift.io + version: v1alpha1 + - description: A SQL query used by Metering to generate reports + displayName: Metering generation query + kind: ReportGenerationQuery + name: reportgenerationqueries.metering.openshift.io + version: v1alpha1 + - description: A Prometheus query by Metering to do metering + displayName: Metering prometheus query + kind: ReportPrometheusQuery + name: reportprometheusqueries.metering.openshift.io + version: v1alpha1 + - description: A metering report for a specific time interval + displayName: Metering Report + kind: Report + name: reports.metering.openshift.io + version: v1alpha1 + - description: Represents a configurable storage location for Metering to store metering + and report data + displayName: Metering storage location + kind: StorageLocation + name: storagelocations.metering.openshift.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + - kind: Service + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + - kind: Service + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: svcat.v0.1.34 + namespace: placeholder + spec: + displayName: Service Catalog + description: Service Catalog lets you provision cloud services directly from the comfort of native Kubernetes tooling. This project is in incubation to bring integration with service brokers to the Kubernetes ecosystem via the Open Service Broker API. + keywords: ['catalog', 'service', 'svcat', 'osb', 'broker'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Documentation + url: https://svc-cat.io/docs + - name: Service Catalog + url: https://github.com/kubernetes-incubator/service-catalog + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: service-catalog-controller + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-info"] + verbs: ["get","create","list","watch","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create", "list", "watch", "get", "update"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["service-catalog-controller-manager"] + verbs: ["get","update"] + clusterPermissions: + - serviceAccountName: service-catalog-controller + rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["create","patch","update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get","create","update","delete","list","watch","patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get","list","update", "patch", "watch", "delete", "initialize"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceinstances","servicebindings"] + verbs: ["get","list","watch", "update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers/status","clusterserviceclasses/status","clusterserviceplans/status","serviceinstances/status","serviceinstances/reference","servicebindings/status","servicebindings/finalizers"] + verbs: ["update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers/status","serviceclasses/status","serviceplans/status"] + verbs: ["update"] + - serviceAccountName: service-catalog-apiserver + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["extension-apiserver-authentication"] + verbs: ["get"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authentication.k8s.io"] + resources: ["tokenreviews"] + verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] + deployments: + - name: apiserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: apiserver + template: + metadata: + labels: + app: apiserver + spec: + serviceAccountName: service-catalog-apiserver + containers: + - name: apiserver + image: quay.io/openshift/origin-service-catalog:v4.0.0 + imagePullPolicy: IfNotPresent + command: ["/usr/bin/service-catalog"] + resources: + limits: + cpu: 100m + memory: 140Mi + requests: + cpu: 100m + memory: 40Mi + args: + - apiserver + - --enable-admission-plugins + - "NamespaceLifecycle,DefaultServicePlan,ServiceBindingsLifecycle,ServicePlanChangeValidator,BrokerAuthSarCheck" + - --secure-port + - "5443" + - --etcd-servers + - http://localhost:2379 + - -v + - "3" + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - NamespacedServiceBroker=true + ports: + - containerPort: 5443 + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + readinessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 30 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + livenessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + - name: etcd + image: quay.io/coreos/etcd:latest + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 150Mi + requests: + cpu: 100m + memory: 50Mi + env: + - name: ETCD_DATA_DIR + value: /etcd-data-dir + command: + - /usr/local/bin/etcd + - --listen-client-urls + - http://0.0.0.0:2379 + - --advertise-client-urls + - http://localhost:2379 + ports: + - containerPort: 2379 + volumeMounts: + - name: etcd-data-dir + mountPath: /etcd-data-dir + readinessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 1 + initialDelaySeconds: 30 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + livenessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + volumes: + - name: etcd-data-dir + emptyDir: {} + - name: controller-manager + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: controller-manager + template: + metadata: + labels: + app: controller-manager + spec: + serviceAccountName: service-catalog-controller + containers: + - name: controller-manager + image: quay.io/openshift/origin-service-catalog:v4.0.0 + imagePullPolicy: IfNotPresent + command: ["/usr/bin/service-catalog"] + resources: + limits: + cpu: 100m + memory: 150Mi + requests: + cpu: 100m + memory: 100Mi + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - controller-manager + - --secure-port + - "8444" + - -v + - "3" + - --leader-election-namespace + - kube-service-catalog + - --leader-elect-resource-lock + - configmaps + - --cluster-id-configmap-namespace=kube-service-catalog + - --broker-relist-interval + - "5m" + - --feature-gates + - "OriginatingIdentity=true" + - --feature-gates + - "AsyncBindingOperations=true" + - --feature-gates + - "NamespacedServiceBroker=true" + ports: + - containerPort: 8444 + readinessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + # The following apiservice-cert is borrowed from the apiservice - it should be + # replaced with one specific for the controller manager. How to create service + # for controller manager?? + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + volumes: + - name: apiservice-cert + secret: + defaultMode: 420 + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + secretName: v1beta1.servicecatalog.k8s.io-cert + maturity: alpha + version: 0.1.34 + apiservicedefinitions: + owned: + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceClass + name: clusterserviceclasses + displayName: ClusterServiceClass + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServicePlan + name: clusterserviceplans + displayName: ClusterServicePlan + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceBroker + name: clusterservicebrokers + displayName: ClusterServiceBroker + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceInstance + name: serviceinstances + displayName: ServiceInstance + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBinding + name: servicebindings + displayName: ServiceBinding + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceClass + name: serviceclasses + displayName: ServiceClass + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServicePlan + name: serviceplans + displayName: ServicePlan + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBroker + name: servicebrokers + displayName: ServiceBroker + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + + packages: |- + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0.clusterserviceversion.yaml + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/clusterlogging.v0.0.1.clusterserviceversion.yaml + packageName: cluster-logging + channels: + - name: preview + currentCSV: clusterlogging.v0.0.1 + + - packageName: descheduler + channels: + - name: alpha + currentCSV: descheduler.v0.0.1 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/metering-operator.v0.12.0.clusterserviceversion.yaml + packageName: metering + channels: + - name: alpha + currentCSV: metering-operator.v0.12.0 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/svcat.v0.1.34.clusterserviceversion.yaml + packageName: svcat + channels: + - name: alpha + currentCSV: svcat.v0.1.34 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_07-certified-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_07-certified-operators.configmap.yaml new file mode 100644 index 000000000..69352ace9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_07-certified-operators.configmap.yaml @@ -0,0 +1,1397 @@ +##--- +# Source: olm/templates/0000_30_07-certified-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: couchbaseclusters.couchbase.com + spec: + group: couchbase.com + version: v1 + names: + plural: couchbaseclusters + singular: couchbasecluster + shortNames: + - couchbase + - cbc + kind: CouchbaseCluster + listKind: CouchbaseClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - baseImage + - version + - authSecret + - cluster + - servers + properties: + adminConsoleServices: + type: array + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + buckets: + type: array + items: + type: object + required: + - name + - type + - memoryQuota + properties: + enableFlush: + type: boolean + enableIndexReplica: + type: boolean + ioPriority: + type: string + enum: + - high + - low + name: + type: string + pattern: '^[a-zA-Z0-9._\-%]*$' + evictionPolicy: + type: string + enum: + - valueOnly + - fullEviction + - noEviction + - nruEviction + memoryQuota: + type: integer + minimum: 100 + type: + type: string + enum: + - couchbase + - ephemeral + - memcached + replicas: + type: integer + maximum: 3 + minimum: 0 + conflictResolution: + type: string + enum: + - seqno + - lww + baseImage: + type: string + antiAffinity: + type: boolean + exposeAdminConsole: + type: boolean + paused: + type: boolean + servers: + type: array + minLength: 1 + items: + type: object + required: + - size + - name + - services + properties: + name: + type: string + minLength: 1 + pattern: '^[-_a-zA-Z0-9]+$' + pod: + type: object + properties: + automountServiceAccountToken: + type: boolean + couchbaseEnv: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + labels: + type: object + nodeSelector: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + requests: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + tolerations: + type: array + items: + type: object + required: + - key + - operator + - value + - effect + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + volumeMounts: + type: object + required: + - default + properties: + analytics: + type: array + items: + type: string + data: + type: string + default: + type: string + index: + type: string + serverGroups: + type: array + items: + type: string + services: + type: array + minLength: 1 + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + size: + type: integer + minimum: 1 + disableBucketManagement: + type: boolean + volumeClaimTemplates: + type: array + items: + type: object + required: + - metadata + - spec + properties: + metadata: + type: object + required: + - name + properties: + name: + type: string + spec: + type: object + required: + - resources + - storageClassName + properties: + resources: + type: object + properties: + limits: + type: object + required: + - storage + properties: + storage: + type: string + requests: + type: object + required: + - storage + properties: + storage: + type: string + storageClassName: + type: string + serverGroups: + type: array + items: + type: string + version: + type: string + pattern: '^([\w\d]+-)?\d+\.\d+.\d+(-[\w\d]+)?$' + softwareUpdateNotifications: + type: boolean + authSecret: + type: string + minLength: 1 + cluster: + type: object + required: + - dataServiceMemoryQuota + - indexServiceMemoryQuota + - searchServiceMemoryQuota + - eventingServiceMemoryQuota + - analyticsServiceMemoryQuota + - indexStorageSetting + - autoFailoverTimeout + - autoFailoverMaxCount + properties: + autoFailoverTimeout: + type: integer + maximum: 3600 + minimum: 5 + autoFailoverOnDataDiskIssues: + type: boolean + clusterName: + type: string + indexStorageSetting: + type: string + enum: + - plasma + - memory_optimized + analyticsServiceMemoryQuota: + type: integer + minimum: 1024 + eventingServiceMemoryQuota: + type: integer + minimum: 256 + searchServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverMaxCount: + type: integer + maximum: 3 + minimum: 1 + dataServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverOnDataDiskIssuesTimePeriod: + type: integer + maximum: 3600 + minimum: 5 + indexServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverServerGroup: + type: boolean + tls: + type: object + properties: + static: + type: object + properties: + member: + type: object + properties: + serverSecret: + type: string + operatorSecret: + type: string + exposedFeatures: + type: array + items: + type: string + enum: + - admin + - xdcr + - client + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: Age + type: date + description: >- + CreationTimestamp is a timestamp representing the server time when this + object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is + represented in RFC3339 form and is in UTC. + + + Populated by the system. Read-only. Null for lists. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + JSONPath: .metadata.creationTimestamp + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: oneagents.dynatrace.com + spec: + group: dynatrace.com + names: + kind: OneAgent + listKind: OneAgentList + plural: oneagents + singular: oneagent + scope: Namespaced + version: v1alpha1 + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbreplicasets.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbreplicasets + singular: mongodbreplicaset + shortNames: + - mrs + kind: MongoDbReplicaSet + listKind: MongoDbReplicaSetList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - members + properties: + members: + type: integer + maximum: 50 + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbshardedclusters.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbshardedclusters + singular: mongodbshardedcluster + shortNames: + - msc + kind: MongoDbShardedCluster + listKind: MongoDbShardedClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - shardCount + - mongodsPerShardCount + - mongosCount + - configServerCount + properties: + configServerCount: + type: integer + maximum: 50 + minimum: 1 + mongodsPerShardCount: + type: integer + maximum: 50 + minimum: 1 + mongosCount: + type: integer + minimum: 1 + shardCount: + type: integer + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbstandalones.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbstandalones + singular: mongodbstandalone + shortNames: + - mst + kind: MongoDbStandalone + listKind: MongoDbStandaloneList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + properties: + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"couchbase.com/v1","kind":"CouchbaseCluster","metadata":{"name":"cb-example","namespace":"default"},"spec":{"authSecret":"cb-example-auth","baseImage":"registry.connect.redhat.com/couchbase/server","buckets":[{"conflictResolution":"seqno","enableFlush":true,"evictionPolicy":"fullEviction","ioPriority":"high","memoryQuota":128,"name":"default","replicas":1,"type":"couchbase"}],"cluster":{"analyticsServiceMemoryQuota":1024,"autoFailoverMaxCount":3,"autoFailoverOnDataDiskIssues":true,"autoFailoverOnDataDiskIssuesTimePeriod":120,"autoFailoverServerGroup":false,"autoFailoverTimeout":120,"clusterName":"cb-example","dataServiceMemoryQuota":256,"eventingServiceMemoryQuota":256,"indexServiceMemoryQuota":256,"indexStorageSetting":"memory_optimized","searchServiceMemoryQuota":256},"servers":[{"name":"all_services","services":["data","index","query","search","eventing","analytics"],"size":3}],"version":"5.5.1-1"}}] + name: couchbase-operator.v1.0.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Manages Couchbase clusters + displayName: Couchbase Cluster + kind: CouchbaseCluster + name: couchbaseclusters.couchbase.com + resources: + - kind: Service + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: The name of the secret object that stores the admin credentials. + displayName: Auth Secret + path: authSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: The name of the secret object that stores the server's TLS certificate. + displayName: Server TLS Secret + path: tls.static.member.serverSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: The name of the secret object that stores the Operator's TLS certificate. + displayName: Operator TLS Secret + path: tls.static.operatorSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: Specifies if the Operator will manage this cluster. + displayName: Paused + path: paused + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies if the Couchbase Server Web Console will be exposed externally. + displayName: Expose Console + path: exposeAdminConsole + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies whether or not two pods in this cluster can be deployed on the same Kubernetes node. + displayName: Anti Affinity + path: antiAffinity + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies if update notifications will be displayed in the Couchbase UI. + displayName: Show Update Notifications + path: softwareUpdateNotifications + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: Specifies if the Operator will create or delete buckets. + displayName: Disable Bucket Management + path: disableBucketManagement + value: false + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - description: The desired number of member Pods for the Couchbase cluster. + displayName: Size + path: servers[0].size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The maximum number of failover events tolerated before manual intervention is required. + displayName: Auto Failover Max Count + path: cluster.autoFailoverMaxCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:slider' + - 'urn:alm:descriptor:com.tectonic.ui:sliderStart:1' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed. + displayName: Resource Requirements + path: servers[0].pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The desired number of member Pods for the deployment. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The current status of the Couchbase cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the application. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - description: The status of each of the member Pods for the Couchbase cluster. + displayName: Member Status + path: members + x-descriptors: + # FIXME: Format doesn't match with what the OpenShift console's donut chart expects + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The current version of the Couchbase cluster. + displayName: Current Version + path: currentVersion + - description: The cluster identifier as provided by the Couchbase cluster. + displayName: Cluster ID + path: clusterID + - description: Specifies if the Operator is currently managing this cluster. + displayName: Control Paused + path: controlPaused + - description: The port that the web console can be accessed on from any node in the Kubernetes cluster. + displayName: Admin Console Port + path: adminConsolePort + - description: The SSL port that the web console can be accessed on from any node in the Kubernetes cluster. + displayName: SSL Admin Console Port + path: adminConsolePortSSL + - description: Conditions for the cluster + displayName: Conditions + path: conditions + x-descriptors: + # FIXME: Format doesn't match with normal Kubernetes conditions (map vs array) + - 'urn:alm:descriptor:io.kubernetes.conditions' + version: v1 + keywords: + - couchbase + - database + - key value + - nosql + - open source + displayName: Couchbase Operator + provider: + name: Couchbase + maturity: stable + version: 1.0.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAK4AAACvCAYAAABkUOVLAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAABLSSURBVHic7d17cFz1dQfw77l39ZZlgbHNpH7IxliPlVaStX7gMEVOmeCQQBoIpjNtKYmhbtJ0KFACbdOZlDZMYSAuk0AYDKVDMgVMgU5CsGlpbFLHD7wrrx4rycaWReIkY2wj62FJ1t77O/1DMjEeW3ufe3dX5zPjGY907+93bH/90+7de88PEEIIIYQQQggROAq6gHywr6ZmjlZQMJtSKCOgEABMhMp1GCMAwMAEF+CMSqUGV/f2ngq22vwgwU1jR2trqOLk0NWsVD2Il4JRxUAVgReD6Aow5gDQbAypQDgF5pMM+oCAfmY6SoSj0M3Ovs6a9zfgVdOvP0++kOCehwGKNzRUs6mtJcJagJrAHAZQnMEyxkGUBDhBjF+wrvZEOzt7Mzh/TpjxwX2vvn6hzqH1SvF6Ir4OoDlB13QRJwl4l5m3GwXYvqaj41jQBQVtRgY3VtPQAF3bAOCLYDQEXY9tTB0g/i8FbF3V3Z4MupwgzJjgxsIti4hTX2HgdoBqg67HQ0kQXlFk/vuqrq5fBV1MpuR1cHe0toYqjg/cBKK7GXwD7L2Jyi0EE8xvg7Utw/Mr31y3c6cRdEl+ysvg7qqunlWsFX0VhPsAWhR0PQH4LYOeLdLNJyOdnQNBF+OHvAru3vr6+SGlfxPAXQAqgq4ncIRBBj9bqOPxxo6OD4Mux0t5Edx9NTVzNK34rwh8H4BZQdeThc4AeN7QzEfWdHUdD7oYL+R0cHcvuKakYNbYfUT8ICSwVgwB/C/Do0Ob1/X3jwddjBs5G9x4OHITg54EY0nQteSgXzHzt6I9HT8kgIMuxomcC248vGIZs/ksgHVB15LrCPyO0nnTys7OvqBrsStngrujtTU06/hHfwmi7wAoC7qevEEYY6bHqET/TjQeTwVdjlU5EdxYQ0MNG/RDIooGXUu+ImC/ofAnq3vbDwVdixVZf0F+f23kDphaTELrLwZW6joSsdrIPUHXYkXWrrgHmpoqzQl+AcAfBl3LTMOM181U8VfWHN43FHQtl5KVwY01NNTApNfz7J6CXPM+M9+ysqejK+hCLibrXirEaxtvh6nFJLSBu5qI9sTqmm4LupCLyargxmoj9zDhPyBXDbJFOcCv7K9r+nbQhVwoK14q7GhtDVV8OPB9BjYFXYu4OAZeoJLQpmy5ZBZ4cGMtLaUYM14HcEPQtYh0+K2JobIvrz22ZyzoSgINbnskUpYy6McAPhNkHcI6Bv3cnCi6KegrDoEFt6Oh4bIJU9sGYHVQNQjH9uqF9LnmROJ0UAUE8uasPRIpmzC1H0NCm6vWmBO8fVd1dWB35GU8uLsXXFOSStGbAK7N9NzCU6uL9eJt7ZFIIFeAMhrcWEtLQWHF6BsgtGZyXuGbT6cMbN3R2hrK9MQZDS6NGd+DXD3IM3TjrBMDz2R61owFNxZu/Ae5TpunGBtj4caHMjllRq4qxGsbb2fCS5maTwSCmfi2lcmO1zIxme9BitU0NEDT9kA+xp0JRhSwJhPddXx9qbCrunoWNG0rJLQzRbkGvB5b2jLb74l8DW6xXvwigBo/5xBZZzmKzef8nsS34MbqGv8CchP4DMVf3l8b2ejnDL68xp16EvcAgHI/xhc54Qyb3LLyYMdBPwb3fMXd0doaUsp4CRLama6MdHpxK27T/Rjc8+DOOjFwvzzYKKasWho+5MvDl56+VNhXHVmi69QJuYogfmcUmhmJdnUd8XJQT1dcXafnIaEVn1QKU3/a60E9C268rnEDpC2SuBjCZ+O1jV/ydkgP7KiqKp5VOrsHQJUX44m81Dc8Ohj2qkukJytueUnl/ZDQiuktnVU227M3aq5X3H01NXN0ragP0gFcpEMYnICxdG0y+ZHboVyvuJpe+CAktMIKxuwi6Pd5MZSrFbdtWfNcVaj6IB82COtGCkJ8lds9KVytuKpQPQgJrbCnPJUi16uu4xV377LVFaGi8V+C4fstbCLvDGE8tCjaFx90OoDjFbeg4OwmCa1wqIJLjK+6GcDRihtraSnAmHEEwEI3k4sZ7YPheZctc7oDpqMVl84aN0FCK9xZXH7ioxudnuwouErhbqcTCnEOKXKcI9svFWLhlkVg4yiyrLfulBEAKYCHATIAFAJYEHBNmWYAOAZAAagAoQyMkoBrujiCaehctaaj45jdUx10IDHuRCZDSxgD4+fE6IZGR5jxITMN6DpOK6QGTMM4rZeVDV2qb2t7JDLPMOl+ZjyA/H48/iyAByaGSp+7sA0oA9TZ0FA5SlRGE1Sq6TSXFOaC+EoCz1dMczXClYp5MRE1AijISMUMvcDAHQAesXuq/RW3LtKdoTb3bQQ8yiWhN6Px+KjbwWLhpi1gvsuLwrIS4aFosv1Rt8PEWlpKeTR1MxHdC2CVB5VNj9AZTbZH7J9mw1SPhA67k9h0hhlfi/a0/8jL7Trb6pujSqn9Xo2XbUIGFjQdav+1V+MxQPG6xk0AngBQ6tW4F0OaXtfS1dZj5xx7P/J1bYOt4+07Tpq5dmVPu+d7zA6ODGTl7jEeGW881P4bLwckgKPd7c+AcAMIjj8osEQZtnNlL7js6+PmZ5VGt7R0dfmyok/dBzrhx9hZ4KRfm0lHk+27oOiP4eNm1QyyfZO55eC+V1+/EEC93QmsIuLHV3Uldvs1/pSc3CncAl//XNGexE8Z2OLjFJG26uZP2TnBcnB1Dq23X49FhEGtQHvct/GFa2aI/wmTVy78QKaubOXLcnCVYt+CS8C2IPcTEOlNXmvl//VrfAK8Dy4DRITfd1aSpQn+27exhZfe9nHs69jGVS5LwW2rX1ED4ArHJaVhKq3Pr7GFh1jztDfCBeYlapuWWT3YUnCVMq9xXk96IR0n/BxfeENpcPXUgoXxP231WEvBJcJa5+Wkpyjl14t+4aEQka9XL1gpyzmz9uaM0ey4GiEsIqImq8emDe7UVkB1rioSwgIm1Fvt7pg2uLNPDC4HUOy6KiHSYZQsrjl0lZVD0wZXMYfdVySENaGQtU9n07/GJbb0P0AIL7DipVaOSxtcYukJJjKHmaqsHJc2uCzN7EQGEfESK8dZuBzGi9wWI4R1tNjKUVau485zWYkQdsy1ctC0wWVAA1GlN/UIYcnlVm62mTa4e8LhSjB82e5HiEsIJZqa0rb2mja4RSi63Lt6hLDGMM20uZu2r4LJZlE2dv1wikA/A1RmegZkELOWV3fX6SqU9pPaaYOrMReB8qeHRkt3wnGvKpE5Brgw3THTLqg02cJIiIzSWBWlPWa6b7JGDlo0CeESUdqXc9OvuIod9S4Vwg220P8i3XXcfG2gIbIYgyS4IvfopKV9lGva4GpayJPtK4Www8oziNMG9yzOut4BUAi76EzhqXTHTBvca5LJ0yCY3pUkRFqplr74ULqD0l3HVWAMeFeTEGl9ZKXzpJX7cfPq40SR9U5aOchCcOmXbisRwjr+wMpRVu6hOeqyEiEsYyZLebPwlC/63RYjhFVE1hZKCw9Lsp8d+oT4BGJY6tyZ/vF0jfN50w+RbTS909Jh6Q7o66x5H4SxdMe5oZuhfLpfXTg3uiLZ5s2KuwGvmgB1u6/p0kyoWX6OL7xhgst9nqKLJrdyTcvqSnfARTFpkUaWHkkWwdIU+9qqgIGE5VosDci8x3k5FsYHLPdFFcFRxL52pgfzL6weam3FNa0P6IjCZ3wdX7jGgEZMX/BzjhA0ywukpeBGD3YcgsWP4hwhXL+vOmKpZ5QIRiwcuR2A5c1FHDje3JN43+rB1vaAAJiAd53XlL4OXcf3fRxfuBBb3nIFMbnemT0NW/myfBmKmbfbr8UOunF/OPKYnb2uhP9iLS2lHDJeBrDQz3kIsJUvy8E1CrAdPu8ZS0wPxMONr03tGywCFgu3LOLx1DsE/IHPUzFzyFZwba1usXBjBxgN9mpyZBSElxj0QjSZ2GP12p7wRmJ54+8ZBdgIxjcBlGViymh3u62dnez1TWC8AWQkuKVgbCTwxnhd4+kYYxcIbcx8hDTq0wytb8XBA7/JQB15a0dVVXFlSeVCU+MFrHghaVQFxhIQNRjgpow2OyS8Yf8UG96rawxrQLbcuzAOoA+Eo1B8EkQnQTjBjBMgPsmknaSUOqVo4uSq3t6BmbJqb8VtelW4e65manM1jeYp0uYDfCUYiwEsYuYFRLQQwPyga/2YrmqjnZ29dk6x/UYoVtfYBSAXd+IZBTAC0DAIp6F4GMAIaRhRjCEQj5Kis9BwBsAEgUYApBTUMLFmMOMMLnjen3Ue1Q3T1q6YrGsVrDQdAIj4MmCq1RVN/kjmyY9VCwAQFCrPfV9NfZ/A5QAVMEPXiCsYVIHJH+flACoAVCKX3uAydUR7Eo12T7PfYonwChgP2z4veKWTv3geGB//0/K5yxhMk7+ZevvJU7+hqS9O9v775HtTUgBrNu8PYoBIXfili7/tpd99ny74IhHAOZTPSyL1spPTbN+VZej8gjz5KzxihAx60cmJtoO7pqPjGJjfdjKZEOcj0FtNh9p/7eRcZ/fBsrbF0XlCnI/Uc05PdRTc4fmVbwIsT/8KN/qH5l6+zenJjoK7budOA0RPOp1UCIA3r9u503EbW8ePzIwb41tAGHR6vpjRBkrI/Dc3AzgO7rUHDw4z+Fk3k4uZiUE/CCeTI27GcPWQIqUKHgMw7GYMMeOM6BP0r24HcRXc6KH4SQBPuS1CzCCMzSsOH3Ddj871Y+F6IT0K4LTbccQMQBgsDKnNXgzlOrjNicRpgB/zohiR55j/OdLZ6UnbWk8acZSQ+QQAy88LiZmIjsyeGP2eV6N5EtxwMjlBGh7yYiyRn4jUvVcfPmzrTrppx/NqIACI10X+h0HXezmmyH0E2ub1drSe9uzSlHY3gDNejily3qjSzW94PainwW3uTfQT0z96OabIbcT09ys7Oy01srPD8y6JQ/MrNxOw3+txRU7ae6Tnas/ekJ3Pl1voY/X1V0HpBwBIF8aZ64ypsGJ1b/shPwb3pS9ttKvrCBHd78fYIjcQ0Tf8Ci3g80N1+2sbXyPCLX7OIbIPE15ZmWz/Iz/n8LUT+Fk1ficAX5tCiyxDOGieLf5z/6fx2f7qSDXp9B4mH50W+W1EI231iuQB3xcr3/deWHmw4yBAd8HnvmMicIoYd2QitEAGggsA0e7EqwT+VibmEsEgpodaetptt1JyPF+mJgKAWLjpaTB/LZNzigwgei6aTNydySkzu01TsX4PwG9ldE7hKwZ+Mjy3MuOLUcZ7+OxecE1JYcXoTwGsy/TcwnM/Gx4d/Py6/v7xTE+c8Y3x1h7bM4aS0BcA/F+m5xae2ltCxheDCC0QQHABIBqPj+qFdDOAvUHML9whxm6Mh9a7fVLXjcC2Im1OJE4XhPh6Ar8TVA3CPiJ+d0yNr4/2xQPtqRHoHrqNHR1nzg6V3Sxv2HIDAz8ZOjO0/tqDBwNvSRD45s9rj+0Z6+uuvhnETwddi5gG4XkqCd0a1GvaC2VVZ+BYbeQeEH0XWfAfSnyMGfTwyu7Et4Mu5HxZFVwA2B+O3EpML0Du5c0GQ8S4M5OfiFmVdcEFgH01jct1Da8jN/eayA+Eg4px66ru9mTQpVxMVv5IXt3bfsiYKF4L0H8GXctMxIRXxo3xldkaWiBLV9zz7a+N3EFET2FyVxnhr2Ei+puWZCLru3BmfXAB4EBt09Um8Y8ArAq6ljy2l0j/05Zk2+GgC7EiJ4ILAAxobeGmu5j5Ccjq66VREB7uSy5/fANezZndlHImuOfsq44s0TV6BoTPBl1LriPQNk3h6829if6ga7Er54J7TjwcuYlZ2wzwVUHXkoMOA/R30e7Eq0EX4lTOBhcA3l+2rGiwqOyvAfwtGLODricHnCamR4q11JPhZHIi/eHZK6eDe86u6upZxaHir0MCfCkjYDxVGFKPetWfNmh5Edxz2pY1z1UF6n4QNmFyM+aZboBBP1Bq/Lure3tPBV2Ml/IquOckw+HyMaVvBNG9ABYHXU8A+kF4BmOhZ4K+/dAveRncc3a0tobKPzz9eWK+Cxo+B4YedE2+IZjMeEsj3nIkWf1WLl3aciKvg3u+vZHIAj2l/RlpfDsYDUHX4xmmDpB6OWTQi043dM5FMya454vXr6iFMjYw6EsAIsitvwcG0A7CG9DU1mhnZ2/QBQUhl/7BfNFW3fwpU1frCVgP4DoA84Ku6SKOA3iXgO3Moe3Rnvhvgy4oaDM+uBfaV9O4PKTTWlZqLQPNRFQHoDSDJYwSkFTAASLarSvsbu5JyI5GF5DgprEVt+mLaw5dpencQIwlICwBowqgKgBzpn6FbAxpADg1+Yv7mekoEfeTRn2aSZ1NPYkjBCiv/xz5RoLrgQNNTZWGaV6ucUERjFQpAJgIleswJh/fDhWMKkqdDen6R5MbGgohhBBCCCGEEEIIIYQQQgghhBAz1v8D+o/bXqYjxQQAAAAASUVORK5CYII= + mediatype: image/png + links: + - name: Couchbase + url: 'https://www.couchbase.com' + - name: Documentation + url: 'https://docs.couchbase.com/operator/1.0/overview.html' + - name: Downloads + url: 'https://www.couchbase.com/downloads' + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + spec: + deployments: + - name: couchbase-operator + spec: + replicas: 1 + selector: + matchLabels: + name: couchbase-operator + template: + metadata: + labels: + name: couchbase-operator + spec: + containers: + - command: + - couchbase-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: 'registry.connect.redhat.com/couchbase/operator:1.0.0-1' + name: couchbase-operator + ports: + - containerPort: 8080 + name: readiness-port + readinessProbe: + failureThreshold: 19 + httpGet: + path: /readyz + port: readiness-port + initialDelaySeconds: 3 + periodSeconds: 3 + serviceAccountName: couchbase-operator + permissions: + - rules: + - apiGroups: + - couchbase.com + resources: + - couchbaseclusters + verbs: + - '*' + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - '' + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - secrets + verbs: + - '*' + - apiGroups: + - '' + resources: + - persistentvolumes + verbs: + - get + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + serviceAccountName: couchbase-operator + strategy: deployment + maintainers: + - email: support@couchbase.com + name: Couchbase + description: > + The Couchbase Autonomous Operator allows users to easily deploy, manage, and + maintain Couchbase deployments on OpenShift. By installing this integration + you will be able to deply Couchbase Server clusters with a single command. + + + ## Supported Features + + + * **Automated cluster provisioning** - Deploying a Couchbase Cluster has + never been easier. Fill out a Couchbase specific configuration and let the + Couchbase Operator take care of provisioning nodes and setting up cluster to + your exact specification. + + + * **On-demand scalability** - Automatically scale your cluster up or down by + changing a simple configuration parameter and let the Couchbase Operator + handle provisioning of new nodes and joining them into the cluster. + + + * **Auto-recovery** - Detect Couchbase node failures, rebalance out bad + nodes, and bring the cluster back up to the desired capacity. Auto-recovery + is completely automated so you can sleep easy through the night knowing that + the Couchbase Operator will handle any failures. + + + * **Geo-distribution** - Replicate your data between datacenters to move + data closer to the users who consume it and protect against disaster + scenarios where an entire datacenter becomes unavailable. + + + * **Persistent storage** - Define persistent network-attached storage for + each node in your cluster to allow pods to be recovered even if the node + they were running on is no longer available. + + + * **Rack/zone awareness** - Tell the Couchbase Operator about availability + zones in your datacenter and let the operator take care of ensuring that + nodes in your cluster are deployed equally across each zone. + + + * **Supportability** - When things go wrong, use the cbopinfo tool provided + with the Couchbase Operator to collect relevant data about your Couchbase + deployment so that you can quickly address issues. + + + * **Centralized configuration management** - Manage your configuration + centrally with OpenShift. Updates to the configuration are watched by the + Couchbase Operator and actions are taken to make the target cluster match + the desired configuration. + + ## Required Parameters + + * `authSecret` - provide the name of a secret that contains two keys for the + `username` and `password` of the super user + ([documentation](https://docs.couchbase.com/operator/1.0/couchbase-cluster-config.html)) + + + ## About Couchbase Server + + + Built on the most powerful NoSQL technology, Couchbase Server delivers + unparalleled performance at scale, in any cloud. With features like + memory-first architecture, geo-distributed deployments, and workload + isolation, Couchbase Server excels at supporting mission-critical + applications at scale while maintaining submillisecond latencies and 99.999% + availability. Plus, with the most comprehensive SQL-compatible query + language (N1QL), migrating from RDBMS to Couchbase Server is easy with ANSI + joins. + selector: + matchLabels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + labels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"dynatrace.com/v1alpha1","kind":"OneAgent","metadata":{"name":"oneagent"},"spec":{"apiUrl":"https://ENVIRONMENTID.live.dynatrace.com/api","args":["APP_LOG_CONTENT_ACCESS=1"],"image":"registry.connect.redhat.com/dynatrace/oneagent"}}] + name: dynatrace-monitoring.v0.2.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Dyantrace OneAgent monitoring agent + displayName: Dynatrace OneAgent + group: dynatrace.com + kind: OneAgent + name: oneagents.dynatrace.com + resources: + - kind: DaemonSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for the OneAgent to connect back to Dynatrace. + displayName: API and Pass Tokens + path: tokens + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: Location of the Dynatrace API to connect to, including your specific environment ID. + displayName: API URL + path: apiUrl + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Specifies if certificate checks should be skipped. + displayName: Skip Certificate Check + path: skipCertCheck + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanCheck' + - description: Node selector for where pods should be scheduled. + displayName: Node Selector + path: nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:Node' + - description: The Dynatrace installer container image. + displayName: Image + path: image + - description: Define resources requests and limits for single Pods + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: Dynatrace version being used. + displayName: Version + path: version + - description: The timestamp when the instance was last updated. + displayName: Last Updated + path: updatedTimestamp + x-descriptors: + - 'urn:alm:descriptor:timestamp' + version: v1alpha1 + keywords: + - monitoring + displayName: Dynatrace OneAgent + provider: + name: 'Dynatrace LLC' + maturity: stable + version: 0.2.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAANcAAADKCAMAAAAB6yXCAAABsFBMVEVMaXEaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhq03AAaGhpzvigaGhoUlv8aGhpvLai03AC03ABzvihzvihzvihzvii03AAaGhpzvihzvii03AC03ABzvii03AC03ABvLagUlv8Ulv9vLai03AAUlv9zvihvLagUlv8Ulv8Ulv9vLai03ABvLagUlv9vLagUlv9vLahvLai03ABvLahzvihvLai03ABvLahzvihzvihzvigUlv8Ulv+03ABzvihvLagTjPNzvii03ACx2wRvLagUlv8TkflvLagUlv8Ulv8Ulv+03ABuj0tiJZtjJpyUzC8TjPRsiFBzuiuu2gmv2ghCpq5jtX1zvii03AAUlv9vLagaGhoShOpZH5FeIpcTjfQSiO87mq9tl0JjsHWMxjpmb1xgR3dpg09bKYpjW2lxtS5cIZRuLKcUlPxPpZISh+5pKaIcitthUXCg0RxuoTtwqzVaIJIwlb6WzCsShu1gI5hkJpxoKaF4u1drWHtfNYZdIpVsK6VrjUlnKJ8Tkfqq1w4Tjvag0h2CwUgeme5QqZcTivFttmaCyVeZAAAAWnRSTlMAoCDQ8GAQwIBA4DCAsEBQQHDA8EAwgPDAEJDQEKBgoMAwQMCAgNAwYKBg8NAQsNCg8BBgIHAwUJAgcHCwkCCQ4OBQcCCQ07Bw3OCwUOBQuHA87zz41qb4bYKEG2nxAAAACXBIWXMAAAsSAAALEgHS3X78AAAHSElEQVR42u3bd2PTRhgHYG1ZHjh2nIEhjuPEzDSFQkrCKrN778qxQ5sABUoZpXvv3X7l6jRPp2ENNzqL9/cHSWxZd4/G3XsiYRgIBAKBQCAQCAQCgUAgEAgEQnsarXJDS75Q63OTPTvn2u25cvnFHBhbmMqVc+2V8urYAlu9odF96+PFWu1Fzr52udXYPR6suV7cTLYvr1Kvi8+ydeXWev5YOm0BWDuZ3Sv5ZO1Lw9pnsvbmjGUOiPPT+WSp0zlk7T2tqrNUsRYmR8Hao1LmSsdawViqmhvWHIOz1Jyy1F3ULI1HwZqyWNS4Wr1RsGYslnoqD6xVD4uSCSwdq+VlqfP5ZFExgZVHwTrhYql7xny5ZbEOqETGfBXZCGCp481aCGKpU/lkZTsxj2bNf8aHpZ7IkvVkUJe/fLXdbq+Uyaxor7YnCda8HyvLiZlgfXL9+rVr97a3v9jUcjH8k41Gq7wexsrSddnwIM729oNNVy5G3UkAK8OCo6GZfvtue9M3r6VkZVhwvNnr/flgMyDRdrF3VqXP9VbvHhJ8tbX1npOtra370V3TgazsCqmF3r+b93//dcMvd59J7cqs4Gj88c/djaAsjq/rnb83NtK6TlDoevuvENeRaPvYFeLKqpCaCGFtLIELXBS4DqV3TdPomhhfFwMucD0ErlkaXftz6mLARZ1rOaeuxfSuUzl1ha0rz+fUpYJrtHkip66l9K75nLpmwbVzOZS+7qXSNZHedT6nLvUhdM1k5WJSr78uhblO0+c6/Hz6cj7D/zgPZEVcLdO5TAksECOzwpYpM1O0uSzWWr2+1u1e6HQ6x/0//srLL1HJYp4LYx3se1I38iz6/grKTSpZvoXU8tlAliufI9dVKll+ruXHorH67yLXp1SyfApEk/VIvR/JFfCbABmzvAWHxXq0H8l1y5+V+d9I7U/O0l036GSRE/ORGCzd9TGlLMbvVwCisXTX+5SyXE98TdbjR/uRXd7p6zQdf3+4mJilu67S87t5QU/a4rJ0121KWc7E/HRclu6ilWVPzOZvNXSis5DrBq0sa2I2Wcf6/ViuD2hlMWcTs/ofEsP8AYamJGb1ieGQLhbzwsbhiUQs5PqMWhazaK0iuzFZd1zDIW0sZml/xOUWmY/w4ZA6lpXYrP63znA4sys/rP439nCY9eJ4pKz+19ZwSC9rLQFLm75uUc7SVlydkwfr8Vg/mZchzSwzxzvd6Lpfrty6TcMTmjjnrlsfvmL+8crP1CyO4528k92n6keDZ6+bY8nCfBe63Tp5Au/8gMbCM+PLcgk7x7rdtbqG/P51VX3jzCUGAoFAIBAIBAKBQCAQCAQCCYg8GBRS76QwGMjgAhe4wAUuf5eiZ2cxClscOCkwVe1fCd9AEgYDUf+mVhHQNnzT7qJifU6Qa5ztMmLqOFYwX8DfLFZErBGx4vTBaLMmm02VkqlK8sAV7XxpTdTwTUSt1+hrTXA2kznCZX7W66oO8B4XsM0FqxUFP7C6q4A3JSVh6TsoykYEvW9N7TARVyerfWGN4yzzRqdK5mExwjuSAjp5KE3rZJs/o3dFc3tDwlrHDeuDbDfFyzLeVJzorRY49/3Faa9huzJ/rKG2jWunWhkQdPQiojU99xfqdM2vZVEw3ymhrhfwk4Ka4kXjuLE+TUW6x41bxzVuyNaR1GOePq0bvIT3ViR3hrQc6WIDR0eJN67viueMaE1VmNCmhqXoElgu64ayt6kZtwnn2rLid/JrpCtkiEUnqspInn5rTQlSeFPD4r7irE7YA6B130t6byvutgeevTX1bSK7GB69p3j25G1KiDvEE/u0OoFfPBXjlBbc/VP8XKL+seiugumSPdfz0KaSuRTnopP0iyWaSxmNS/7fXOieKthjU5EJdUmKlVokF2dvzwa6WEXB9zoyl6VxhAEupeKe1oe5qjxZBvi6yIzKxZlXn3NF+rtEsgNDXCy5/Q67rNHCGUF8XZxZFjhFR7hLr7rszeVioKsouzMylzm6OyO+rwuVTEqMcUM7WkUu7riRpJQPdDEGyJmhfV2yUTlFdgnm1Z2hy6ieeLseCXJV47jcNUvE+StJ/OsNu9rFKuAglxLT5Td/hdcbSeJfH1pFThNbsUQ5X4WY56uJ3vPWh6K7Pky4Zsd3iteFaO+Cs8aIcn+x+oF25j6/+0sk60NvPS8JqU+Yvv5irZKJxY+nZMwcUpgLHRbFtWyqGWU6GzgeYoSm8Wlj/UXcdwO+mgqGr5exZxL2HMoyYS6OWGwb1w/vrJBLblcVn+/Q9sUh62U9YiKYa3bnJXfXndsnWr0hOsdKjxJeb5gnz/t8o+l9bJLgeZRVs/Gu1TgaVIpMuMtdH1ZK5BMoJaw+FFj74hNZ4nkU15TTusIGywJeheO3gOQ8DrTqc86naPcb1kpK8Hs78lyRGJXzEpa+59GjiCQkeA40BhHjPy4Zi7gfIuYmxENfCAQCgUAgEAgEAoFAIBAIBJLX/AcIuMeF+5wRowAAAABJRU5ErkJggg== + links: + - name: Operator Deploy Guide + url: https://www.dynatrace.com/support/help/cloud-platforms/openshift/full-stack/deployment/deploy-oneagent-on-openshift-container-platform/ + - name: OpenShift Monitoring Info + url: https://www.dynatrace.com/technologies/openshift-monitoring/ + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + spec: + deployments: + - name: dynatrace-operator + spec: + replicas: 1 + selector: + matchLabels: + name: dynatrace-oneagent-operator + template: + metadata: + labels: + dynatrace: operator + name: dynatrace-oneagent-operator + operator: oneagent + spec: + containers: + - command: + - dynatrace-oneagent-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: >- + registry.connect.redhat.com/dynatrace/dynatrace-oneagent-operator:v0.2.0 + imagePullPolicy: Always + name: dynatrace-oneagent-operator + resources: + limits: + cpu: 200m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + nodeSelector: + beta.kubernetes.io/os: linux + serviceAccountName: dynatrace-oneagent-operator + permissions: + - rules: + - apiGroups: + - dynatrace.com + resources: + - oneagents + verbs: + - get + - list + - watch + - update + - apiGroups: + - apps + resources: + - daemonsets + verbs: + - get + - list + - watch + - create + - update + - delete + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - dynatrace.com + resources: + - oneagents/finalizers + verbs: + - update + serviceAccountName: dynatrace-oneagent-operator + strategy: deployment + maintainers: + - email: support@dynatrace.com + name: 'Dynatrace LLC' + description: > + Install full-stack monitoring of [OpenShift + clusters](https://www.dynatrace.com/technologies/openshift-monitoring/) with + the Dynatrace OneAgent on your cluster. OneAgent connects back to + Dynatrace's hosted monitoring tools. + + ## Before Your Start + + 1\. Make sure to install the Security Context Constraint (SCC) in order for + the agent to properly monitor all aspects of your Pods: + + + ``` $ oc create sa dynatrace-oneagent ``` + + + ``` $ oc adm policy add-scc-to-user privileged + system:serviceaccount::dynatrace-oneagent ``` + + + 2\. Add a Secret within the Project that contians your API and PaaS tokens + + + Get an [API + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens) + for the Dynatrace API. This token is later referenced as `API_TOKEN`. + + + Get a [Platform-as-a-Service + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens). + This token is later referenced as `PAAS_TOKEN`. + + + ``` $ oc -n dynatrace create secret generic oneagent + --from-literal="apiToken=API_TOKEN" --from-literal="paasToken=PAAS_TOKEN" + ``` + + + You may update this Secret at any time to rotate the tokens. + + ## Required Parameters + + * `apiUrl` - provide the environment ID used in conjuction with this + monitoring agent in the API adddress, eg + `https://.live.dynatrace.com/api` + + ## Advanced Options ## + + **Image Override** - use a copy of the OneAgent container image from a + registry other than Red Hat's + + + **NodeSelectors** - select a subset of your cluster's Nodes to run OneAgent + on, based on labels + + + **Tolerations** - add specific tolerations to the agent so that it can + monitor all of the Nodes in your cluster + + + **Disable Certificate Checking** - disable any certificate validation that + may interact poorly with proxies with in your cluster + + + For a complete list of supported parameters please consult the [Operator + Deploy + Guide](https://www.dynatrace.com/support/help/shortlink/openshift-deploy#parameters). + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: mongodboperator.v0.3.2 + namespace: placeholder + annotations: + alm-examples: >- + [{"apiVersion":"mongodb.com/v1","kind":"MongoDbStandalone","metadata":{"name":"my-standalone","namespace":"mongodb"},"spec":{"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbReplicaSet","metadata":{"name":"my-replica-set","namespace":"mongodb"},"spec":{"members":3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbShardedCluster","metadata":{"name":"my-sharded-cluster","namespace":"mongodb"},"spec":{"shardCount": 2, "mongodsPerShardCount": 3, "mongosCount": 2, "configServerCount": 3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}}] + spec: + displayName: MongoDB + provider: + name: 'MongoDB, Inc' + maturity: stable + version: 0.3.2 + keywords: ["mongodb", "database", "nosql"] + maintainers: + - email: support@mongodb.com + name: 'MongoDB, Inc' + description: | + The MongoDB Enterprise Kubernetes Operator enables easy deploys of MongoDB + into Kubernetes clusters, using our management, monitoring and backup + platforms, Ops Manager and Cloud Manager. + + + ## Before You Start + + To start using the operator you'll need an account in MongoDB Cloud Manager. + + * [Create a Secret with your OpsManager API key](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-credentials) + + + * [Create a ConfigMap with your OpsManager project ID and URL](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-onprem-project) + + + By installing this integration, you will be able to deploy MongoDB instances + with a single simple command. + + ## Required Parameters + + * `project` - Enter the name of the ConfigMap containing project information + + + * `credentials` - Enter the name of the Secret containing your OpsManager credentials + + + ## Supported MongoDB Deployment Types ## + + + * Standalone: An instance of mongod that is running as a single server and + not as part of a replica set, this is, it does not do any kind of + replication. + + + * Replica Set: A replica set in MongoDB is a group of mongod processes that + maintain the same data set. Replica sets provide redundancy and high + availability, and are the basis for all production deployments. This section + introduces replication in MongoDB as well as the components and architecture + of replica sets. The section also provides tutorials for common tasks + related to replica sets. + + + * Sharded Cluster: The set of nodes comprising a sharded MongoDB deployment. + A sharded cluster consists of config servers, shards, and one or more mongos + routing processes. Sharding is a A database architecture that partitions + data by key ranges and distributes the data among two or more database + instances. Sharding enables horizontal scaling. + links: + - name: Documentation + url: 'https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/index.html' + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAH8AAAB/CAYAAADGvR0TAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4ggYEhkp9JVi8gAAFENJREFUeNrtnXmcVeV5x7/Pe86dGUZQUdwAo4Kaam1cUAdm3DAYl1ZjmmhMYkUlkMYtMVVrVExqY7q4oabNp6EuMdpEq8ZGpf1oJCbKJgxqlWiIgIrACCgimwJznv5xlvue5d65dxjsvXPP4+d4t3OB+/7e37O/7wsNKhdNv9iZ8uqNQgOLadhfLnLA7CV/OOrT/3JMDn7D/XDh02s3bRr/h4ufz8FvNOnu1s9v2rL5/EZW+06j/eCJT09i1Pijdhb46ZpNGwa4Jw4x7097+9mGtHyN+KMn/fob/yyYK998byWLV727FXQPgfcXXjIjV/v9Uc7/nwkATHhq4t+q6pWKUjAOgroCf73wkhkc+KOOnPn9dwJceIkx5k6DwRjDyg/XsmD52+Eg7LHwkhkrc+b3Izl32nkAnDftgkcV7kRBUVQVxxhAw1ufOfBHHaaR2N+vwf/KE+fS7W0Z8LVp5z2t6BcIQPfhViSu9w4BLlt4yQxG3NmRg1/v8vO/uB/EmY3qOFDUC3iuiiq4xsHXBOAB3cptI+/s+KvFl87ggAaYAP3S5n/pV18WjNnBUZllxBwiAo44CIIYgxHBiMP6jzcxd8kixFIBAp7AV/546YyHcubXoXy03gVPf6noIaGS93xLT6DxAcU1DhIMQngJGFUe3P+OjhMB9r+jI2d+PciZj30JcUWkW6Yb5AQxBgeDiGCMYDCIBMw3ho82b2XOooUx5lviASe9cdmM6Tnz60AeO/NhdKveBHqCRgh6Edsjex+8doz0RIxn9r+j41BfA7TnzK9VGff0WbSu964V4QdGDIJgQpYHjyImYL/giKFblecXvo6RcsOgHrDHG5fNXN3fwHf7yw9pWbe1DZEbQNBoVvvPNHxHFSR8D1Q1dp/lECS14//uf0f7/t3CRuPBom/NzMGvFTnl4TP2VHS2IqAB3AKqgieKo4IHGAkifFVUFNcxKIogKdA1/rgXMGvJpTMPzW1+jcjJD5/u2y7hwZDJSRB9WIvve9FzP9YPX3kUn2vxFqR4fWbk7e33Aoy8vX/Y/7ot6Y576DSePutJTn749O+DjAd82y0SZe5EAk0QvCcUH0FA4K33VvvvV/bXHrbLqXu/suhbM1/LHb7/RznxodMwyJ+ImFccEdd36ASDH8b5Dl8Q3gVhXuj8SfC+4zg8+9rve3D40h4gMAp4sd5tf92q/elnT0PR/0Q914spdgJ1roE61+i1F5mAwMUT6S1h7u8PTl/dgj/2wVNvVThEAzx8e2/bdBJef2jMLd9Atbd//cEjb29/LAf/E5ZjfzGK439xyi6q+o2wQqfqUXT4Am8+8Nw8y7FLagXdtn/K50dMaT8OYMSU9hz8T0KeO6cTD+9nCq2hCbYJrBnPovvs/H4vma9avICHARZ/e2YO/ichHf9x0qkopyVr82GDBpE2KDZtqHWvhpogeL+lUCgJbtaVkN1GTGmfmqv97SyjH/hsyNfvpZMwCdWeUuqhdogS/CXB7oWcO2JK+3Bf/Y/Jwd8eMvtrzzD6gc8eC9rmqaXC1c/RqfoFHE81075HvgCWBthWq+//qS2gj+bM386i8IiStu+R8leNWXjb67dDvMgxrBp8zbgAOGrElDFfWPztWTn4fS2j7h/LkQ+ceKaiu0VAaqjOk2zGsvvF19ZDZPfRLPi1zFVWrgUYeduYHPy+ksPvH0vnub9B4W+8BGsjSGL2PAGVxplP4vt+Sb9igKMsjxDL+yPKqJG3jTl50eWzcvD7Sl489zccdv/Yg1T1mBg3LeRDhnuZXr+t/hNaQqHgOj1CngQ7OU+s4tCjAPvVCfvrQu2r6r1gVd80bs9Dey+AemrX7YqRgGrC69fIfJRgcnRF0YD1b7Avay607nfbmDPZsiUHf1vlT+87nkN+dsLexTRu3JVTjSduvIR6Twd8dhRgpX9LMzle6q3EMKheseSqeex36+gc/G2RBef9FlRPUWj1U7aaAEIDmy4Z6t1iOxpL+GA5gl4Gm8uC3HMWqGO/W0cftuQ7s3Pweyv73ndcyObJIavjSRvbU/fifrpGjVsxb59EgFecPGWZ3Jss0L/Wg9qv6Xr+gfcd1+bAbCeozTviPwrghvV6kUSzZrGG74hBwH8UgwiEzZ2OGFzH4dW3l7Fu00d9NhDBn7MROBh4a3ENa4CaVvuiXBxT82qHepbXL/HQL5b0EUmVedmGDJ/0cAXSCpyyuMZVf002cI786bEItCi021k5FX/4QxstqsWmXJGiLRcJ7vcfRSRKBdjNnapUFOb1LkJhMvBvuc2vUhaNfw6FQQojwyXVWM4YqjGvH5VEsVaLqd6MeN+2/64xlTA5Ow9ouQJe4lIYtu8tozty8HshnuqXvXj1naxcnP/cSyV80l4/VnJHoySPY6RH+kehnw2uVhT+fScHv3dyeXzwNeq/KC7FSoIdDwND0KP2bdUMSONM9rJY3Pty75H73jK6NQe/CtnvnvbBqowopmxJlWHTGkFT+Xs0I0ljN3daKrsS+98L+RSwRw5+hTL87na6VcbZ9hrNAFATmT6NR/Hx9K4mcoPxhVzbK4YOUsaX5uBXKO9cOBPfyy9n7232B80cVi9fmA3ESvhkNXdq34CbeVnz7KIc/OrkzzwbSEtd26ocqy+PhJOX8vpJN3d621DGreKrzfvc3HZYDn6lMTJ6UBHwEKSMjpykVlAt7fVnNHdGwEp5FvcMdrF+4GVcwMn73NyWg9+TDLtrtKMwFEpU5EJHzvrQixie5QymJ0LsDnuVZkUTMwvsHhVBx1tXzMkzfD1JNzLWsRmugooPsETZPcW/R2IFHN+DV8LQXVRRMUEKMPxMYgma0kxOmgoyzEdFmT6Aw3O1X5mM1WTEZoVu8UZMUmVem9BRCZdkG1eyEuBFXUAVMrks2BlFwOH73tS2Yw5+z2p1XFaRxqvI609z1s7yxU2HWhpfKmZ0T+X80DE0iQs4Kwe/Z/APTa6viK27s7J1ttdfbXOnJl35KsEtBXJ2TUABPSG3+WVkt7vaBgEFjaJ38JDAvqeZLyWehyAhQf+eiNXNE34mUcyvHiWrOJKeHxW7hQk5Jge/7JjJEBXfsfMiFoWUlcBpI3Lo1C7hkiz9UtxtJ6jrq6eokZRLJ71SgVrFXYL6qd5c7ZeRnYNwO8bwLAcs+VnKS1dKNnfaWT9T0ZYsPS/gKH4ieMHVHT33P9v7prYhOfglxIMhsZ46jdttuxQbX2xZfXNn2LpdcA3lV+lkAV0EtzsGspSLFATIwS/DsB2ChFtmNi9ksO39q/auuTMxfcpyPQ10hUo/mUhQHZTb/AwZPLUNYGcPMBQ3SkRBRYNuHX9m+EkeuyYnMTNgYuz3k0Rhy5f/OnQnQ21h+mKnDog2dSw5AXbJmZ8haybOQWFgejPEeMq2VJnXs5o7PXvcJavM62f7wnu9Sku7qki5q/y3BRiQg196bAfGnTVSS6/CnL5nq2dNLse2l2dZSR6NL+UuklIqA3vbf2IhB78MO7I8+hAkz4/YYuCFyzPC1TZZzZ3JvF9sJU/vmdwbGZiDX1r20MTOKWECx4uFcHFVrclevNhzDxL782BNKlNFzN7LjKU9iWtqkUxNJXkUXS+RI1bcDtlDMYHjpgkl7QXungabK4f7Knqov8LW2mhRk16/KK5r+gTgWGhaJ1Jj4LNOiDdlSjHHl1nmdaLPLc/fXqhhfU+iFR69a9hUa+ZplQpDtq+CqX/wSXFeLIb7QHsKjhAu0wlCQaxVPFb6N4rrJbg1SPwE6/3K9fFpKSZrDwCXvFcBNufgl5bV9vq7MMZPTweNGjnsoo79WTSVxAT2XvxCj81+wDHGdyQrZW85nd+zfJQ7fGXC/axxTfbc99Tc6VmsVs06REGjtK+UOGcnc+lWun+cKto+FFifM7+EeMqHRgJeBupcokRN0fe3tYOHX5zRmMkAzQKagP1Blg8tbuci2Wq6r2Vdzvwyah8oEcRlLbDKDKeKmoH4Hj6aTA6FMWTyeI3t55mtzcEvLe96mraimuq5tdV9Vmt3Yv+9jOROBLZsH7AzNm9SD97PwS+lEye9sCL8N6l1SEKsBaua5s4UlzXe3FltvFYZyLGyrtX7Lx6szMEvP5wvJ7N0sRi/THNnvAwbP1ghy2RUw/keQSZ74YclH6y4eu7WHPzy8lRy1L2kzdf4ku2wuTOaJJa697dlIb7lOumNmtKTJ35FUUCPK3pKNoXU3LGstQj+Q1piG1UyGJ+eFOk0bkyD2Dt3EqzBz4CqsrV5Ve3P+1QOfo92f+48YItmeP3pHn57V83k2XiasXmTvcwqDPO0t0yu9qf9Mge/Uruv2RF3chdNz8rwkfAPsvbwKf4hyZp+KTb3TYj3znfnrRr+D0fm4FcgL0SJnxJePwn7H2/uJHHAAtnNnfKJxfevArzz3Xk5+OVk0E+OAvh1qbNtyYj9yzd3SvxbGt+fY/NWb/vpr+JKn85aZFgt2nyAx1KAa7H33o6hY15/LOGTbACLO4ihryCS7BDoE7CT5mR6Dn7lE0CBB2MnY2Tw39um5s7q9+Cs8uQtW57Mwa9ObshKxKQOTbK47SXUf1ZzZywrCGwtofarBLec/Peya+ZtzcGvzu4vAV2qatvrDJ/cbu4kq7kzWeaNr+CNFmv2DdBZ8v1aZVetqn3WTZq7ybaVqdCbnps7S63vKzqF2tdAJ2UVsGDYD4+sSfBdaluuBh0fdubYnTqVNHfaZ+l4QStX6Cs4wfKfrVs9ZPv11M5fds28DTnze6H6102a2wU8mqnuS2yhni7zxhs8U3F/H1O/mBZWgB/WMrNqFvx1k+aGtv8GoDt5nl6m1x9L4JMq83qprKHS3e31GdhiOQ0Kbyy7Zt7vht84Kge/97LlZdClWXbf9vq9MsmfeEtXMczzAM+rDtwkyF54kSr1XgHwzrWdNTuyQh3IoJ8cdQzIc0b83nuDf7iC/drgvzYIjpHgeBWJ3ncQRARXgvtFcI1h2dtr6e7W9IBoOrNQhYFYA4wAPlhew+CbOgCedZPmPg88kQJBExk7SLR3pb38ZCa/e4sXi/GSTK66P9e/bll+bWdNA19HzD8a4EgR5orFcqF44FLI5kgDBIctOYGWcAIN4QQHNUnwuHTxB7339rNnxOrl13XuVg/jWhcnaq6b9ALrJr0wT5VfJcc9eyl3afarlfDxVCtlcjXl/OupE6mrI9SBs4H3SjV3UqK5UxNef/i1yNb3Sa8GAB8CU4f+YFRdDKZTT8hvfnxZd8sZwzYDp/gLMHwTQGACwv31JEjoiP+/xD3BcxG8bmXj2s29Nn4Zq3qOX35d59J101fkzN8esnbiC1OAWSFjk2pd1Gr7DmieLvMG3+khxq/wDL3w739i2XWdc4bVCevrEvydph4N8OcKG8s1dybbvWJl3lDtJ1ZoVnKsWtbqoOCMnosBll3XmYO/ndm/RtGrifFZMxI6JZo7g46eJnVioGeBXOqkrcT6/jNWTO58e6+/H1VX4yj1CP5OU49m7cQXGDy17QGBrxoJbHxWwkfEP1c3CgWLCZ8dNxZYvPK9aCMH6d3OGtMFxinoismdOfifhAT79g0E3jbCYBMAKhG4xcfoEGYER8LJIQzd0MpLq7p8h7B3of1moKVrcqfW4xiaegV/zcQ5rJk4Zz1whMLmrNZtteZ3uA9nsblTGZKxLV7lob0CjO2a3Kl71pm6r3vwQ/avmTjnTYGz00uxrJbu1N59/n+70lqy8aOcqxcUiW/smtw5E6CrztR9vwB/zcQ57DK1jfe+Pue/QCfan3lJniaaOz1gT7NDopOnCK4Em7IaDS+iS5Qfd02ef92QG4+o5+GrryRPlmx6fBm7/nsb7319zvwdzhg+FGFUmPAJfYAw4SPi+/Xhhk0dW4ay6OP32aAfR/UB0R5P0J4DfHHQ2L303cnz63rshH4mQ+4a/YhB/jL0+p0gCnCCvXfcwPFTUa7aeDRPbvgjszYsrdTpWwAcvvz6+Vv6w1iZfga8rJ4w+4vA42o5eGGyx473W9XFxfCZAXvSXaLAkzjQ4RWFY/sL8P0O/NUTZuvud41h5YRZZwC/S2b2bH9gL28gHsrQwo4MMG7ZjReAJQptmtgtrN7FpR/K7neNoQXGfgyPKZxerAKGXb7K8O5BYPxunt0Lg3hnc8m9kuYDY7uun7+pv42T6W8/aOWEWaycMIuPwevyNcDP7eSMBrt47OPthAq4jsMRA4exVb0spf8ydI+mxrZQy8HvQbomzGLoXWNYPmHmVxWuDIEHKOAwmBbECCKGk4ccxGB3QBTxB3H8j4FRXde/vKXr+vmag19nsnzCLIbd3c6yC2feDHxToRtgR68JFx94YwweylUjPkerFEB1M8qVXde/eBHB/f1VhAaSfe7p2FeQBQfozq3neAfhOAWaCk00NTXT3NyCNLXwT68/fvBzl097ba+/O5wV33uxX4+HaRTgP3V3B29dMOPNN2X50GO6h/mt38ZEl2NcWp3Cxc9dPu21S+/5Zr8HvuGYH8rUqVfc6zru+EKhiaZCE81NLTS3DFjluk0HGnE+OPGkCxtiHNxGBN8x5hERM96IwTEOxnEwxv39uM9N/KCRxsE0IvjGOAuNMVt8le/gOC6OcZ9tuHGgIUWXGuNsdYyDBPbecZyXcvAbQM6/4B83OkZWi3FwHRfHdTGOuzQHv2FUvzsj8vSdAq5bWJGD3zDgm07HMRingOO67DBghw9y8BvH43/diIPruriOi1tokhz8BvL4HccNVT5OoUAOfqP8cMdd5YPv4LpNFNzmHPxGkTPOvHyN4zg+8wtNNLe05OA3GPspuAUKhSYU2TkHv4Gk4BQ8t9BEU6GZ5qbmQTn4jeTxu4WX3EKBQnMzheaW3XPwG0Se++0DtB97zqjWloG7NhVa7m5pGjCYXBpHXlsQ3wZ/w/plDfX7/w9sJTyL9hMvGQAAAABJRU5ErkJggg== + mediatype: image/png + customresourcedefinitions: + owned: + - name: mongodbstandalones.mongodb.com + version: v1 + kind: MongoDbStandalone + group: mongodb.com + displayName: MongoDB Standalone + description: MongoDB Deployment consisting of only one host. No replication of data. + resources: + # FIXME(alecmerdler): These are probably supposed to be different resources for the different CRD configurations + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - description: The service where the MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - name: mongodbreplicasets.mongodb.com + version: v1 + kind: MongoDbReplicaSet + group: mongodb.com + displayName: MongoDB Replica Set + description: MongoDB Replica Set Deployment + resources: + # FIXME(alecmerdler): These are probably supposed to be different resources for the different CRD configurations + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Number of members in this Replica Set. + displayName: Members + path: members + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - name: mongodbshardedclusters.mongodb.com + description: MongoDB Sharded Cluster Deployment + displayName: MongoDB Sharded Cluster + group: mongodb.com + kind: MongoDbShardedCluster + version: v1 + resources: + # FIXME(alecmerdler): These are probably supposed to be different resources for the different CRD configurations + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many Config Servers will be deployed + displayName: Config Server Count + path: configServerCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many MongoDB Servers per Shard will be deployed + displayName: MongoDB Servers per Shard + path: mongodsPerShardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: How many mongos will be deployed + displayName: Mongos (MongoDB Shard) to be deployed + path: mongosCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: Amount of Shards to be deployed + displayName: Shards + path: shardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - description: The service where this MongoDB deployment will be listening. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + deployments: + - name: mongodb-enterprise-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: mongodb-enterprise-operator + template: + metadata: + labels: + k8s-app: mongodb-enterprise-operator + spec: + serviceAccountName: mongodb-enterprise-operator + imagePullSecrets: + - name: '' + + containers: + - name: mongodb-enterprise-operator + image: registry.connect.redhat.com/mongodb/enterprise-operator + imagePullPolicy: Always + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MANAGED_SECURITY_CONTEXT + value: 'true' + - name: OPERATOR_ENV + value: prod + - name: MONGODB_ENTERPRISE_DATABASE_IMAGE + value: registry.connect.redhat.com/mongodb/enterprise-database + - name: IMAGE_PULL_POLICY + value: Always + - name: IMAGE_PULL_SECRETS + value: '' + + permissions: + - serviceAccountName: mongodb-enterprise-operator + rules: + - apiGroups: + - '' + resources: + - configmaps + - secrets + - services + verbs: + - get + - list + - create + - update + - delete + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - mongodb.com + resources: + - '*' + verbs: + - '*' + + packages: |- + - #! package-manifest: deploy/chart/catalog_resources/certified-operators/couchbase.1.0.0.clusterserviceversion.yaml + packageName: couchbase-enterprise + channels: + - name: preview + currentCSV: couchbase-operator.v1.0.0 + + - #! package-manifest: deploy/chart/catalog_resources/certified-operators/dynatrace-monitoring.0.2.0.clusterserviceversion.yaml + packageName: dynatrace-monitoring + channels: + - name: preview + currentCSV: dynatrace-monitoring.v0.2.0 + + - #! package-manifest: deploy/chart/catalog_resources/certified-operators/mongodb-enterprise.v0.3.2.clusterserviceversion.yaml + packageName: mongodb-enterprise + channels: + - name: preview + currentCSV: mongodboperator.v0.3.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_08-certified-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_08-certified-operators.catalogsource.yaml new file mode 100644 index 000000000..77cdb1ff6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_08-certified-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_08-certified-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: certified-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: certified-operators + displayName: Certified Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..035e4e8f4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..6dc85be95 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,46 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + image: quay.io/coreos/olm@sha256:1639d570809c5827810a1870763016e8c046283632d47e0b47183c82f8e515f2 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..770177536 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,41 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - openshift-operator-lifecycle-manager + image: quay.io/coreos/olm@sha256:1639d570809c5827810a1870763016e8c046283632d47e0b47183c82f8e515f2 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..e91d70cb0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,26 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_13-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_13-operatorgroup.crd.yaml new file mode 100644 index 000000000..995ab2e07 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_13-operatorgroup.crd.yaml @@ -0,0 +1,86 @@ +##--- +# Source: olm/templates/0000_30_13-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + targetNamespaces: + type: array + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - namespaces + - lastUpdated + type: object + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_14-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_14-olm-operators.configmap.yaml new file mode 100644 index 000000000..6f7dee9fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_14-olm-operators.configmap.yaml @@ -0,0 +1,128 @@ +##--- +# Source: olm/templates/0000_30_14-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.8.0 + namespace: openshift-operator-lifecycle-manager + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/packageserver + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.apps.redhat.com" + resources: + - packagemanifests + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + deployments: + - name: packageserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/coreos/olm@sha256:1639d570809c5827810a1870763016e8c046283632d47e0b47183c82f8e515f2 + imagePullPolicy: Always + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.8.0 + apiservicedefinitions: + owned: + - group: packages.apps.redhat.com + version: v1alpha1 + kind: PackageManifest + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.8.0 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_15-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_15-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..36190a949 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_15-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/0000_30_15-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_16-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_16-operatorgroup-default.yaml new file mode 100644 index 000000000..808fa53a6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_16-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_16-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: global-operators + namespace: openshift-operators +--- +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + targetNamespaces: + - openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_17-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_17-packageserver.subscription.yaml new file mode 100644 index 000000000..706c438f1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/0000_30_17-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/0000_30_17-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/04-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager +spec: + source: olm-operators + sourceNamespace: openshift-operator-lifecycle-manager + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/image-references new file mode 100644 index 000000000..232e3be22 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.0/image-references @@ -0,0 +1,11 @@ +##--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: operator-lifecycle-manager + from: + kind: DockerImage + name: quay.io/coreos/olm@sha256:1639d570809c5827810a1870763016e8c046283632d47e0b47183c82f8e515f2 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..99b60fb47 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_00-namespace.yaml @@ -0,0 +1,19 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + labels: + openshift.io/run-level: "1" + annotations: + openshift.io/node-selector: "" +--- +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operators + labels: + openshift.io/run-level: "1" + annotations: + openshift.io/node-selector: "" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8cedb3c2e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..3a8453efe --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_02-clusterserviceversion.crd.yaml @@ -0,0 +1,767 @@ +--- +# Source: olm/templates/0000_50_olm_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_03-installplan.crd.yaml new file mode 100644 index 000000000..c7b8eab72 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_03-installplan.crd.yaml @@ -0,0 +1,79 @@ +--- +# Source: olm/templates/0000_50_olm_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_04-subscription.crd.yaml new file mode 100644 index 000000000..24d3648b6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_04-subscription.crd.yaml @@ -0,0 +1,74 @@ +--- +# Source: olm/templates/0000_50_olm_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_05-catalogsource.crd.yaml new file mode 100644 index 000000000..c8a64bb13 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_05-catalogsource.crd.yaml @@ -0,0 +1,129 @@ +--- +# Source: olm/templates/0000_50_olm_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_06-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_06-olm-operator.deployment.yaml new file mode 100644 index 000000000..ee9318245 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_06-olm-operator.deployment.yaml @@ -0,0 +1,59 @@ +--- +# Source: olm/templates/0000_50_olm_06-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_07-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_07-catalog-operator.deployment.yaml new file mode 100644 index 000000000..b964ac382 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_07-catalog-operator.deployment.yaml @@ -0,0 +1,49 @@ +--- +# Source: olm/templates/0000_50_olm_07-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - openshift-operator-lifecycle-manager + - -configmapServerImage=quay.io/operatorframework/configmap-operator-registry:latest + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_08-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_08-aggregated.clusterrole.yaml new file mode 100644 index 000000000..1d07e091a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_08-aggregated.clusterrole.yaml @@ -0,0 +1,28 @@ +--- +# Source: olm/templates/0000_50_olm_08-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_09-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_09-operatorgroup.crd.yaml new file mode 100644 index 000000000..3bac32d2b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_09-operatorgroup.crd.yaml @@ -0,0 +1,96 @@ +--- +# Source: olm/templates/0000_50_olm_09-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - namespaces + - lastUpdated + type: object + required: + - metadata \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_10-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_10-olm-operators.configmap.yaml new file mode 100644 index 000000000..f6fa5111d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_10-olm-operators.configmap.yaml @@ -0,0 +1,132 @@ +--- +# Source: olm/templates/0000_50_olm_10-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager + +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.8.1 + namespace: openshift-operator-lifecycle-manager + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.apps.redhat.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + replicas: 2 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.8.1 + apiservicedefinitions: + owned: + - group: packages.apps.redhat.com + version: v1alpha1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.8.1 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_11-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_11-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..9dd95f069 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_11-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_12-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_12-operatorgroup-default.yaml new file mode 100644 index 000000000..fdb0ee562 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_12-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_12-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: global-operators + namespace: openshift-operators +--- +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + targetNamespaces: + - openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_13-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_13-packageserver.subscription.yaml new file mode 100644 index 000000000..1616e122b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_13-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_13-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/04-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager +spec: + source: olm-operators + sourceNamespace: openshift-operator-lifecycle-manager + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_14-operatorstatus.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_14-operatorstatus.yaml new file mode 100644 index 000000000..3b85c9a62 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_14-operatorstatus.yaml @@ -0,0 +1,11 @@ +--- +# Source: olm/templates/0000_50_olm_14-operatorstatus.yaml + +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager +status: + versions: + - name: operator + version: "0.0.1-snapshot" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_15-packageserver.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_15-packageserver.clusterserviceversion.yaml new file mode 100644 index 000000000..cab8e5c13 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_15-packageserver.clusterserviceversion.yaml @@ -0,0 +1,118 @@ +--- +# Source: olm/templates/0000_50_olm_15-packageserver.clusterserviceversion.yaml + +# keep in sync with _packageserver.clusterserviceversion.yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: packageserver.v0.8.1 + namespace: openshift-operator-lifecycle-manager +spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - operators.coreos.com + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - packages.apps.redhat.com + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.8.1 + apiservicedefinitions: + owned: + - group: packages.apps.redhat.com + version: v1alpha1 + kind: PackageManifest + name: packagemanifest + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_16-packageserver.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_16-packageserver.deployment.yaml new file mode 100644 index 000000000..7664342a8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/0000_50_olm_16-packageserver.deployment.yaml @@ -0,0 +1,54 @@ +--- +# Source: olm/templates/0000_50_olm_16-packageserver.deployment.yaml + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager + labels: + app: packageserver +spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/image-references new file mode 100644 index 000000000..d1bc19938 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.8.1/image-references @@ -0,0 +1,15 @@ +--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: operator-lifecycle-manager + from: + kind: DockerImage + name: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + - name: operator-registry + from: + kind: DockerImage + name: quay.io/operatorframework/configmap-operator-registry:latest diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..b7608fc11 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_00-namespace.yaml @@ -0,0 +1,24 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + openshift.io/cluster-monitoring: "true" + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operators + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..8cedb3c2e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_02-services.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_02-services.yaml new file mode 100644 index 000000000..21a4e4e6f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_02-services.yaml @@ -0,0 +1,41 @@ +--- +# Source: olm/templates/0000_50_olm_02-services.yaml + +apiVersion: v1 +kind: Service +metadata: + name: olm-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: olm-operator-serving-cert + labels: + app: olm-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: olm-operator +--- +apiVersion: v1 +kind: Service +metadata: + name: catalog-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: catalog-operator-serving-cert + labels: + app: catalog-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: catalog-operator + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..404109e5e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,768 @@ +--- +# Source: olm/templates/0000_50_olm_03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..627ce931e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,80 @@ +--- +# Source: olm/templates/0000_50_olm_04-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..5ba0b3cd5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,74 @@ +--- +# Source: olm/templates/0000_50_olm_05-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..26f027427 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,129 @@ +--- +# Source: olm/templates/0000_50_olm_06-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..c21dec1c2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,79 @@ +--- +# Source: olm/templates/0000_50_olm_07-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - operator-lifecycle-manager + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: IfNotPresent + priorityClassName: "system-cluster-critical" + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: olm-operator-serving-cert + optional: true + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..ff7e223f5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,76 @@ +--- +# Source: olm/templates/0000_50_olm_08-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - openshift-operator-lifecycle-manager + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + - -writeStatusName + - operator-lifecycle-manager-catalog + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: IfNotPresent + priorityClassName: "system-cluster-critical" + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: catalog-operator-serving-cert + optional: true + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..5bc6832fc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,28 @@ +--- +# Source: olm/templates/0000_50_olm_09-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..e9a7de669 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,99 @@ +--- +# Source: olm/templates/0000_50_olm_10-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - namespaces + - lastUpdated + type: object + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..091576c6e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,136 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.9.0 + namespace: openshift-operator-lifecycle-manager + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: IfNotPresent + priorityClassName: "system-cluster-critical" + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.9.0 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.9.0 \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..5c643c57e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_12-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/06-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..59a45bf43 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_13-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: openshift-operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + targetNamespaces: + - openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..e0dcc85df --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_14-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/05-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager +spec: + source: olm-operators + sourceNamespace: openshift-operator-lifecycle-manager + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_15-operatorstatus.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_15-operatorstatus.yaml new file mode 100644 index 000000000..d72556201 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_15-operatorstatus.yaml @@ -0,0 +1,20 @@ +--- +# Source: olm/templates/0000_50_olm_15-operatorstatus.yaml + +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager +status: + versions: + - name: operator + version: "0.0.1-snapshot" +--- +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager-catalog +status: + versions: + - name: operator + version: "0.0.1-snapshot" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_16-packageserver.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_16-packageserver.clusterserviceversion.yaml new file mode 100644 index 000000000..3e2c3ed0d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_16-packageserver.clusterserviceversion.yaml @@ -0,0 +1,123 @@ +--- +# Source: olm/templates/0000_50_olm_16-packageserver.clusterserviceversion.yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: packageserver.v0.9.0 + namespace: openshift-operator-lifecycle-manager +spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: IfNotPresent + priorityClassName: "system-cluster-critical" + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.9.0 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_17-packageserver.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_17-packageserver.deployment.yaml new file mode 100644 index 000000000..5aeaeca9a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_17-packageserver.deployment.yaml @@ -0,0 +1,53 @@ +--- +# Source: olm/templates/0000_50_olm_17-packageserver.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager + labels: + app: packageserver +spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - operator: Exists + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-operator-lifecycle-manager + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: IfNotPresent + priorityClassName: "system-cluster-critical" + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_19-service-monitor.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_19-service-monitor.yaml new file mode 100644 index 000000000..63a5688b0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/0000_50_olm_19-service-monitor.yaml @@ -0,0 +1,93 @@ +--- +# Source: olm/templates/0000_50_olm_19-service-monitor.yaml + +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: olm-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: olm-operator +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + jobLabel: k8s-app + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: catalog-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: catalog-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: operator-lifecycle-manager-metrics +subjects: +- kind: ServiceAccount + name: prometheus-k8s + namespace: openshift-monitoring +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/image-references new file mode 100644 index 000000000..26a8ca1b2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/0.9.0/image-references @@ -0,0 +1,15 @@ +--- +# Source: olm/templates/image-references + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: operator-lifecycle-manager + from: + kind: DockerImage + name: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + - name: operator-registry + from: + kind: DockerImage + name: quay.io/operator-framework/configmap-operator-registry:latest diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/latest b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/latest new file mode 120000 index 000000000..9b8324584 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/manifests/latest @@ -0,0 +1 @@ +./0.10.1 \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/values.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/values.yaml new file mode 100644 index 000000000..51d452071 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/ocp/values.yaml @@ -0,0 +1,77 @@ +installType: ocp +rbacApiVersion: rbac.authorization.k8s.io +namespace: openshift-operator-lifecycle-manager +catalog_namespace: openshift-marketplace +operator_namespace: openshift-operators +imagestream: true +writeStatusName: operator-lifecycle-manager +writeStatusNameCatalog: operator-lifecycle-manager-catalog +writePackageServerStatusName: operator-lifecycle-manager-packageserver +olm: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + pullPolicy: IfNotPresent + service: + internalPort: 8080 + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + tolerationSeconds: 120 + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + tolerationSeconds: 120 + tlsCertPath: /var/run/secrets/serving-cert/tls.crt + tlsKeyPath: /var/run/secrets/serving-cert/tls.key +catalog: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + pullPolicy: IfNotPresent + service: + internalPort: 8080 + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + tolerationSeconds: 120 + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + tolerationSeconds: 120 +package: + replicaCount: 2 + image: + ref: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + pullPolicy: IfNotPresent + service: + internalPort: 5443 + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + tolerationSeconds: 120 + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + tolerationSeconds: 120 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..f2eda530b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_00-namespace.yaml @@ -0,0 +1,13 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: operators + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..1a2e303d8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..404109e5e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,768 @@ +--- +# Source: olm/templates/0000_50_olm_03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..627ce931e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,80 @@ +--- +# Source: olm/templates/0000_50_olm_04-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..b9265baa0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,75 @@ +--- +# Source: olm/templates/0000_50_olm_05-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subscribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Subscribes service catalog to a source and channel to recieve updates for packages. + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..991a5e72c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,130 @@ +--- +# Source: olm/templates/0000_50_olm_06-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A source configured to find packages and updates. + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..9a2cf186f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,58 @@ +--- +# Source: olm/templates/0000_50_olm_07-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - "" + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..f66fd49b5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,53 @@ +--- +# Source: olm/templates/0000_50_olm_08-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - olm + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + + + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..5665a36a9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,34 @@ +--- +# Source: olm/templates/0000_50_olm_09-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["subscriptions"] + verbs: ["create", "update", "patch", "delete"] +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] + verbs: ["get", "list", "watch"] +- apiGroups: ["packages.operators.coreos.com"] + resources: ["packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..43c9b708e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,99 @@ +--- +# Source: olm/templates/0000_50_olm_10-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A grouping of namespaces for usage with an operator. + properties: + spec: + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - lastUpdated + type: object + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..344fb376d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,132 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: olm +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.10.0 + namespace: olm + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - olm + image: quay.io/operator-framework/olm@sha256:93751ae9d398d571c2cb3d11b0ac4ae052117fd1726025364a6f2f3a5caef68e + imagePullPolicy: Always + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.0 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.10.0 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..b1be6a655 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_12-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/06-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: olm +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..028458300 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_13-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: olm +spec: + targetNamespaces: + - olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..69ea7b01a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_14-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/05-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: olm +spec: + source: olm-operators + sourceNamespace: olm + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_18-upstream-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_18-upstream-operators.catalogsource.yaml new file mode 100644 index 000000000..3275c6f27 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.0/0000_50_olm_18-upstream-operators.catalogsource.yaml @@ -0,0 +1,12 @@ +--- +# Source: olm/templates/0000_50_olm_18-upstream-operators.catalogsource.yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: operatorhubio-catalog + namespace: olm +spec: + sourceType: grpc + image: quay.io/operator-framework/upstream-community-operators:latest + displayName: Community Operators + publisher: OperatorHub.io diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..f2eda530b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_00-namespace.yaml @@ -0,0 +1,13 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: operators + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..1a2e303d8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..404109e5e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,768 @@ +--- +# Source: olm/templates/0000_50_olm_03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..627ce931e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,80 @@ +--- +# Source: olm/templates/0000_50_olm_04-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..b9265baa0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,75 @@ +--- +# Source: olm/templates/0000_50_olm_05-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subscribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Subscribes service catalog to a source and channel to recieve updates for packages. + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..991a5e72c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,130 @@ +--- +# Source: olm/templates/0000_50_olm_06-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A source configured to find packages and updates. + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..6ecef18f7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,58 @@ +--- +# Source: olm/templates/0000_50_olm_07-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - "" + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..0cd42eafe --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,53 @@ +--- +# Source: olm/templates/0000_50_olm_08-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - olm + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + + + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..5665a36a9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,34 @@ +--- +# Source: olm/templates/0000_50_olm_09-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["subscriptions"] + verbs: ["create", "update", "patch", "delete"] +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] + verbs: ["get", "list", "watch"] +- apiGroups: ["packages.operators.coreos.com"] + resources: ["packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..18235816a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,101 @@ +--- +# Source: olm/templates/0000_50_olm_10-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A grouping of namespaces for usage with an operator. + properties: + spec: + type: object + description: Spec for an OperatorGroup. + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + status: + type: object + description: The status of the OperatorGroup. + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - lastUpdated + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..c1e5e7467 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,132 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: olm +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.10.1 + namespace: olm + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - olm + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: Always + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.1 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.10.1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..b1be6a655 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_12-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/06-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: olm +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..028458300 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_13-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: olm +spec: + targetNamespaces: + - olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..69ea7b01a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_14-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/05-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: olm +spec: + source: olm-operators + sourceNamespace: olm + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_18-upstream-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_18-upstream-operators.catalogsource.yaml new file mode 100644 index 000000000..3275c6f27 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.10.1/0000_50_olm_18-upstream-operators.catalogsource.yaml @@ -0,0 +1,12 @@ +--- +# Source: olm/templates/0000_50_olm_18-upstream-operators.catalogsource.yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: operatorhubio-catalog + namespace: olm +spec: + sourceType: grpc + image: quay.io/operator-framework/upstream-community-operators:latest + displayName: Community Operators + publisher: OperatorHub.io diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/01-alm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/01-alm-operator.serviceaccount.yaml new file mode 100644 index 000000000..bdbf631a2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/01-alm-operator.serviceaccount.yaml @@ -0,0 +1,11 @@ +##--- +# Source: olm/templates/01-alm-operator.serviceaccount.yaml +kind: ServiceAccount +apiVersion: v1 +metadata: + name: alm-operator-serviceaccount + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +imagePullSecrets: +- name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/02-alm-operator.rolebinding.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/02-alm-operator.rolebinding.yaml new file mode 100644 index 000000000..7aa932df1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/02-alm-operator.rolebinding.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/02-alm-operator.rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alm-operator-binding + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: alm-operator-serviceaccount + namespace: kube-system diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..39b3fe5d9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/03-clusterserviceversion.crd.yaml @@ -0,0 +1,413 @@ +##--- +# Source: olm/templates/03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversion-v1s.app.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + names: + plural: clusterserviceversion-v1s + singular: clusterserviceversion-v1 + kind: ClusterServiceVersion-v1 + listKind: ClusterServiceVersionList-v1 + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + validation: + openAPIV3Schema: + type: object + description: Represents a single version of the operator software + required: + - spec + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + descriptions: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/05-catalogsource.crd.yaml new file mode 100644 index 000000000..fb99f0974 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/05-catalogsource.crd.yaml @@ -0,0 +1,54 @@ +##--- +# Source: olm/templates/05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsource-v1s.app.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: catalogsource-v1s + singular: catalogsource-v1 + kind: CatalogSource-v1 + listKind: CatalogSourceList-v1 + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a subscription + required: + - sourceType + - name + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + string: The name of a ConfigMap that holds the entries for an in-memory catalog. + + name: + type: string + description: Name of this catalog source + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/06-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/06-installplan.crd.yaml new file mode 100644 index 000000000..8d9e12860 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/06-installplan.crd.yaml @@ -0,0 +1,60 @@ +##--- +# Source: olm/templates/06-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplan-v1s.app.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: installplan-v1s + singular: installplan-v1 + kind: InstallPlan-v1 + listKind: InstallPlanList-v1 + validation: + openAPIV3Schema: + type: object + description: Document which defines the desire and current state of an installation of a Cluster Service + required: + - spec + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + approval: + type: string + enum: + - Automatic + - Manual + - Update-Only # Will only apply an update if it updates existing packages only and doesn't add any new ones + approved: + type: boolean + anyOf: + - properties: + approval: + enum: + - Manual + required: + - approved + - properties: + approval: + enum: + - Automatic + - Update-Only + required: [] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/07-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/07-subscription.crd.yaml new file mode 100644 index 000000000..b9952b1cf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/07-subscription.crd.yaml @@ -0,0 +1,49 @@ +##--- +# Source: olm/templates/07-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscription-v1s.app.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: subscription-v1s + singular: subscription-v1 + kind: Subscription-v1 + listKind: SubscriptionList-v1 + validation: + openAPIV3Schema: + type: object + description: Represents a subscription to a source and channel + required: + - spec + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + + name: + type: string + description: Name of the package that defines the application + + channel: + type: string + description: Name of the channel to track + + startingCSV: + type: string + description: Name of the AppType that this subscription tracks diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/08-tectonicocs.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/08-tectonicocs.configmap.yaml new file mode 100644 index 000000000..1465dcbb9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/08-tectonicocs.configmap.yaml @@ -0,0 +1,1810 @@ +##--- +# Source: olm/templates/08-tectonicocs.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: tectonic-ocs + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + version: v1 + scope: Namespaced + names: + plural: alertmanagers + singular: alertmanager + kind: Alertmanager + listKind: AlertmanagerList + shortNames: + - alertman + - alrtman + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + validation: + openAPIv3: + type: object + description: Represents a single instance of etcd + additionalProperties: false + required: + - version + properties: + version: + type: string + description: Version string + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + x-descriptors: + - urn:alm:descriptor:versioning:semver + size: + type: number + description: The size of the etcd cluster + min: 1 + max: 9 + x-descriptors: + - urn:alm:descriptor:pod:count + - urn:alm:descriptor:number:integer + template: + type: object + description: Template for fields of subresources + labels: + type: object + description: Labels to apply to associated resources + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + version: v1 + scope: Namespaced + names: + plural: prometheuses + singular: prometheus + kind: Prometheus + listKind: PrometheusList + shortNames: + - prom + - prm + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + version: v1 + scope: Namespaced + names: + plural: servicemonitors + singular: servicemonitor + kind: ServiceMonitor + listKind: ServiceMonitorList + shortNames: + - servicemon + - svcmon + - svcmonitor + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: vaultservices.vault.security.coreos.com + spec: + group: vault.security.coreos.com + version: v1alpha1 + scope: Namespaced + validation: + openAPIv3: + type: object + description: Represents a single instance of Vault + additionalProperties: false + required: + - version + properties: + version: + type: string + description: Version string + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + x-descriptors: + - urn:alm:descriptor:versioning:semver + nodes: + type: number + description: The number of nodes in the Vault cluster + min: 1 + max: 9 + x-descriptors: + - urn:alm:descriptor:pod:count + - urn:alm:descriptor:number:integer + template: + type: object + description: Template for fields of subresources + labels: + type: object + description: Labels to apply to associated resources + names: + plural: vaultservices + singular: vaultservice + kind: VaultService + listKind: VaultServiceList + shortNames: + - vault + - vaultserv + - vaultsrv + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: vault-operator.0.1.9 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"vault.security.coreos.com/v1alpha1","kind":"VaultService","metadata":{"name":"example"},"spec":{"nodes":2,"version":"0.9.1-0"}}]' + labels: + alm-catalog: tectonic-ocs + spec: + displayName: Vault + description: | + An encrypted, multi-tentant secure secret store. Vault handles the lifecycle of your secrets: leasing, key revocation, key rolling, and auditing. + + _The Vault Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Unsealing and using Vault + + Once a Vault instance is running, it must be initalized and "unsealed". Afterwards, your software can use the automatically created Kubernetes Service and Secret to communicate with it. + + [Read the complete guide to using the Vault Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/vault-ocs.html) + + ### Supported Features + + **Secure by Default** + + + Hands-free automated creation of TLS certificates between all components ensure all best practices are followed for secret security. Further, the API makes unseal operations easy. + + + **Highly available** + + + Multiple instances of Vault are clustered together via an etcd backend and secured. + + + **Safe Upgrades** + + + Rolling out a new Vault version is as easy as updating the Vault Cluster definition. Everything is automatically handled using Vault best practices while pausing for unseal tokens. + + keywords: ['vault', 'secret', 'encryption'] + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + provider: + name: CoreOS, Inc + links: + - name: Vault Project + url: https://www.vaultproject.io/ + labels: + alm-status-descriptors: vault-operator.0.1.9 + alm-owner-vault: vault-operator + operated-by: vault-operator + selector: + matchLabels: + alm-owner-vault: vault-operator + operated-by: vault-operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAEAAAAA7CAYAAADLjIzcAAAACXBIWXMAAAsTAAALEwEAmpwYAAAMLGlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjarVd3VFP51t23JKGEmoCAlNARBAHpSO+CgHQYW0gChBJCCip2x0EFxy4WrOjYcNSxADIWRB3rIPbuAx1URsbBgg2V9wcBZ+Z93x9vrfdb6+budbLPPvuce9dd6wA6HnyptJDUBYokCllSVCgvIzOLx2oHCxxogYQ7XyCXhiQmxgHAwP0vhwDe3gQBANec+VJpIf67oycUyQUAkQggWygXFAHEIYA2EUhlCoDRCsB6skKqABhvAHBlGZlZAFMNADe3H5sC4Gb3Y1cAXFlKUhjADAfU2Hy+LBfQTgTAKxXkKgBtKQBXiVAsAbQ3AwgU5PGFgHYbgOFFRcVCQIcNwCH7Lzq5f9PMHtTk83MHcX8vAAC1cLFcWsifiv/1KSpUDtSwAsDOk0UnAeACxM6C4tgkAGyAOCrJjk8AoA8Q58RCQIXv5imjU1X8LoE8LAuAIUBCyA+PBWAKkIbKgtQQFXbny4B+PhkvVsSkqHC2rDhJpU+WSgrj41Q6C/JEMQN4o0gekTzAyRFHxgDQBchDZXkp6f0+ydOl4rR4ANoA2SovSI5V5T4sywuLH+DIlEmpAGwA8k2OLDKpn0MZFckH+qJcBPyIZABGABWsyEuJ7s+lMkTyjLgBD0JReES/B0ookqSqvFEKqSI0SZVbLi1MVPGpjaLCqKT+OVP75aXJA7lXFbIU1cypR/n80Yn9/qm3UkViSr83mkYcwhAOHpTgIRvFyIe4pau+CzzVP5HgQ4ZciOCsigxkpIMPGSTgIxll+AMSiCAfzAsFHzKIUAoJPg9G+3+dkQM+ZCiFCHIU4AlkKKJN6EDan46jA+lgOpB2p31o34E8ns5AVWYEM5wZzYxkDhv0IUAxClEMGcT/RywWhRBBCRlEkAz08FWP8YRxhfGIcYPRxriDNPwGGcQDrIniubJ/OOdhDNqgVE1FhGxI0DnAoe1od9qTDqUD6EDaFzzakDaBM+1B+9AhdBDtT3vSvn9zqBz09nWW/6wnguRv/aji2o7anioX2YNPJmyQ9U+VsL/MSIhixP6TSS2gDlJnqZPUeeooVQ8edYJqoC5Rx6j6v7wJv0GG3MFqSRBBggIUQjzAca117XT99B/V+SoHMoggBxSiKQoACCuWTpWJc/MUvBCptFDEi5EIXIbz3F3dvIGMzCxe/+fjtSEIAIThha+xkibAtwIgcr/G+NbAkScA5+3XmPUrgL0UONYqUMpK+2M0ADCgAR1wYQxzWMMBznCHF/wRjAiMRgJSkIkJECAPRZBhMqZjDspRiaVYhXXYhK3YiR9xAPU4ipP4BRfRihu4hzZ04Dm68Ra9BEGwCC2CQxgTFoQt4US4Ez5EIBFBxBFJRCYxicglJISSmE58S1QSy4l1xBZiF/ETcYQ4SZwnrhB3iHaik3hFfCQpkk1ySTPSjhxB+pAhZCyZQo4nc8kSsoycRy4m15A15B6yjjxJXiRvkG3kc7KHAqVJGVKWlDPlQ4VRCVQWlUPJqJlUBVVF1VB7qUbqLHWNaqO6qA80k+bQPNqZ9qej6VRaQJfQM+lF9Dp6J11Hn6av0e10N/2FocUwZTgx/BgxjAxGLmMyo5xRxdjOOMw4w7jB6GC8ZTKZhkx7pjczmpnJzGdOYy5ibmDuYzYxrzAfM3tYLJYxy4kVwEpg8VkKVjlrLWsP6wTrKquD9V5NU81CzV0tUi1LTaI2V61KbbfacbWrak/VetV11W3V/dQT1IXqU9WXqG9Tb1S/rN6h3quhp2GvEaCRopGvMUdjjcZejTMa9zVea2pqWmn6ao7VFGvO1lyjuV/znGa75ge2PtuRHcYex1ayF7N3sJvYd9ivtbS07LSCtbK0FFqLtXZpndJ6qPVem6Ptoh2jLdSepV2tXad9VfuFjrqOrU6IzgSdMp0qnYM6l3W6dNV17XTDdPm6M3WrdY/o3tLt0ePouekl6BXpLdLbrXde75k+S99OP0JfqD9Pf6v+Kf3HHIpjzQnjCDjfcrZxznA6uEyuPTeGm8+t5P7IbeF2G+gbeBikGUwxqDY4ZtBmSBnaGcYYFhouMTxgeNPw4xCzISFDREMWDtk75OqQd0ZDjYKNREYVRvuMbhh9NOYZRxgXGC8zrjd+YEKbOJqMNZlsstHkjEnXUO5Q/6GCoRVDDwy9a0qaOpommU4z3Wp6ybTHzNwsykxqttbslFmXuaF5sHm++Urz4+adFhyLQAuxxUqLExa/8wx4IbxC3hreaV63palltKXScotli2Wvlb1VqtVcq31WD6w1rH2sc6xXWjdbd9tY2IyxmW5Ta3PXVt3WxzbPdrXtWdt3dvZ26Xbz7ertntkb2cfYl9nX2t930HIIcihxqHG4Pow5zGdYwbANw1odSUdPxzzHasfLTqSTl5PYaYPTleGM4b7DJcNrht9yZjuHOJc61zq3uxi6xLnMdal3eTHCZkTWiGUjzo744urpWui6zfWem77baLe5bo1ur9wd3QXu1e7XR2qNjBw5a2TDyJceTh4ij40etz05nmM853s2e3728vaSee316vS28Z7kvd77lg/XJ9Fnkc85X4ZvqO8s36O+H/y8/BR+B/z+9Hf2L/Df7f9slP0o0ahtox4HWAXwA7YEtAXyAicFbg5sC7IM4gfVBD0Ktg4WBm8PfhoyLCQ/ZE/Ii1DXUFno4dB3YX5hM8KawqnwqPCK8JYI/YjUiHURDyOtInMjayO7ozyjpkU1RTOiY6OXRd+KMYsRxOyK6R7tPXrG6NOx7Njk2HWxj+Ic42RxjWPIMaPHrBhzP942XhJfn4CEmIQVCQ8S7RNLEn8eyxybOLZ67JMkt6TpSWeTOckTk3cnv00JTVmSci/VIVWZ2pymkzYubVfau/Tw9OXpbRkjMmZkXMw0yRRnNmSxstKytmf1fBPxzapvOsZ5jisfd3O8/fgp489PMJlQOOHYRJ2J/IkHJzEmpU/aPekTP4Ffw+/Jjslen90tCBOsFjwXBgtXCjtFAaLloqc5ATnLc57lBuSuyO3MC8qryusSh4nXiV/mR+dvyn9XkFCwo6CvML1wX5Fa0aSiIxJ9SYHkdLF58ZTiK1Inabm0rcSvZFVJtyxWtl1OyMfLGxRchVRxSemg/E7ZXhpYWl36fnLa5INT9KZIplya6jh14dSnZZFlP0yjpwmmNU+3nD5nevuMkBlbZhIzs2c2z7KeNW9Wx+yo2TvnaMwpmPPrXNe5y+e++Tb928Z5ZvNmz3v8XdR3teXa5bLyW/P9529aQC8QL2hZOHLh2oVfKoQVFypdK6sqPy0SLLrwvdv3a77vW5yzuGWJ15KNS5lLJUtvLgtatnO53vKy5Y9XjFlRt5K3smLlm1UTV52v8qjatFpjtXJ125q4NQ1rbdYuXftpXd66G9Wh1fvWm65fuP7dBuGGqxuDN+7dZLapctPHzeLNt7dEbamrsaup2srcWrr1yba0bWd/8Plh13aT7ZXbP++Q7GjbmbTz9C7vXbt2m+5eUkvWKms794zb0/pj+I8Ne533btlnuK9yP/Yr9//+06Sfbh6IPdB80Ofg3kO2h9Yf5hyuqCPqptZ11+fVtzVkNlw5MvpIc6N/4+GfXX7ecdTyaPUxg2NLjmscn3e870TZiZ4maVPXydyTj5snNt87lXHq+umxp1vOxJ4590vkL6fOhpw9cS7g3NHzfuePXPC5UH/R62LdJc9Lh3/1/PVwi1dL3WXvyw2tvq2NV0ZdOX416OrJa+HXfrkec/3ijfgbV26m3rx9a9ytttvC28/uFN55ebf0bu+92fcZ9yse6D6oemj6sOZfw/61r82r7Vh7ePulR8mP7j0WPH7+m/y3Tx3znmg9qXpq8XTXM/dnRzsjO1t//+b3jufS571d5X/o/bH+hcOLQ38G/3mpO6O746XsZd+rRa+NX+944/GmuSex5+Hbore97yreG7/f+cHnw9mP6R+f9k7+xPq05vOwz41fYr/c7yvq65PyZXwAAAWAzMkBXu0AtDIBTiugod2/f6n2RuLrBvn/4f4dDQDgBewIBlJnA3FNwMYmwHY2wG4CEgGkBIMcOXLwUh15zkj3fi22DGC87+t7bQawGoHPsr6+3g19fZ+3AdQdoKmkf+8DAKYusJkHAL9az/+P/evfXvpsNqq3M8UAADowaVRYdFhNTDpjb20uYWRvYmUueG1wAAAAAAA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/Pgo8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjYtYzExMSA3OS4xNTgzMjUsIDIwMTUvMDkvMTAtMDE6MTA6MjAgICAgICAgICI+CiAgIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgICAgIDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiCiAgICAgICAgICAgIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIKICAgICAgICAgICAgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iCiAgICAgICAgICAgIHhtbG5zOnN0RXZ0PSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VFdmVudCMiCiAgICAgICAgICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgICAgICAgICAgeG1sbnM6cGhvdG9zaG9wPSJodHRwOi8vbnMuYWRvYmUuY29tL3Bob3Rvc2hvcC8xLjAvIgogICAgICAgICAgICB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyIKICAgICAgICAgICAgeG1sbnM6ZXhpZj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8eG1wOkNyZWF0b3JUb29sPkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC94bXA6Q3JlYXRvclRvb2w+CiAgICAgICAgIDx4bXA6Q3JlYXRlRGF0ZT4yMDE3LTA5LTA2VDE1OjMxOjU2LTA0OjAwPC94bXA6Q3JlYXRlRGF0ZT4KICAgICAgICAgPHhtcDpNZXRhZGF0YURhdGU+MjAxNy0wOS0wNlQxNTozMTo1Ni0wNDowMDwveG1wOk1ldGFkYXRhRGF0ZT4KICAgICAgICAgPHhtcDpNb2RpZnlEYXRlPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3htcDpNb2RpZnlEYXRlPgogICAgICAgICA8eG1wTU06SW5zdGFuY2VJRD54bXAuaWlkOjFlMjY4MTE5LWU2NmYtNGJjNC1hZTI0LThiMTViNTg3MzE2MjwveG1wTU06SW5zdGFuY2VJRD4KICAgICAgICAgPHhtcE1NOkRvY3VtZW50SUQ+YWRvYmU6ZG9jaWQ6cGhvdG9zaG9wOjczODM4YzJiLWQzYzgtMTE3YS1iNTYyLTllNjU3MTBkNzc5YzwveG1wTU06RG9jdW1lbnRJRD4KICAgICAgICAgPHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD54bXAuZGlkOjQ1MjdmNDhmLTc2MGMtNGRhYi04NTJkLTNkNGZiOTA4ZmEzNjwveG1wTU06T3JpZ2luYWxEb2N1bWVudElEPgogICAgICAgICA8eG1wTU06SGlzdG9yeT4KICAgICAgICAgICAgPHJkZjpTZXE+CiAgICAgICAgICAgICAgIDxyZGY6bGkgcmRmOnBhcnNlVHlwZT0iUmVzb3VyY2UiPgogICAgICAgICAgICAgICAgICA8c3RFdnQ6YWN0aW9uPmNyZWF0ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDo0NTI3ZjQ4Zi03NjBjLTRkYWItODUyZC0zZDRmYjkwOGZhMzY8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgICAgPHJkZjpsaSByZGY6cGFyc2VUeXBlPSJSZXNvdXJjZSI+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDphY3Rpb24+c2F2ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDoxZTI2ODExOS1lNjZmLTRiYzQtYWUyNC04YjE1YjU4NzMxNjI8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICAgICA8c3RFdnQ6Y2hhbmdlZD4vPC9zdEV2dDpjaGFuZ2VkPgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgPC9yZGY6U2VxPgogICAgICAgICA8L3htcE1NOkhpc3Rvcnk+CiAgICAgICAgIDxkYzpmb3JtYXQ+aW1hZ2UvcG5nPC9kYzpmb3JtYXQ+CiAgICAgICAgIDxwaG90b3Nob3A6Q29sb3JNb2RlPjM8L3Bob3Rvc2hvcDpDb2xvck1vZGU+CiAgICAgICAgIDxwaG90b3Nob3A6SUNDUHJvZmlsZT5EaXNwbGF5PC9waG90b3Nob3A6SUNDUHJvZmlsZT4KICAgICAgICAgPHRpZmY6T3JpZW50YXRpb24+MTwvdGlmZjpPcmllbnRhdGlvbj4KICAgICAgICAgPHRpZmY6WFJlc29sdXRpb24+NzIwMDAwLzEwMDAwPC90aWZmOlhSZXNvbHV0aW9uPgogICAgICAgICA8dGlmZjpZUmVzb2x1dGlvbj43MjAwMDAvMTAwMDA8L3RpZmY6WVJlc29sdXRpb24+CiAgICAgICAgIDx0aWZmOlJlc29sdXRpb25Vbml0PjI8L3RpZmY6UmVzb2x1dGlvblVuaXQ+CiAgICAgICAgIDxleGlmOkNvbG9yU3BhY2U+NjU1MzU8L2V4aWY6Q29sb3JTcGFjZT4KICAgICAgICAgPGV4aWY6UGl4ZWxYRGltZW5zaW9uPjY0PC9leGlmOlBpeGVsWERpbWVuc2lvbj4KICAgICAgICAgPGV4aWY6UGl4ZWxZRGltZW5zaW9uPjU5PC9leGlmOlBpeGVsWURpbWVuc2lvbj4KICAgICAgPC9yZGY6RGVzY3JpcHRpb24+CiAgIDwvcmRmOlJERj4KPC94OnhtcG1ldGE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz6RZ44uAAAAIGNIUk0AAG11AABzoAAA/N0AAINkAABw6AAA7GgAADA+AAAQkOTsmeoAAAreSURBVHja7Jt5VFN3Fse/7yUkgQSyQBAiJWwTglKZqKBVFgURsVFgpAO2TRUonU7n0MWpVqnL6a7jtAdoz+lAsS61damHTnXascLUojMHLVUcpaesjUAVlFUWY7b35g+KhUBCEhJ71Pmd8/sDeO/edz+/e+/v3t97EDRN434eJO7zcd8DYJr+Ijc396kbN26EMxgM7b1kKE3TBEmSRHJy8m6VSlVrFkBLS4u2vLw8715cbS6X+/WcOXN6LYbAM888szckJOSre814giC0y5YtW93c3HzFIgA+n48nnnhi/b0GICIi4j2ZTHZdp9NZToJarRYpKSmXIiIiyu6ZRMdk9sfHx7/OZrMhEoksAxCJRBCLxdi0adOLDAaDuhcAxMbGFoSHh/exWCwIhULLAJhMJrq6uhAVFaWWyWQf3O3Gs9nsrrS0tB1MJhN8Ph8CgcDyNlhSUgKCIMBmszFz5sxX6urqsmmadrlbASiVyu0KheJma2vruNWf0AM0Gg2GhobQ19cHuVzePmvWrPfvVuN5PF772rVrCwBAIBDcnhY9YPr06SOFAzgcDhISEl6tra3NMRqN3LsNQE5Oztbly5cb6+vrxyU/swBM3UShUHRHR0cXVVZWbrqbjOdwOPXu7u6lhw8fRnd3NwiCuP23sLCwX+oD026wtLR0dPkIDw8PdHV1ua9bt+6yTqcT3S0AYmJifi+VSj9ta2sDkzl2nSsqKsx7AJ/PHycsMjJyQKlU7iwrK3trSp1XkBxU+xVAMzDK5cRAb+fYqi0wGLS62W49AoHgYlRU1KcajQZyudy2bnB0shAIBLeBZGdnv+3m5tZh93ak+gNEF/8L/jdnQU7zGTY0Mg4M1fMgl6QNX8TiwHX7R3D/5wWwcvMBEHbpSkxMzPf19YWHhwdEItG4aRFAQEDAmBkYGAihUIiHH35Yn5ubu81eAK6bXwfJZYEdFQaX5BXDyhXRIIwGEDMjAZIE6RcIVvrjII08sLNeBNhsm/X4+vp+m5iY+AVBEBCJRBAKheOmxSRYVVU1USuJhoYGeHt7l7DZ7Be1Wu1vbH0wTdE7YBa9CUN9O/TffD0s9/tqYE4s6LoLAEWBuqKG7ou/w0WZCt2uEkCvsxlARkbGBh8fH9A0PSbxmW2STJNgSkrKhBcaDAb4+fmhsbEx8+TJkwfs6sgkwaCvmsQ2wQHoW2PdMlAOSl1ns/zg4OCvS0tLE/r6+mAwGMxel56ebt4DgoKCLDUVWLBgwcELFy683NvbG26T8dOmw/VPT8PY8CO0e4drK8Zv54Hz5JPQHfsS+q8+G77O1x+02AdEXyfo3m5b2l0899xzGyQSCSiKsmr1JwRgWimZhoK3tzeSkpJePnjw4Oc2VWV7joCzbD5oAFRrM/QnT4Bb/AVc5nrCJe1J9C8IBtWiBql8HOCLgMAwGD8tASijVfIDAgIOL1my5JxWq4W7u7v9R2KWAIxASEpKOlpZWflde3v7XKs16XQgAIwOONqgBU0CtB6A8WdDKSNAkqAp2xpRmUy2tbi4GHq9HtQk90ZGRtpWB5gCkEgkyMjI2FhQUFBh7QMO5mSAynsBhvom6E+eAAAMZS8Fe7UK+q+Og/qpBQBg/Gw34O0H/NRk9eqHhIR8FBoaWt/a2mqT+0+YBMvKJj8HGWkts7KyKtVqdaz1h3KewJBJXIv9gc7WURmQAWZEJAw1Z6yNfX1WVlaoj4+PemBgwCrjCwsLzdcBE+2bppPH40EikSAvL2+DtbYzlq+G66H/gF30GQjPacN1T95r4H15EZw3dgNMFxBcLtzLqyE8XwW39z8BSOakchUKxW6FQqFmMpm3C7fJpk3NkLlhNBqhVCrPFhUVlV2+fPl3k3pNfCoIigIjfC6I4DDQ3dfgEp8C9PWCEZ0McHggJF5gxyuGmxnVatx8/ilAO2i+jCXJmytXrnyFw+HAw8PDJtc3C2Dfvn1WbztsNhthYWFbrQFgOFIC4tk3QJ2rBP39d8PnjwffB3vNs9Af+wQY6gOlHoRm31FwViyFZmeBReMBIC4u7m/z58+/euXKFasXbtIcsGrVKqtupGkaJEnC398fR48ePdDc3Jw5qTLPaaD7ugHjqCLF3RMYGJsXiIBQ0JfrJ8tDN4qLi4P8/f17enp6bFr9Rx55xLwHSKVSmwi6u7tj0aJFW5qbm9MnkjcGWve1MT+zkpRwfeGPuHX4OLQfvvvLdZMY//NRV+HChQt7WlpaJt25HFoHTBQKc+fObTp//vy+mpqabOu7I3dw9xyDiw/ATFoOQ/VpGC9dsG4z4XLb8/PzdwiFQhiNRrti32EAaJqGm5sbUlNTt9XU1DwKgGNdFtWD+rEZ8AkGdY0GPTRotc7w8PC3BgcHb549e9ZizW9ujD4RmjKAES+Ijo7+KTY29oNTp05Z915RdwsDmQnQr82G9vi/QP3YZJ3juLq2hYeHF+/atQs6nc6u1U9LSzMPwNzh4WRe4Orqiuzs7FdOnz6dTdO0VQeoVFsLbr5m2xHDwoULX5NKpbrOzs4pub5ZAA888IB92wlBYNWqVd3l5eXvfPzxx1uccc7H5/MbExISSimKgqenp0NkjgPQ1NRklyCapjE4OAi5XP4mg8F42mg0ih0NQKlUbgsMDKTb29sdsvoTAtizZ4/dwiiKgpeX161Zs2Ztr6mpeduRxnt7e19KS0s7oNfr7QpTqwGIxVNbOBaLhXnz5r1XV1e3TqPRTHfUg6pUqvygoCC0trbCzc3NeQC8vLymJJCmaYjFYl1MTMzrJ06ccMhrteDg4G8fe+yxf+h0OrtLXqsBOEIBg8HA0qVLS86cObO+v78/aKrycnJy/qxQKNDQ0ACSJJ0LYCpl5eghkUiolStXbtu/f/9HU4z9E0NDQ//euXMnNBqNQ55t69atzvWAkVBIT0/ff/z48Y1dXV0z7ZUTExOT39PTg4sXL457xeUUD7CnEjQHQCqVIicnJ3/Hjh2f2xn7n0dGRp7r7u6e9BWXwwD4+fk5TDiHw0FWVtbRvXv3nu7o6Iix9f4VK1Zs5PP5U254bAJw6NAhhwknSRIcDgcymezljo6OU7bcGxERcSAuLq6uo6PD4ZnfIoDq6mqHCacoCkwmE2FhYafr6upOXr9+fbG1t6pUqk1cLhc8Hs9pqz8hgJCQEIcqoGkaAoEAsbGxLx05cuRbKxueDxMTE1va2toclpPu+DZo2ig99NBD1efOnftSrVYvn6SSHNq8eXO+p6cndDqdw/f9O7YLmIYCn89HSkrKSwUFBRYBhIaGFnh5eXU2NjZCr9fD2WMcAA8PD6coMhqNWLRoUW1FRcWR2tra9AkfhsnsnzFjxl8KCwth+kmrI0diYuKdDYGRXMDj8bBmzZoN69evnxDA7NmzdwYGBvZ3dHQ4pej51UJgZOj1eiQnJ6vLysr2VFVVrTWpGToXL178VxaLBbFY7NTMbxGAr6+v05TRNA0vLy9s2bJlY0pKSqZer799gBofH/9maGjorfb2dnA4HNypMQ7AwMCAUxWq1Wr4+/tfk8vlhZcuXXoJALhcbltqauq7JElCKBTesdWfEMDo7wSdNVgsFh588MHtP/zwQ57BYHBLT09/dcaMGcbW1law7fgwyqEAnO1+Ix8vyWSyvqCgoEMtLS2PqlSqUoqinFry/urboCkErVaL2bNnv5OZmXlMKpXi6tWr4HLv/OfIxP//cfI+H/8bANeS5YFpLrRuAAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: vault-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - vault.security.coreos.com + resources: + - vaultservices + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + deployments: + - name: vault-operator + spec: + replicas: 1 + selector: + matchLabels: + name: vault-operator + template: + metadata: + labels: + name: vault-operator + spec: + serviceAccountName: vault-operator + containers: + - name: vault-operator + image: quay.io/coreos/vault-operator@sha256:945a0a6d88cf6fa2bce9a83019a2a64f74d89fc8281301a4259f3302eabc79e6 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + version: 0.1.9 + replaces: vault-operator.0.1.5 + maturity: alpha + customresourcedefinitions: + owned: + - name: vaultservices.vault.security.coreos.com + version: v1alpha1 + kind: VaultService + displayName: Vault Service + description: A running Vault instance, backed by an Etcd Cluster + resources: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + - kind: Service + version: v1 + - kind: ConfigMap + version: v1 + - kind: Secret + version: v1 + - kind: Deployment + version: v1beta2 + - kind: ReplicaSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of Pods for the cluster + displayName: Size + path: nodes + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The service at which the running Vault cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The port at which the Vault cluster is running under the service. + displayName: Client Port + path: clientPort + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents a backup for an etcd cluster + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents one try of restoring etcd cluster from previous backup + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + namespace: placeholder + name: vault-operator.0.1.5 + annotations: + tectonic-visibility: ocs + spec: + displayName: Vault + description: | + An encrypted, multi-tentant secure secret store. Vault handles the lifecycle of your secrets: leasing, key revocation, key rolling, and auditing. + + _The Vault Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Unsealing and using Vault + + Once a Vault instance is running, it must be initalized and "unsealed". Afterwards, your software can use the automatically created Kubernetes Service and Secret to communicate with it. + + [Read the complete guide to using the Vault Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/vault-ocs.html) + + ### Supported Features + + **Secure by Default** + Hands-free automated creation of TLS certificates between all components ensure all best practices are followed for secret security. Further, the API makes unseal operations easy. + **Highly available** + Multiple instances of Vault are clustered together via an etcd backend and secured. + **Safe Upgrades** + Rolling out a new Vault version is as easy as updating the Vault Cluster definition. Everything is automatically handled using Vault best practices while pausing for unseal tokens. + + keywords: ['vault', 'secret', 'encryption'] + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + provider: + name: CoreOS, Inc + links: + - name: Vault Project + url: https://www.vaultproject.io/ + labels: + alm-status-descriptors: vault-operator.0.1.5 + alm-owner-vault: vault-operator + operated-by: vault-operator + selector: + matchLabels: + alm-owner-vault: vault-operator + operated-by: vault-operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAEAAAAA7CAYAAADLjIzcAAAACXBIWXMAAAsTAAALEwEAmpwYAAAMLGlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjarVd3VFP51t23JKGEmoCAlNARBAHpSO+CgHQYW0gChBJCCip2x0EFxy4WrOjYcNSxADIWRB3rIPbuAx1URsbBgg2V9wcBZ+Z93x9vrfdb6+budbLPPvuce9dd6wA6HnyptJDUBYokCllSVCgvIzOLx2oHCxxogYQ7XyCXhiQmxgHAwP0vhwDe3gQBANec+VJpIf67oycUyQUAkQggWygXFAHEIYA2EUhlCoDRCsB6skKqABhvAHBlGZlZAFMNADe3H5sC4Gb3Y1cAXFlKUhjADAfU2Hy+LBfQTgTAKxXkKgBtKQBXiVAsAbQ3AwgU5PGFgHYbgOFFRcVCQIcNwCH7Lzq5f9PMHtTk83MHcX8vAAC1cLFcWsifiv/1KSpUDtSwAsDOk0UnAeACxM6C4tgkAGyAOCrJjk8AoA8Q58RCQIXv5imjU1X8LoE8LAuAIUBCyA+PBWAKkIbKgtQQFXbny4B+PhkvVsSkqHC2rDhJpU+WSgrj41Q6C/JEMQN4o0gekTzAyRFHxgDQBchDZXkp6f0+ydOl4rR4ANoA2SovSI5V5T4sywuLH+DIlEmpAGwA8k2OLDKpn0MZFckH+qJcBPyIZABGABWsyEuJ7s+lMkTyjLgBD0JReES/B0ookqSqvFEKqSI0SZVbLi1MVPGpjaLCqKT+OVP75aXJA7lXFbIU1cypR/n80Yn9/qm3UkViSr83mkYcwhAOHpTgIRvFyIe4pau+CzzVP5HgQ4ZciOCsigxkpIMPGSTgIxll+AMSiCAfzAsFHzKIUAoJPg9G+3+dkQM+ZCiFCHIU4AlkKKJN6EDan46jA+lgOpB2p31o34E8ns5AVWYEM5wZzYxkDhv0IUAxClEMGcT/RywWhRBBCRlEkAz08FWP8YRxhfGIcYPRxriDNPwGGcQDrIniubJ/OOdhDNqgVE1FhGxI0DnAoe1od9qTDqUD6EDaFzzakDaBM+1B+9AhdBDtT3vSvn9zqBz09nWW/6wnguRv/aji2o7anioX2YNPJmyQ9U+VsL/MSIhixP6TSS2gDlJnqZPUeeooVQ8edYJqoC5Rx6j6v7wJv0GG3MFqSRBBggIUQjzAca117XT99B/V+SoHMoggBxSiKQoACCuWTpWJc/MUvBCptFDEi5EIXIbz3F3dvIGMzCxe/+fjtSEIAIThha+xkibAtwIgcr/G+NbAkScA5+3XmPUrgL0UONYqUMpK+2M0ADCgAR1wYQxzWMMBznCHF/wRjAiMRgJSkIkJECAPRZBhMqZjDspRiaVYhXXYhK3YiR9xAPU4ipP4BRfRihu4hzZ04Dm68Ra9BEGwCC2CQxgTFoQt4US4Ez5EIBFBxBFJRCYxicglJISSmE58S1QSy4l1xBZiF/ETcYQ4SZwnrhB3iHaik3hFfCQpkk1ySTPSjhxB+pAhZCyZQo4nc8kSsoycRy4m15A15B6yjjxJXiRvkG3kc7KHAqVJGVKWlDPlQ4VRCVQWlUPJqJlUBVVF1VB7qUbqLHWNaqO6qA80k+bQPNqZ9qej6VRaQJfQM+lF9Dp6J11Hn6av0e10N/2FocUwZTgx/BgxjAxGLmMyo5xRxdjOOMw4w7jB6GC8ZTKZhkx7pjczmpnJzGdOYy5ibmDuYzYxrzAfM3tYLJYxy4kVwEpg8VkKVjlrLWsP6wTrKquD9V5NU81CzV0tUi1LTaI2V61KbbfacbWrak/VetV11W3V/dQT1IXqU9WXqG9Tb1S/rN6h3quhp2GvEaCRopGvMUdjjcZejTMa9zVea2pqWmn6ao7VFGvO1lyjuV/znGa75ge2PtuRHcYex1ayF7N3sJvYd9ivtbS07LSCtbK0FFqLtXZpndJ6qPVem6Ptoh2jLdSepV2tXad9VfuFjrqOrU6IzgSdMp0qnYM6l3W6dNV17XTDdPm6M3WrdY/o3tLt0ePouekl6BXpLdLbrXde75k+S99OP0JfqD9Pf6v+Kf3HHIpjzQnjCDjfcrZxznA6uEyuPTeGm8+t5P7IbeF2G+gbeBikGUwxqDY4ZtBmSBnaGcYYFhouMTxgeNPw4xCzISFDREMWDtk75OqQd0ZDjYKNREYVRvuMbhh9NOYZRxgXGC8zrjd+YEKbOJqMNZlsstHkjEnXUO5Q/6GCoRVDDwy9a0qaOpommU4z3Wp6ybTHzNwsykxqttbslFmXuaF5sHm++Urz4+adFhyLQAuxxUqLExa/8wx4IbxC3hreaV63palltKXScotli2Wvlb1VqtVcq31WD6w1rH2sc6xXWjdbd9tY2IyxmW5Ta3PXVt3WxzbPdrXtWdt3dvZ26Xbz7ertntkb2cfYl9nX2t930HIIcihxqHG4Pow5zGdYwbANw1odSUdPxzzHasfLTqSTl5PYaYPTleGM4b7DJcNrht9yZjuHOJc61zq3uxi6xLnMdal3eTHCZkTWiGUjzo744urpWui6zfWem77baLe5bo1ur9wd3QXu1e7XR2qNjBw5a2TDyJceTh4ij40etz05nmM853s2e3728vaSee316vS28Z7kvd77lg/XJ9Fnkc85X4ZvqO8s36O+H/y8/BR+B/z+9Hf2L/Df7f9slP0o0ahtox4HWAXwA7YEtAXyAicFbg5sC7IM4gfVBD0Ktg4WBm8PfhoyLCQ/ZE/Ii1DXUFno4dB3YX5hM8KawqnwqPCK8JYI/YjUiHURDyOtInMjayO7ozyjpkU1RTOiY6OXRd+KMYsRxOyK6R7tPXrG6NOx7Njk2HWxj+Ic42RxjWPIMaPHrBhzP942XhJfn4CEmIQVCQ8S7RNLEn8eyxybOLZ67JMkt6TpSWeTOckTk3cnv00JTVmSci/VIVWZ2pymkzYubVfau/Tw9OXpbRkjMmZkXMw0yRRnNmSxstKytmf1fBPxzapvOsZ5jisfd3O8/fgp489PMJlQOOHYRJ2J/IkHJzEmpU/aPekTP4Ffw+/Jjslen90tCBOsFjwXBgtXCjtFAaLloqc5ATnLc57lBuSuyO3MC8qryusSh4nXiV/mR+dvyn9XkFCwo6CvML1wX5Fa0aSiIxJ9SYHkdLF58ZTiK1Inabm0rcSvZFVJtyxWtl1OyMfLGxRchVRxSemg/E7ZXhpYWl36fnLa5INT9KZIplya6jh14dSnZZFlP0yjpwmmNU+3nD5nevuMkBlbZhIzs2c2z7KeNW9Wx+yo2TvnaMwpmPPrXNe5y+e++Tb928Z5ZvNmz3v8XdR3teXa5bLyW/P9529aQC8QL2hZOHLh2oVfKoQVFypdK6sqPy0SLLrwvdv3a77vW5yzuGWJ15KNS5lLJUtvLgtatnO53vKy5Y9XjFlRt5K3smLlm1UTV52v8qjatFpjtXJ125q4NQ1rbdYuXftpXd66G9Wh1fvWm65fuP7dBuGGqxuDN+7dZLapctPHzeLNt7dEbamrsaup2srcWrr1yba0bWd/8Plh13aT7ZXbP++Q7GjbmbTz9C7vXbt2m+5eUkvWKms794zb0/pj+I8Ne533btlnuK9yP/Yr9//+06Sfbh6IPdB80Ofg3kO2h9Yf5hyuqCPqptZ11+fVtzVkNlw5MvpIc6N/4+GfXX7ecdTyaPUxg2NLjmscn3e870TZiZ4maVPXydyTj5snNt87lXHq+umxp1vOxJ4590vkL6fOhpw9cS7g3NHzfuePXPC5UH/R62LdJc9Lh3/1/PVwi1dL3WXvyw2tvq2NV0ZdOX416OrJa+HXfrkec/3ijfgbV26m3rx9a9ytttvC28/uFN55ebf0bu+92fcZ9yse6D6oemj6sOZfw/61r82r7Vh7ePulR8mP7j0WPH7+m/y3Tx3znmg9qXpq8XTXM/dnRzsjO1t//+b3jufS571d5X/o/bH+hcOLQ38G/3mpO6O746XsZd+rRa+NX+944/GmuSex5+Hbore97yreG7/f+cHnw9mP6R+f9k7+xPq05vOwz41fYr/c7yvq65PyZXwAAAWAzMkBXu0AtDIBTiugod2/f6n2RuLrBvn/4f4dDQDgBewIBlJnA3FNwMYmwHY2wG4CEgGkBIMcOXLwUh15zkj3fi22DGC87+t7bQawGoHPsr6+3g19fZ+3AdQdoKmkf+8DAKYusJkHAL9az/+P/evfXvpsNqq3M8UAADowaVRYdFhNTDpjb20uYWRvYmUueG1wAAAAAAA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/Pgo8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjYtYzExMSA3OS4xNTgzMjUsIDIwMTUvMDkvMTAtMDE6MTA6MjAgICAgICAgICI+CiAgIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgICAgIDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiCiAgICAgICAgICAgIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIKICAgICAgICAgICAgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iCiAgICAgICAgICAgIHhtbG5zOnN0RXZ0PSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VFdmVudCMiCiAgICAgICAgICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgICAgICAgICAgeG1sbnM6cGhvdG9zaG9wPSJodHRwOi8vbnMuYWRvYmUuY29tL3Bob3Rvc2hvcC8xLjAvIgogICAgICAgICAgICB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyIKICAgICAgICAgICAgeG1sbnM6ZXhpZj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8eG1wOkNyZWF0b3JUb29sPkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC94bXA6Q3JlYXRvclRvb2w+CiAgICAgICAgIDx4bXA6Q3JlYXRlRGF0ZT4yMDE3LTA5LTA2VDE1OjMxOjU2LTA0OjAwPC94bXA6Q3JlYXRlRGF0ZT4KICAgICAgICAgPHhtcDpNZXRhZGF0YURhdGU+MjAxNy0wOS0wNlQxNTozMTo1Ni0wNDowMDwveG1wOk1ldGFkYXRhRGF0ZT4KICAgICAgICAgPHhtcDpNb2RpZnlEYXRlPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3htcDpNb2RpZnlEYXRlPgogICAgICAgICA8eG1wTU06SW5zdGFuY2VJRD54bXAuaWlkOjFlMjY4MTE5LWU2NmYtNGJjNC1hZTI0LThiMTViNTg3MzE2MjwveG1wTU06SW5zdGFuY2VJRD4KICAgICAgICAgPHhtcE1NOkRvY3VtZW50SUQ+YWRvYmU6ZG9jaWQ6cGhvdG9zaG9wOjczODM4YzJiLWQzYzgtMTE3YS1iNTYyLTllNjU3MTBkNzc5YzwveG1wTU06RG9jdW1lbnRJRD4KICAgICAgICAgPHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD54bXAuZGlkOjQ1MjdmNDhmLTc2MGMtNGRhYi04NTJkLTNkNGZiOTA4ZmEzNjwveG1wTU06T3JpZ2luYWxEb2N1bWVudElEPgogICAgICAgICA8eG1wTU06SGlzdG9yeT4KICAgICAgICAgICAgPHJkZjpTZXE+CiAgICAgICAgICAgICAgIDxyZGY6bGkgcmRmOnBhcnNlVHlwZT0iUmVzb3VyY2UiPgogICAgICAgICAgICAgICAgICA8c3RFdnQ6YWN0aW9uPmNyZWF0ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDo0NTI3ZjQ4Zi03NjBjLTRkYWItODUyZC0zZDRmYjkwOGZhMzY8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgICAgPHJkZjpsaSByZGY6cGFyc2VUeXBlPSJSZXNvdXJjZSI+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDphY3Rpb24+c2F2ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDoxZTI2ODExOS1lNjZmLTRiYzQtYWUyNC04YjE1YjU4NzMxNjI8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICAgICA8c3RFdnQ6Y2hhbmdlZD4vPC9zdEV2dDpjaGFuZ2VkPgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgPC9yZGY6U2VxPgogICAgICAgICA8L3htcE1NOkhpc3Rvcnk+CiAgICAgICAgIDxkYzpmb3JtYXQ+aW1hZ2UvcG5nPC9kYzpmb3JtYXQ+CiAgICAgICAgIDxwaG90b3Nob3A6Q29sb3JNb2RlPjM8L3Bob3Rvc2hvcDpDb2xvck1vZGU+CiAgICAgICAgIDxwaG90b3Nob3A6SUNDUHJvZmlsZT5EaXNwbGF5PC9waG90b3Nob3A6SUNDUHJvZmlsZT4KICAgICAgICAgPHRpZmY6T3JpZW50YXRpb24+MTwvdGlmZjpPcmllbnRhdGlvbj4KICAgICAgICAgPHRpZmY6WFJlc29sdXRpb24+NzIwMDAwLzEwMDAwPC90aWZmOlhSZXNvbHV0aW9uPgogICAgICAgICA8dGlmZjpZUmVzb2x1dGlvbj43MjAwMDAvMTAwMDA8L3RpZmY6WVJlc29sdXRpb24+CiAgICAgICAgIDx0aWZmOlJlc29sdXRpb25Vbml0PjI8L3RpZmY6UmVzb2x1dGlvblVuaXQ+CiAgICAgICAgIDxleGlmOkNvbG9yU3BhY2U+NjU1MzU8L2V4aWY6Q29sb3JTcGFjZT4KICAgICAgICAgPGV4aWY6UGl4ZWxYRGltZW5zaW9uPjY0PC9leGlmOlBpeGVsWERpbWVuc2lvbj4KICAgICAgICAgPGV4aWY6UGl4ZWxZRGltZW5zaW9uPjU5PC9leGlmOlBpeGVsWURpbWVuc2lvbj4KICAgICAgPC9yZGY6RGVzY3JpcHRpb24+CiAgIDwvcmRmOlJERj4KPC94OnhtcG1ldGE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz6RZ44uAAAAIGNIUk0AAG11AABzoAAA/N0AAINkAABw6AAA7GgAADA+AAAQkOTsmeoAAAreSURBVHja7Jt5VFN3Fse/7yUkgQSyQBAiJWwTglKZqKBVFgURsVFgpAO2TRUonU7n0MWpVqnL6a7jtAdoz+lAsS61damHTnXascLUojMHLVUcpaesjUAVlFUWY7b35g+KhUBCEhJ71Pmd8/sDeO/edz+/e+/v3t97EDRN434eJO7zcd8DYJr+Ijc396kbN26EMxgM7b1kKE3TBEmSRHJy8m6VSlVrFkBLS4u2vLw8715cbS6X+/WcOXN6LYbAM888szckJOSre814giC0y5YtW93c3HzFIgA+n48nnnhi/b0GICIi4j2ZTHZdp9NZToJarRYpKSmXIiIiyu6ZRMdk9sfHx7/OZrMhEoksAxCJRBCLxdi0adOLDAaDuhcAxMbGFoSHh/exWCwIhULLAJhMJrq6uhAVFaWWyWQf3O3Gs9nsrrS0tB1MJhN8Ph8CgcDyNlhSUgKCIMBmszFz5sxX6urqsmmadrlbASiVyu0KheJma2vruNWf0AM0Gg2GhobQ19cHuVzePmvWrPfvVuN5PF772rVrCwBAIBDcnhY9YPr06SOFAzgcDhISEl6tra3NMRqN3LsNQE5Oztbly5cb6+vrxyU/swBM3UShUHRHR0cXVVZWbrqbjOdwOPXu7u6lhw8fRnd3NwiCuP23sLCwX+oD026wtLR0dPkIDw8PdHV1ua9bt+6yTqcT3S0AYmJifi+VSj9ta2sDkzl2nSsqKsx7AJ/PHycsMjJyQKlU7iwrK3trSp1XkBxU+xVAMzDK5cRAb+fYqi0wGLS62W49AoHgYlRU1KcajQZyudy2bnB0shAIBLeBZGdnv+3m5tZh93ak+gNEF/8L/jdnQU7zGTY0Mg4M1fMgl6QNX8TiwHX7R3D/5wWwcvMBEHbpSkxMzPf19YWHhwdEItG4aRFAQEDAmBkYGAihUIiHH35Yn5ubu81eAK6bXwfJZYEdFQaX5BXDyhXRIIwGEDMjAZIE6RcIVvrjII08sLNeBNhsm/X4+vp+m5iY+AVBEBCJRBAKheOmxSRYVVU1USuJhoYGeHt7l7DZ7Be1Wu1vbH0wTdE7YBa9CUN9O/TffD0s9/tqYE4s6LoLAEWBuqKG7ou/w0WZCt2uEkCvsxlARkbGBh8fH9A0PSbxmW2STJNgSkrKhBcaDAb4+fmhsbEx8+TJkwfs6sgkwaCvmsQ2wQHoW2PdMlAOSl1ns/zg4OCvS0tLE/r6+mAwGMxel56ebt4DgoKCLDUVWLBgwcELFy683NvbG26T8dOmw/VPT8PY8CO0e4drK8Zv54Hz5JPQHfsS+q8+G77O1x+02AdEXyfo3m5b2l0899xzGyQSCSiKsmr1JwRgWimZhoK3tzeSkpJePnjw4Oc2VWV7joCzbD5oAFRrM/QnT4Bb/AVc5nrCJe1J9C8IBtWiBql8HOCLgMAwGD8tASijVfIDAgIOL1my5JxWq4W7u7v9R2KWAIxASEpKOlpZWflde3v7XKs16XQgAIwOONqgBU0CtB6A8WdDKSNAkqAp2xpRmUy2tbi4GHq9HtQk90ZGRtpWB5gCkEgkyMjI2FhQUFBh7QMO5mSAynsBhvom6E+eAAAMZS8Fe7UK+q+Og/qpBQBg/Gw34O0H/NRk9eqHhIR8FBoaWt/a2mqT+0+YBMvKJj8HGWkts7KyKtVqdaz1h3KewJBJXIv9gc7WURmQAWZEJAw1Z6yNfX1WVlaoj4+PemBgwCrjCwsLzdcBE+2bppPH40EikSAvL2+DtbYzlq+G66H/gF30GQjPacN1T95r4H15EZw3dgNMFxBcLtzLqyE8XwW39z8BSOakchUKxW6FQqFmMpm3C7fJpk3NkLlhNBqhVCrPFhUVlV2+fPl3k3pNfCoIigIjfC6I4DDQ3dfgEp8C9PWCEZ0McHggJF5gxyuGmxnVatx8/ilAO2i+jCXJmytXrnyFw+HAw8PDJtc3C2Dfvn1WbztsNhthYWFbrQFgOFIC4tk3QJ2rBP39d8PnjwffB3vNs9Af+wQY6gOlHoRm31FwViyFZmeBReMBIC4u7m/z58+/euXKFasXbtIcsGrVKqtupGkaJEnC398fR48ePdDc3Jw5qTLPaaD7ugHjqCLF3RMYGJsXiIBQ0JfrJ8tDN4qLi4P8/f17enp6bFr9Rx55xLwHSKVSmwi6u7tj0aJFW5qbm9MnkjcGWve1MT+zkpRwfeGPuHX4OLQfvvvLdZMY//NRV+HChQt7WlpaJt25HFoHTBQKc+fObTp//vy+mpqabOu7I3dw9xyDiw/ATFoOQ/VpGC9dsG4z4XLb8/PzdwiFQhiNRrti32EAaJqGm5sbUlNTt9XU1DwKgGNdFtWD+rEZ8AkGdY0GPTRotc7w8PC3BgcHb549e9ZizW9ujD4RmjKAES+Ijo7+KTY29oNTp05Z915RdwsDmQnQr82G9vi/QP3YZJ3juLq2hYeHF+/atQs6nc6u1U9LSzMPwNzh4WRe4Orqiuzs7FdOnz6dTdO0VQeoVFsLbr5m2xHDwoULX5NKpbrOzs4pub5ZAA888IB92wlBYNWqVd3l5eXvfPzxx1uccc7H5/MbExISSimKgqenp0NkjgPQ1NRklyCapjE4OAi5XP4mg8F42mg0ih0NQKlUbgsMDKTb29sdsvoTAtizZ4/dwiiKgpeX161Zs2Ztr6mpeduRxnt7e19KS0s7oNfr7QpTqwGIxVNbOBaLhXnz5r1XV1e3TqPRTHfUg6pUqvygoCC0trbCzc3NeQC8vLymJJCmaYjFYl1MTMzrJ06ccMhrteDg4G8fe+yxf+h0OrtLXqsBOEIBg8HA0qVLS86cObO+v78/aKrycnJy/qxQKNDQ0ACSJJ0LYCpl5eghkUiolStXbtu/f/9HU4z9E0NDQ//euXMnNBqNQ55t69atzvWAkVBIT0/ff/z48Y1dXV0z7ZUTExOT39PTg4sXL457xeUUD7CnEjQHQCqVIicnJ3/Hjh2f2xn7n0dGRp7r7u6e9BWXwwD4+fk5TDiHw0FWVtbRvXv3nu7o6Iix9f4VK1Zs5PP5U254bAJw6NAhhwknSRIcDgcymezljo6OU7bcGxERcSAuLq6uo6PD4ZnfIoDq6mqHCacoCkwmE2FhYafr6upOXr9+fbG1t6pUqk1cLhc8Hs9pqz8hgJCQEIcqoGkaAoEAsbGxLx05cuRbKxueDxMTE1va2toclpPu+DZo2ig99NBD1efOnftSrVYvn6SSHNq8eXO+p6cndDqdw/f9O7YLmIYCn89HSkrKSwUFBRYBhIaGFnh5eXU2NjZCr9fD2WMcAA8PD6coMhqNWLRoUW1FRcWR2tra9AkfhsnsnzFjxl8KCwth+kmrI0diYuKdDYGRXMDj8bBmzZoN69evnxDA7NmzdwYGBvZ3dHQ4pej51UJgZOj1eiQnJ6vLysr2VFVVrTWpGToXL178VxaLBbFY7NTMbxGAr6+v05TRNA0vLy9s2bJlY0pKSqZer799gBofH/9maGjorfb2dnA4HNypMQ7AwMCAUxWq1Wr4+/tfk8vlhZcuXXoJALhcbltqauq7JElCKBTesdWfEMDo7wSdNVgsFh588MHtP/zwQ57BYHBLT09/dcaMGcbW1law7fgwyqEAnO1+Ix8vyWSyvqCgoEMtLS2PqlSqUoqinFry/urboCkErVaL2bNnv5OZmXlMKpXi6tWr4HLv/OfIxP//cfI+H/8bANeS5YFpLrRuAAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: vault-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - vault.security.coreos.com + resources: + - vaultservices + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + deployments: + - name: vault-operator + spec: + replicas: 1 + selector: + matchLabels: + name: vault-operator + template: + metadata: + labels: + name: vault-operator + spec: + serviceAccountName: vault-operator + containers: + - name: vault-operator + image: quay.io/coreos/vault-operator@sha256:74036811bc5d6cc1a136d8cc6d5577db67f29ba95eba02fbf0c3a8d2357dc8fe + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + version: 0.1.5 + maturity: alpha + customresourcedefinitions: + owned: + - name: vaultservices.vault.security.coreos.com + version: v1alpha1 + kind: VaultService + displayName: Vault Service + description: A running Vault instance, backed by an Etcd Cluster + resources: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + - kind: Service + version: v1 + - kind: ConfigMap + version: v1 + - kind: Secret + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of Pods for the cluster + displayName: Size + path: nodes + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the node Pods for the Vault cluster. + displayName: Node Status + path: nodes + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running Vault cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The port at which the Vault cluster is running under the service. + displayName: Client Port + path: clientPort + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/prometheusoperator.0.15.0.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: alpha + currentCSV: prometheusoperator.0.15.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/vaultoperator.0.1.9.clusterserviceversion.yaml + packageName: vault + channels: + - name: alpha + currentCSV: vault-operator.0.1.9 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/09-tectoniccomponents.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/09-tectoniccomponents.configmap.yaml new file mode 100644 index 000000000..953c48342 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/09-tectoniccomponents.configmap.yaml @@ -0,0 +1,444 @@ +##--- +# Source: olm/templates/09-tectoniccomponents.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: tectonic-components + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: chargebacks.chargeback.coreos.com + annotations: + catalog.app.coreos.com/description: An instance of Chargeback + catalog.app.coreos.com/displayName: Chargeback + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: chargebacks + singular: chargeback + kind: Chargeback + listKind: ChargebackList + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prestotables.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Presto Table" + catalog.app.coreos.com/description: "A table within PrestoDB" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: prestotables + singular: prestotable + kind: PrestoTable + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Report" + catalog.app.coreos.com/description: "A chargeback report for a specific time interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reports + kind: Report + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportdatasources.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback data source" + catalog.app.coreos.com/description: "A resource describing a source of data for usage by Report Generation Queries" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportdatasources + singular: reportdatasource + kind: ReportDataSource + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportgenerationqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback generation query" + catalog.app.coreos.com/description: "A SQL query used by Chargeback to generate reports" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportgenerationqueries + singular: reportgenerationquery + kind: ReportGenerationQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportprometheusqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback prometheus query" + catalog.app.coreos.com/description: "A Prometheus query by Chargeback to do metering" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportprometheusqueries + singular: reportprometheusquery + kind: ReportPrometheusQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: scheduledreports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Scheduled Report" + catalog.app.coreos.com/description: "A chargeback report that runs on a scheduled interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: scheduledreports + kind: ScheduledReport + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: storagelocations.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback storage location" + catalog.app.coreos.com/description: "Represents a configurable storage location for Chargeback to store metering and report data" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: storagelocations + kind: StorageLocation + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: chargeback-helm-operator.v0.5.1 + namespace: placeholder + annotations: + tectonic-visibility: tectonic-feature + spec: + displayName: Chargeback + description: Chargeback can generate reports based on historical usage data from a cluster, providing accountability for how resources have been used. + keywords: [chargeback metrics reporting coreos] + version: 0.5.1 + maturity: alpha + maintainers: + - email: support@coreos.com + name: CoreOS, Inc + provider: + name: CoreOS, Inc + labels: + alm-owner-chargeback: chargeback-helm-operator + alm-status-descriptors: chargeback-helm-operator.v0.5.1 + selector: + matchLabels: + alm-owner-chargeback: chargeback-helm-operator + install: + strategy: deployment + spec: + permissions: + - rules: + - apiGroups: + - chargeback.coreos.com + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/attach + - pods/exec + - pods/portforward + - pods/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - replicationcontrollers + - replicationcontrollers/scale + - secrets + - serviceaccounts + - services + - services/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/rollback + - deployments/scale + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/rollback + - deployments/scale + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + serviceAccountName: chargeback-helm-operator + deployments: + - name: chargeback-helm-operator + spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: chargeback-helm-operator + template: + metadata: + labels: + app: chargeback-helm-operator + spec: + containers: + - env: + - name: HELM_RELEASE_CRD_NAME + value: Chargeback + - name: HELM_RELEASE_CRD_API_GROUP + value: chargeback.coreos.com + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: HELM_HOST + value: 127.0.0.1:44134 + - name: SET_OWNER_REFERENCE_VALUE + value: "true" + - name: HELM_WAIT + value: "false" + - name: HELM_RECONCILE_INTERVAL_SECONDS + value: "120" + - name: RELEASE_HISTORY_LIMIT + value: "3" + image: quay.io/coreos/chargeback-helm-operator:0.5.1 + imagePullPolicy: Always + name: chargeback-helm-operator + resources: + limits: + cpu: 50m + memory: 25Mi + requests: + cpu: 50m + memory: 25Mi + - env: + - name: TILLER_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TILLER_HISTORY_MAX + value: "3" + image: gcr.io/kubernetes-helm/tiller:v2.6.2 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: tiller + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readiness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 50m + memory: 100Mi + requests: + cpu: 50m + memory: 50Mi + restartPolicy: Always + serviceAccount: chargeback-helm-operator + terminationGracePeriodSeconds: 30 + customresourcedefinitions: + owned: + - description: An instance of Chargeback + displayName: Chargeback + kind: Chargeback + name: chargebacks.chargeback.coreos.com + version: v1alpha1 + - description: A table within PrestoDB + displayName: Chargeback Presto Table + kind: PrestoTable + name: prestotables.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report for a specific time interval + displayName: Chargeback Report + kind: Report + name: reports.chargeback.coreos.com + version: v1alpha1 + - description: A resource describing a source of data for usage by Report Generation + Queries + displayName: Chargeback data source + kind: ReportDataSource + name: reportdatasources.chargeback.coreos.com + version: v1alpha1 + - description: A SQL query used by Chargeback to generate reports + displayName: Chargeback generation query + kind: ReportGenerationQuery + name: reportgenerationqueries.chargeback.coreos.com + version: v1alpha1 + - description: A Prometheus query by Chargeback to do metering + displayName: Chargeback prometheus query + kind: ReportPrometheusQuery + name: reportprometheusqueries.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report that runs on a scheduled interval + displayName: Chargeback Scheduled Report + kind: ScheduledReport + name: scheduledreports.chargeback.coreos.com + version: v1alpha1 + - description: Represents a configurable storage location for Chargeback to store + metering and report data + displayName: Chargeback storage location + kind: StorageLocation + name: storagelocations.chargeback.coreos.com + version: v1alpha1 + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/components/chargeback.v0.5.1.clusterserviceversion.yaml + packageName: chargeback + channels: + - name: alpha + currentCSV: chargeback-helm-operator.v0.5.1 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/10-tectonicocs.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/10-tectonicocs.catalogsource.yaml new file mode 100644 index 000000000..d70321b30 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/10-tectonicocs.catalogsource.yaml @@ -0,0 +1,19 @@ +##--- +# Source: olm/templates/10-tectonicocs.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: app.coreos.com/v1alpha1 +kind: CatalogSource-v1 +metadata: + name: tectonic-ocs + namespace: kube-system + annotations: + tectonic-operators.coreos.com/upgrade-strategy: 'DeleteAndRecreate' +spec: + name: tectonic-ocs + sourceType: internal + configMap: tectonic-ocs + displayName: Tectonic Open Cloud Services + publisher: CoreOS, Inc. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/11-tectoniccomponents.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/11-tectoniccomponents.catalogsource.yaml new file mode 100644 index 000000000..f99221ca1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/11-tectoniccomponents.catalogsource.yaml @@ -0,0 +1,19 @@ +##--- +# Source: olm/templates/11-tectoniccomponents.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: app.coreos.com/v1alpha1 +kind: CatalogSource-v1 +metadata: + name: tectonic-components + namespace: kube-system + annotations: + tectonic-operators.coreos.com/upgrade-strategy: 'DeleteAndRecreate' +spec: + name: tectonic-components + sourceType: internal + configMap: tectonic-components + displayName: Tectonic Cluster Components + publisher: CoreOS, Inc. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/12-alm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/12-alm-operator.deployment.yaml new file mode 100644 index 000000000..2c3868053 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/12-alm-operator.deployment.yaml @@ -0,0 +1,48 @@ +##--- +# Source: olm/templates/12-alm-operator.deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: alm-operator + namespace: kube-system + labels: + app: alm-operator + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: alm-operator + template: + metadata: + labels: + app: alm-operator + spec: + serviceAccountName: alm-operator-serviceaccount + containers: + - name: alm-operator + command: + - /bin/alm + image: quay.io/coreos/olm@sha256:351f0c4973a88a4ea606721555829776429b0ecb53d5a2bfee6bce459d109e5b + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: alm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/13-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/13-catalog-operator.deployment.yaml new file mode 100644 index 000000000..06ccc2e55 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/13-catalog-operator.deployment.yaml @@ -0,0 +1,44 @@ +##--- +# Source: olm/templates/13-catalog-operator.deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: catalog-operator + namespace: kube-system + labels: + app: catalog-operator + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: alm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - kube-system + - '-debug' + image: quay.io/coreos/catalog@sha256:54571e25474a9a063a144922e7321203e5aa5e63d03f748682d559341359a916 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/18-upstreamcomponents.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/18-upstreamcomponents.configmap.yaml new file mode 100644 index 000000000..955525fef --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/18-upstreamcomponents.configmap.yaml @@ -0,0 +1,462 @@ +##--- +# Source: olm/templates/18-upstreamcomponents.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: upstream-components + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: meterings.chargeback.coreos.com + annotations: + catalog.app.coreos.com/description: An instance of Chargeback + catalog.app.coreos.com/displayName: Chargeback + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: meterings + singular: metering + kind: Metering + listKind: MeteringList + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prestotables.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Presto Table" + catalog.app.coreos.com/description: "A table within PrestoDB" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: prestotables + singular: prestotable + kind: PrestoTable + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Report" + catalog.app.coreos.com/description: "A chargeback report for a specific time interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reports + kind: Report + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportdatasources.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback data source" + catalog.app.coreos.com/description: "A resource describing a source of data for usage by Report Generation Queries" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportdatasources + singular: reportdatasource + kind: ReportDataSource + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportgenerationqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback generation query" + catalog.app.coreos.com/description: "A SQL query used by Chargeback to generate reports" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportgenerationqueries + singular: reportgenerationquery + kind: ReportGenerationQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportprometheusqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback prometheus query" + catalog.app.coreos.com/description: "A Prometheus query by Chargeback to do metering" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportprometheusqueries + singular: reportprometheusquery + kind: ReportPrometheusQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: scheduledreports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Scheduled Report" + catalog.app.coreos.com/description: "A chargeback report that runs on a scheduled interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: scheduledreports + kind: ScheduledReport + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: storagelocations.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback storage location" + catalog.app.coreos.com/description: "Represents a configurable storage location for Chargeback to store metering and report data" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: storagelocations + kind: StorageLocation + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: metering-helm-operator.v0.6.0 + namespace: placeholder + annotations: + tectonic-visibility: tectonic-feature + labels: + alm-catalog: tectonic-feature + operator-metering: "true" + spec: + displayName: Metering + description: Metering can generate reports based on historical usage data from a cluster, providing accountability for how resources have been used. + keywords: [metering metrics reporting coreos] + version: 0.6.0 + maturity: alpha + maintainers: + - email: support@coreos.com + name: CoreOS, Inc + provider: + name: CoreOS, Inc + labels: + alm-owner-metering: metering-helm-operator + alm-status-descriptors: metering-helm-operator.v0.6.0 + selector: + matchLabels: + alm-owner-metering: metering-helm-operator + install: + strategy: deployment + spec: + permissions: + - rules: + - apiGroups: + - chargeback.coreos.com + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/attach + - pods/exec + - pods/portforward + - pods/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - replicationcontrollers + - replicationcontrollers/scale + - secrets + - serviceaccounts + - services + - services/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/rollback + - deployments/scale + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/rollback + - deployments/scale + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + serviceAccountName: metering-helm-operator + deployments: + - name: metering-helm-operator + spec: + replicas: 1 + selector: + matchLabels: + app: metering-helm-operator + strategy: + type: Recreate + template: + metadata: + labels: + app: metering-helm-operator + spec: + containers: + - args: + - run-operator.sh + env: + - name: HELM_RELEASE_CRD_NAME + value: Metering + - name: HELM_RELEASE_CRD_API_GROUP + value: chargeback.coreos.com + - name: HELM_CHART_PATH + value: /operator-metering-0.1.0.tgz + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: HELM_HOST + value: 127.0.0.1:44134 + - name: HELM_WAIT + value: "false" + - name: HELM_RECONCILE_INTERVAL_SECONDS + value: "30" + - name: RELEASE_HISTORY_LIMIT + value: "3" + image: quay.io/coreos/chargeback-helm-operator:0.6.0 + imagePullPolicy: Always + name: metering-helm-operator + resources: + limits: + cpu: 50m + memory: 25Mi + requests: + cpu: 50m + memory: 25Mi + - args: + - /tiller + env: + - name: TILLER_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TILLER_HISTORY_MAX + value: "3" + image: quay.io/coreos/chargeback-helm-operator:0.6.0 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: tiller + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readiness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 50m + memory: 100Mi + requests: + cpu: 50m + memory: 50Mi + imagePullSecrets: [] + restartPolicy: Always + securityContext: + runAsNonRoot: true + serviceAccount: metering-helm-operator + terminationGracePeriodSeconds: 30 + customresourcedefinitions: + owned: + - description: An instance of Metering + displayName: Metering + kind: Metering + name: meterings.chargeback.coreos.com + version: v1alpha1 + - description: A table within PrestoDB + displayName: Chargeback Presto Table + kind: PrestoTable + name: prestotables.chargeback.coreos.com + version: v1alpha1 + - description: A resource describing a source of data for usage by Report Generation + Queries + displayName: Chargeback data source + kind: ReportDataSource + name: reportdatasources.chargeback.coreos.com + version: v1alpha1 + - description: A SQL query used by Chargeback to generate reports + displayName: Chargeback generation query + kind: ReportGenerationQuery + name: reportgenerationqueries.chargeback.coreos.com + version: v1alpha1 + - description: A Prometheus query by Chargeback to do metering + displayName: Chargeback prometheus query + kind: ReportPrometheusQuery + name: reportprometheusqueries.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report for a specific time interval + displayName: Chargeback Report + kind: Report + name: reports.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report that runs on a scheduled interval + displayName: Chargeback Scheduled Report + kind: ScheduledReport + name: scheduledreports.chargeback.coreos.com + version: v1alpha1 + - description: Represents a configurable storage location for Chargeback to store + metering and report data + displayName: Chargeback storage location + kind: StorageLocation + name: storagelocations.chargeback.coreos.com + version: v1alpha1 + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/upstream/metering.0.6.0.clusterserviceversion.yaml + packageName: metering + channels: + - currentCSV: metering-helm-operator.v0.6.0 + name: alpha + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/19-upstreamcomponents.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/19-upstreamcomponents.catalogsource.yaml new file mode 100644 index 000000000..8b25e74bf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.4.0/19-upstreamcomponents.catalogsource.yaml @@ -0,0 +1,19 @@ +##--- +# Source: olm/templates/19-upstreamcomponents.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: app.coreos.com/v1alpha1 +kind: CatalogSource-v1 +metadata: + name: upstream-components + namespace: kube-system + annotations: + tectonic-operators.coreos.com/upgrade-strategy: 'DeleteAndRecreate' +spec: + name: upstream-components + sourceType: internal + configMap: upstream-components + displayName: OLM Upstream Components + publisher: CoreOS, Inc. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/01-alm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/01-alm-operator.serviceaccount.yaml new file mode 100644 index 000000000..bdbf631a2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/01-alm-operator.serviceaccount.yaml @@ -0,0 +1,11 @@ +##--- +# Source: olm/templates/01-alm-operator.serviceaccount.yaml +kind: ServiceAccount +apiVersion: v1 +metadata: + name: alm-operator-serviceaccount + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +imagePullSecrets: +- name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/02-alm-operator.rolebinding.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/02-alm-operator.rolebinding.yaml new file mode 100644 index 000000000..7aa932df1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/02-alm-operator.rolebinding.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/02-alm-operator.rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: alm-operator-binding + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: alm-operator-serviceaccount + namespace: kube-system diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..39b3fe5d9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/03-clusterserviceversion.crd.yaml @@ -0,0 +1,413 @@ +##--- +# Source: olm/templates/03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversion-v1s.app.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + names: + plural: clusterserviceversion-v1s + singular: clusterserviceversion-v1 + kind: ClusterServiceVersion-v1 + listKind: ClusterServiceVersionList-v1 + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + validation: + openAPIV3Schema: + type: object + description: Represents a single version of the operator software + required: + - spec + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + descriptions: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/05-catalogsource.crd.yaml new file mode 100644 index 000000000..fb99f0974 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/05-catalogsource.crd.yaml @@ -0,0 +1,54 @@ +##--- +# Source: olm/templates/05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsource-v1s.app.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: catalogsource-v1s + singular: catalogsource-v1 + kind: CatalogSource-v1 + listKind: CatalogSourceList-v1 + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a subscription + required: + - sourceType + - name + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + string: The name of a ConfigMap that holds the entries for an in-memory catalog. + + name: + type: string + description: Name of this catalog source + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/06-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/06-installplan.crd.yaml new file mode 100644 index 000000000..8d9e12860 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/06-installplan.crd.yaml @@ -0,0 +1,60 @@ +##--- +# Source: olm/templates/06-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplan-v1s.app.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: installplan-v1s + singular: installplan-v1 + kind: InstallPlan-v1 + listKind: InstallPlanList-v1 + validation: + openAPIV3Schema: + type: object + description: Document which defines the desire and current state of an installation of a Cluster Service + required: + - spec + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + approval: + type: string + enum: + - Automatic + - Manual + - Update-Only # Will only apply an update if it updates existing packages only and doesn't add any new ones + approved: + type: boolean + anyOf: + - properties: + approval: + enum: + - Manual + required: + - approved + - properties: + approval: + enum: + - Automatic + - Update-Only + required: [] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/07-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/07-subscription.crd.yaml new file mode 100644 index 000000000..b9952b1cf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/07-subscription.crd.yaml @@ -0,0 +1,49 @@ +##--- +# Source: olm/templates/07-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscription-v1s.app.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + group: app.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: subscription-v1s + singular: subscription-v1 + kind: Subscription-v1 + listKind: SubscriptionList-v1 + validation: + openAPIV3Schema: + type: object + description: Represents a subscription to a source and channel + required: + - spec + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + + name: + type: string + description: Name of the package that defines the application + + channel: + type: string + description: Name of the channel to track + + startingCSV: + type: string + description: Name of the AppType that this subscription tracks diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/08-tectonicocs.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/08-tectonicocs.configmap.yaml new file mode 100644 index 000000000..1465dcbb9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/08-tectonicocs.configmap.yaml @@ -0,0 +1,1810 @@ +##--- +# Source: olm/templates/08-tectonicocs.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: tectonic-ocs + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + version: v1 + scope: Namespaced + names: + plural: alertmanagers + singular: alertmanager + kind: Alertmanager + listKind: AlertmanagerList + shortNames: + - alertman + - alrtman + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + validation: + openAPIv3: + type: object + description: Represents a single instance of etcd + additionalProperties: false + required: + - version + properties: + version: + type: string + description: Version string + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + x-descriptors: + - urn:alm:descriptor:versioning:semver + size: + type: number + description: The size of the etcd cluster + min: 1 + max: 9 + x-descriptors: + - urn:alm:descriptor:pod:count + - urn:alm:descriptor:number:integer + template: + type: object + description: Template for fields of subresources + labels: + type: object + description: Labels to apply to associated resources + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + version: v1 + scope: Namespaced + names: + plural: prometheuses + singular: prometheus + kind: Prometheus + listKind: PrometheusList + shortNames: + - prom + - prm + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + version: v1 + scope: Namespaced + names: + plural: servicemonitors + singular: servicemonitor + kind: ServiceMonitor + listKind: ServiceMonitorList + shortNames: + - servicemon + - svcmon + - svcmonitor + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: vaultservices.vault.security.coreos.com + spec: + group: vault.security.coreos.com + version: v1alpha1 + scope: Namespaced + validation: + openAPIv3: + type: object + description: Represents a single instance of Vault + additionalProperties: false + required: + - version + properties: + version: + type: string + description: Version string + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + x-descriptors: + - urn:alm:descriptor:versioning:semver + nodes: + type: number + description: The number of nodes in the Vault cluster + min: 1 + max: 9 + x-descriptors: + - urn:alm:descriptor:pod:count + - urn:alm:descriptor:number:integer + template: + type: object + description: Template for fields of subresources + labels: + type: object + description: Labels to apply to associated resources + names: + plural: vaultservices + singular: vaultservice + kind: VaultService + listKind: VaultServiceList + shortNames: + - vault + - vaultserv + - vaultsrv + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: vault-operator.0.1.9 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"vault.security.coreos.com/v1alpha1","kind":"VaultService","metadata":{"name":"example"},"spec":{"nodes":2,"version":"0.9.1-0"}}]' + labels: + alm-catalog: tectonic-ocs + spec: + displayName: Vault + description: | + An encrypted, multi-tentant secure secret store. Vault handles the lifecycle of your secrets: leasing, key revocation, key rolling, and auditing. + + _The Vault Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Unsealing and using Vault + + Once a Vault instance is running, it must be initalized and "unsealed". Afterwards, your software can use the automatically created Kubernetes Service and Secret to communicate with it. + + [Read the complete guide to using the Vault Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/vault-ocs.html) + + ### Supported Features + + **Secure by Default** + + + Hands-free automated creation of TLS certificates between all components ensure all best practices are followed for secret security. Further, the API makes unseal operations easy. + + + **Highly available** + + + Multiple instances of Vault are clustered together via an etcd backend and secured. + + + **Safe Upgrades** + + + Rolling out a new Vault version is as easy as updating the Vault Cluster definition. Everything is automatically handled using Vault best practices while pausing for unseal tokens. + + keywords: ['vault', 'secret', 'encryption'] + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + provider: + name: CoreOS, Inc + links: + - name: Vault Project + url: https://www.vaultproject.io/ + labels: + alm-status-descriptors: vault-operator.0.1.9 + alm-owner-vault: vault-operator + operated-by: vault-operator + selector: + matchLabels: + alm-owner-vault: vault-operator + operated-by: vault-operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAEAAAAA7CAYAAADLjIzcAAAACXBIWXMAAAsTAAALEwEAmpwYAAAMLGlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjarVd3VFP51t23JKGEmoCAlNARBAHpSO+CgHQYW0gChBJCCip2x0EFxy4WrOjYcNSxADIWRB3rIPbuAx1URsbBgg2V9wcBZ+Z93x9vrfdb6+budbLPPvuce9dd6wA6HnyptJDUBYokCllSVCgvIzOLx2oHCxxogYQ7XyCXhiQmxgHAwP0vhwDe3gQBANec+VJpIf67oycUyQUAkQggWygXFAHEIYA2EUhlCoDRCsB6skKqABhvAHBlGZlZAFMNADe3H5sC4Gb3Y1cAXFlKUhjADAfU2Hy+LBfQTgTAKxXkKgBtKQBXiVAsAbQ3AwgU5PGFgHYbgOFFRcVCQIcNwCH7Lzq5f9PMHtTk83MHcX8vAAC1cLFcWsifiv/1KSpUDtSwAsDOk0UnAeACxM6C4tgkAGyAOCrJjk8AoA8Q58RCQIXv5imjU1X8LoE8LAuAIUBCyA+PBWAKkIbKgtQQFXbny4B+PhkvVsSkqHC2rDhJpU+WSgrj41Q6C/JEMQN4o0gekTzAyRFHxgDQBchDZXkp6f0+ydOl4rR4ANoA2SovSI5V5T4sywuLH+DIlEmpAGwA8k2OLDKpn0MZFckH+qJcBPyIZABGABWsyEuJ7s+lMkTyjLgBD0JReES/B0ookqSqvFEKqSI0SZVbLi1MVPGpjaLCqKT+OVP75aXJA7lXFbIU1cypR/n80Yn9/qm3UkViSr83mkYcwhAOHpTgIRvFyIe4pau+CzzVP5HgQ4ZciOCsigxkpIMPGSTgIxll+AMSiCAfzAsFHzKIUAoJPg9G+3+dkQM+ZCiFCHIU4AlkKKJN6EDan46jA+lgOpB2p31o34E8ns5AVWYEM5wZzYxkDhv0IUAxClEMGcT/RywWhRBBCRlEkAz08FWP8YRxhfGIcYPRxriDNPwGGcQDrIniubJ/OOdhDNqgVE1FhGxI0DnAoe1od9qTDqUD6EDaFzzakDaBM+1B+9AhdBDtT3vSvn9zqBz09nWW/6wnguRv/aji2o7anioX2YNPJmyQ9U+VsL/MSIhixP6TSS2gDlJnqZPUeeooVQ8edYJqoC5Rx6j6v7wJv0GG3MFqSRBBggIUQjzAca117XT99B/V+SoHMoggBxSiKQoACCuWTpWJc/MUvBCptFDEi5EIXIbz3F3dvIGMzCxe/+fjtSEIAIThha+xkibAtwIgcr/G+NbAkScA5+3XmPUrgL0UONYqUMpK+2M0ADCgAR1wYQxzWMMBznCHF/wRjAiMRgJSkIkJECAPRZBhMqZjDspRiaVYhXXYhK3YiR9xAPU4ipP4BRfRihu4hzZ04Dm68Ra9BEGwCC2CQxgTFoQt4US4Ez5EIBFBxBFJRCYxicglJISSmE58S1QSy4l1xBZiF/ETcYQ4SZwnrhB3iHaik3hFfCQpkk1ySTPSjhxB+pAhZCyZQo4nc8kSsoycRy4m15A15B6yjjxJXiRvkG3kc7KHAqVJGVKWlDPlQ4VRCVQWlUPJqJlUBVVF1VB7qUbqLHWNaqO6qA80k+bQPNqZ9qej6VRaQJfQM+lF9Dp6J11Hn6av0e10N/2FocUwZTgx/BgxjAxGLmMyo5xRxdjOOMw4w7jB6GC8ZTKZhkx7pjczmpnJzGdOYy5ibmDuYzYxrzAfM3tYLJYxy4kVwEpg8VkKVjlrLWsP6wTrKquD9V5NU81CzV0tUi1LTaI2V61KbbfacbWrak/VetV11W3V/dQT1IXqU9WXqG9Tb1S/rN6h3quhp2GvEaCRopGvMUdjjcZejTMa9zVea2pqWmn6ao7VFGvO1lyjuV/znGa75ge2PtuRHcYex1ayF7N3sJvYd9ivtbS07LSCtbK0FFqLtXZpndJ6qPVem6Ptoh2jLdSepV2tXad9VfuFjrqOrU6IzgSdMp0qnYM6l3W6dNV17XTDdPm6M3WrdY/o3tLt0ePouekl6BXpLdLbrXde75k+S99OP0JfqD9Pf6v+Kf3HHIpjzQnjCDjfcrZxznA6uEyuPTeGm8+t5P7IbeF2G+gbeBikGUwxqDY4ZtBmSBnaGcYYFhouMTxgeNPw4xCzISFDREMWDtk75OqQd0ZDjYKNREYVRvuMbhh9NOYZRxgXGC8zrjd+YEKbOJqMNZlsstHkjEnXUO5Q/6GCoRVDDwy9a0qaOpommU4z3Wp6ybTHzNwsykxqttbslFmXuaF5sHm++Urz4+adFhyLQAuxxUqLExa/8wx4IbxC3hreaV63palltKXScotli2Wvlb1VqtVcq31WD6w1rH2sc6xXWjdbd9tY2IyxmW5Ta3PXVt3WxzbPdrXtWdt3dvZ26Xbz7ertntkb2cfYl9nX2t930HIIcihxqHG4Pow5zGdYwbANw1odSUdPxzzHasfLTqSTl5PYaYPTleGM4b7DJcNrht9yZjuHOJc61zq3uxi6xLnMdal3eTHCZkTWiGUjzo744urpWui6zfWem77baLe5bo1ur9wd3QXu1e7XR2qNjBw5a2TDyJceTh4ij40etz05nmM853s2e3728vaSee316vS28Z7kvd77lg/XJ9Fnkc85X4ZvqO8s36O+H/y8/BR+B/z+9Hf2L/Df7f9slP0o0ahtox4HWAXwA7YEtAXyAicFbg5sC7IM4gfVBD0Ktg4WBm8PfhoyLCQ/ZE/Ii1DXUFno4dB3YX5hM8KawqnwqPCK8JYI/YjUiHURDyOtInMjayO7ozyjpkU1RTOiY6OXRd+KMYsRxOyK6R7tPXrG6NOx7Njk2HWxj+Ic42RxjWPIMaPHrBhzP942XhJfn4CEmIQVCQ8S7RNLEn8eyxybOLZ67JMkt6TpSWeTOckTk3cnv00JTVmSci/VIVWZ2pymkzYubVfau/Tw9OXpbRkjMmZkXMw0yRRnNmSxstKytmf1fBPxzapvOsZ5jisfd3O8/fgp489PMJlQOOHYRJ2J/IkHJzEmpU/aPekTP4Ffw+/Jjslen90tCBOsFjwXBgtXCjtFAaLloqc5ATnLc57lBuSuyO3MC8qryusSh4nXiV/mR+dvyn9XkFCwo6CvML1wX5Fa0aSiIxJ9SYHkdLF58ZTiK1Inabm0rcSvZFVJtyxWtl1OyMfLGxRchVRxSemg/E7ZXhpYWl36fnLa5INT9KZIplya6jh14dSnZZFlP0yjpwmmNU+3nD5nevuMkBlbZhIzs2c2z7KeNW9Wx+yo2TvnaMwpmPPrXNe5y+e++Tb928Z5ZvNmz3v8XdR3teXa5bLyW/P9529aQC8QL2hZOHLh2oVfKoQVFypdK6sqPy0SLLrwvdv3a77vW5yzuGWJ15KNS5lLJUtvLgtatnO53vKy5Y9XjFlRt5K3smLlm1UTV52v8qjatFpjtXJ125q4NQ1rbdYuXftpXd66G9Wh1fvWm65fuP7dBuGGqxuDN+7dZLapctPHzeLNt7dEbamrsaup2srcWrr1yba0bWd/8Plh13aT7ZXbP++Q7GjbmbTz9C7vXbt2m+5eUkvWKms794zb0/pj+I8Ne533btlnuK9yP/Yr9//+06Sfbh6IPdB80Ofg3kO2h9Yf5hyuqCPqptZ11+fVtzVkNlw5MvpIc6N/4+GfXX7ecdTyaPUxg2NLjmscn3e870TZiZ4maVPXydyTj5snNt87lXHq+umxp1vOxJ4590vkL6fOhpw9cS7g3NHzfuePXPC5UH/R62LdJc9Lh3/1/PVwi1dL3WXvyw2tvq2NV0ZdOX416OrJa+HXfrkec/3ijfgbV26m3rx9a9ytttvC28/uFN55ebf0bu+92fcZ9yse6D6oemj6sOZfw/61r82r7Vh7ePulR8mP7j0WPH7+m/y3Tx3znmg9qXpq8XTXM/dnRzsjO1t//+b3jufS571d5X/o/bH+hcOLQ38G/3mpO6O746XsZd+rRa+NX+944/GmuSex5+Hbore97yreG7/f+cHnw9mP6R+f9k7+xPq05vOwz41fYr/c7yvq65PyZXwAAAWAzMkBXu0AtDIBTiugod2/f6n2RuLrBvn/4f4dDQDgBewIBlJnA3FNwMYmwHY2wG4CEgGkBIMcOXLwUh15zkj3fi22DGC87+t7bQawGoHPsr6+3g19fZ+3AdQdoKmkf+8DAKYusJkHAL9az/+P/evfXvpsNqq3M8UAADowaVRYdFhNTDpjb20uYWRvYmUueG1wAAAAAAA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/Pgo8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjYtYzExMSA3OS4xNTgzMjUsIDIwMTUvMDkvMTAtMDE6MTA6MjAgICAgICAgICI+CiAgIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgICAgIDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiCiAgICAgICAgICAgIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIKICAgICAgICAgICAgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iCiAgICAgICAgICAgIHhtbG5zOnN0RXZ0PSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VFdmVudCMiCiAgICAgICAgICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgICAgICAgICAgeG1sbnM6cGhvdG9zaG9wPSJodHRwOi8vbnMuYWRvYmUuY29tL3Bob3Rvc2hvcC8xLjAvIgogICAgICAgICAgICB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyIKICAgICAgICAgICAgeG1sbnM6ZXhpZj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8eG1wOkNyZWF0b3JUb29sPkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC94bXA6Q3JlYXRvclRvb2w+CiAgICAgICAgIDx4bXA6Q3JlYXRlRGF0ZT4yMDE3LTA5LTA2VDE1OjMxOjU2LTA0OjAwPC94bXA6Q3JlYXRlRGF0ZT4KICAgICAgICAgPHhtcDpNZXRhZGF0YURhdGU+MjAxNy0wOS0wNlQxNTozMTo1Ni0wNDowMDwveG1wOk1ldGFkYXRhRGF0ZT4KICAgICAgICAgPHhtcDpNb2RpZnlEYXRlPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3htcDpNb2RpZnlEYXRlPgogICAgICAgICA8eG1wTU06SW5zdGFuY2VJRD54bXAuaWlkOjFlMjY4MTE5LWU2NmYtNGJjNC1hZTI0LThiMTViNTg3MzE2MjwveG1wTU06SW5zdGFuY2VJRD4KICAgICAgICAgPHhtcE1NOkRvY3VtZW50SUQ+YWRvYmU6ZG9jaWQ6cGhvdG9zaG9wOjczODM4YzJiLWQzYzgtMTE3YS1iNTYyLTllNjU3MTBkNzc5YzwveG1wTU06RG9jdW1lbnRJRD4KICAgICAgICAgPHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD54bXAuZGlkOjQ1MjdmNDhmLTc2MGMtNGRhYi04NTJkLTNkNGZiOTA4ZmEzNjwveG1wTU06T3JpZ2luYWxEb2N1bWVudElEPgogICAgICAgICA8eG1wTU06SGlzdG9yeT4KICAgICAgICAgICAgPHJkZjpTZXE+CiAgICAgICAgICAgICAgIDxyZGY6bGkgcmRmOnBhcnNlVHlwZT0iUmVzb3VyY2UiPgogICAgICAgICAgICAgICAgICA8c3RFdnQ6YWN0aW9uPmNyZWF0ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDo0NTI3ZjQ4Zi03NjBjLTRkYWItODUyZC0zZDRmYjkwOGZhMzY8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgICAgPHJkZjpsaSByZGY6cGFyc2VUeXBlPSJSZXNvdXJjZSI+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDphY3Rpb24+c2F2ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDoxZTI2ODExOS1lNjZmLTRiYzQtYWUyNC04YjE1YjU4NzMxNjI8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICAgICA8c3RFdnQ6Y2hhbmdlZD4vPC9zdEV2dDpjaGFuZ2VkPgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgPC9yZGY6U2VxPgogICAgICAgICA8L3htcE1NOkhpc3Rvcnk+CiAgICAgICAgIDxkYzpmb3JtYXQ+aW1hZ2UvcG5nPC9kYzpmb3JtYXQ+CiAgICAgICAgIDxwaG90b3Nob3A6Q29sb3JNb2RlPjM8L3Bob3Rvc2hvcDpDb2xvck1vZGU+CiAgICAgICAgIDxwaG90b3Nob3A6SUNDUHJvZmlsZT5EaXNwbGF5PC9waG90b3Nob3A6SUNDUHJvZmlsZT4KICAgICAgICAgPHRpZmY6T3JpZW50YXRpb24+MTwvdGlmZjpPcmllbnRhdGlvbj4KICAgICAgICAgPHRpZmY6WFJlc29sdXRpb24+NzIwMDAwLzEwMDAwPC90aWZmOlhSZXNvbHV0aW9uPgogICAgICAgICA8dGlmZjpZUmVzb2x1dGlvbj43MjAwMDAvMTAwMDA8L3RpZmY6WVJlc29sdXRpb24+CiAgICAgICAgIDx0aWZmOlJlc29sdXRpb25Vbml0PjI8L3RpZmY6UmVzb2x1dGlvblVuaXQ+CiAgICAgICAgIDxleGlmOkNvbG9yU3BhY2U+NjU1MzU8L2V4aWY6Q29sb3JTcGFjZT4KICAgICAgICAgPGV4aWY6UGl4ZWxYRGltZW5zaW9uPjY0PC9leGlmOlBpeGVsWERpbWVuc2lvbj4KICAgICAgICAgPGV4aWY6UGl4ZWxZRGltZW5zaW9uPjU5PC9leGlmOlBpeGVsWURpbWVuc2lvbj4KICAgICAgPC9yZGY6RGVzY3JpcHRpb24+CiAgIDwvcmRmOlJERj4KPC94OnhtcG1ldGE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz6RZ44uAAAAIGNIUk0AAG11AABzoAAA/N0AAINkAABw6AAA7GgAADA+AAAQkOTsmeoAAAreSURBVHja7Jt5VFN3Fse/7yUkgQSyQBAiJWwTglKZqKBVFgURsVFgpAO2TRUonU7n0MWpVqnL6a7jtAdoz+lAsS61damHTnXascLUojMHLVUcpaesjUAVlFUWY7b35g+KhUBCEhJ71Pmd8/sDeO/edz+/e+/v3t97EDRN434eJO7zcd8DYJr+Ijc396kbN26EMxgM7b1kKE3TBEmSRHJy8m6VSlVrFkBLS4u2vLw8715cbS6X+/WcOXN6LYbAM888szckJOSre814giC0y5YtW93c3HzFIgA+n48nnnhi/b0GICIi4j2ZTHZdp9NZToJarRYpKSmXIiIiyu6ZRMdk9sfHx7/OZrMhEoksAxCJRBCLxdi0adOLDAaDuhcAxMbGFoSHh/exWCwIhULLAJhMJrq6uhAVFaWWyWQf3O3Gs9nsrrS0tB1MJhN8Ph8CgcDyNlhSUgKCIMBmszFz5sxX6urqsmmadrlbASiVyu0KheJma2vruNWf0AM0Gg2GhobQ19cHuVzePmvWrPfvVuN5PF772rVrCwBAIBDcnhY9YPr06SOFAzgcDhISEl6tra3NMRqN3LsNQE5Oztbly5cb6+vrxyU/swBM3UShUHRHR0cXVVZWbrqbjOdwOPXu7u6lhw8fRnd3NwiCuP23sLCwX+oD026wtLR0dPkIDw8PdHV1ua9bt+6yTqcT3S0AYmJifi+VSj9ta2sDkzl2nSsqKsx7AJ/PHycsMjJyQKlU7iwrK3trSp1XkBxU+xVAMzDK5cRAb+fYqi0wGLS62W49AoHgYlRU1KcajQZyudy2bnB0shAIBLeBZGdnv+3m5tZh93ak+gNEF/8L/jdnQU7zGTY0Mg4M1fMgl6QNX8TiwHX7R3D/5wWwcvMBEHbpSkxMzPf19YWHhwdEItG4aRFAQEDAmBkYGAihUIiHH35Yn5ubu81eAK6bXwfJZYEdFQaX5BXDyhXRIIwGEDMjAZIE6RcIVvrjII08sLNeBNhsm/X4+vp+m5iY+AVBEBCJRBAKheOmxSRYVVU1USuJhoYGeHt7l7DZ7Be1Wu1vbH0wTdE7YBa9CUN9O/TffD0s9/tqYE4s6LoLAEWBuqKG7ou/w0WZCt2uEkCvsxlARkbGBh8fH9A0PSbxmW2STJNgSkrKhBcaDAb4+fmhsbEx8+TJkwfs6sgkwaCvmsQ2wQHoW2PdMlAOSl1ns/zg4OCvS0tLE/r6+mAwGMxel56ebt4DgoKCLDUVWLBgwcELFy683NvbG26T8dOmw/VPT8PY8CO0e4drK8Zv54Hz5JPQHfsS+q8+G77O1x+02AdEXyfo3m5b2l0899xzGyQSCSiKsmr1JwRgWimZhoK3tzeSkpJePnjw4Oc2VWV7joCzbD5oAFRrM/QnT4Bb/AVc5nrCJe1J9C8IBtWiBql8HOCLgMAwGD8tASijVfIDAgIOL1my5JxWq4W7u7v9R2KWAIxASEpKOlpZWflde3v7XKs16XQgAIwOONqgBU0CtB6A8WdDKSNAkqAp2xpRmUy2tbi4GHq9HtQk90ZGRtpWB5gCkEgkyMjI2FhQUFBh7QMO5mSAynsBhvom6E+eAAAMZS8Fe7UK+q+Og/qpBQBg/Gw34O0H/NRk9eqHhIR8FBoaWt/a2mqT+0+YBMvKJj8HGWkts7KyKtVqdaz1h3KewJBJXIv9gc7WURmQAWZEJAw1Z6yNfX1WVlaoj4+PemBgwCrjCwsLzdcBE+2bppPH40EikSAvL2+DtbYzlq+G66H/gF30GQjPacN1T95r4H15EZw3dgNMFxBcLtzLqyE8XwW39z8BSOakchUKxW6FQqFmMpm3C7fJpk3NkLlhNBqhVCrPFhUVlV2+fPl3k3pNfCoIigIjfC6I4DDQ3dfgEp8C9PWCEZ0McHggJF5gxyuGmxnVatx8/ilAO2i+jCXJmytXrnyFw+HAw8PDJtc3C2Dfvn1WbztsNhthYWFbrQFgOFIC4tk3QJ2rBP39d8PnjwffB3vNs9Af+wQY6gOlHoRm31FwViyFZmeBReMBIC4u7m/z58+/euXKFasXbtIcsGrVKqtupGkaJEnC398fR48ePdDc3Jw5qTLPaaD7ugHjqCLF3RMYGJsXiIBQ0JfrJ8tDN4qLi4P8/f17enp6bFr9Rx55xLwHSKVSmwi6u7tj0aJFW5qbm9MnkjcGWve1MT+zkpRwfeGPuHX4OLQfvvvLdZMY//NRV+HChQt7WlpaJt25HFoHTBQKc+fObTp//vy+mpqabOu7I3dw9xyDiw/ATFoOQ/VpGC9dsG4z4XLb8/PzdwiFQhiNRrti32EAaJqGm5sbUlNTt9XU1DwKgGNdFtWD+rEZ8AkGdY0GPTRotc7w8PC3BgcHb549e9ZizW9ujD4RmjKAES+Ijo7+KTY29oNTp05Z915RdwsDmQnQr82G9vi/QP3YZJ3juLq2hYeHF+/atQs6nc6u1U9LSzMPwNzh4WRe4Orqiuzs7FdOnz6dTdO0VQeoVFsLbr5m2xHDwoULX5NKpbrOzs4pub5ZAA888IB92wlBYNWqVd3l5eXvfPzxx1uccc7H5/MbExISSimKgqenp0NkjgPQ1NRklyCapjE4OAi5XP4mg8F42mg0ih0NQKlUbgsMDKTb29sdsvoTAtizZ4/dwiiKgpeX161Zs2Ztr6mpeduRxnt7e19KS0s7oNfr7QpTqwGIxVNbOBaLhXnz5r1XV1e3TqPRTHfUg6pUqvygoCC0trbCzc3NeQC8vLymJJCmaYjFYl1MTMzrJ06ccMhrteDg4G8fe+yxf+h0OrtLXqsBOEIBg8HA0qVLS86cObO+v78/aKrycnJy/qxQKNDQ0ACSJJ0LYCpl5eghkUiolStXbtu/f/9HU4z9E0NDQ//euXMnNBqNQ55t69atzvWAkVBIT0/ff/z48Y1dXV0z7ZUTExOT39PTg4sXL457xeUUD7CnEjQHQCqVIicnJ3/Hjh2f2xn7n0dGRp7r7u6e9BWXwwD4+fk5TDiHw0FWVtbRvXv3nu7o6Iix9f4VK1Zs5PP5U254bAJw6NAhhwknSRIcDgcymezljo6OU7bcGxERcSAuLq6uo6PD4ZnfIoDq6mqHCacoCkwmE2FhYafr6upOXr9+fbG1t6pUqk1cLhc8Hs9pqz8hgJCQEIcqoGkaAoEAsbGxLx05cuRbKxueDxMTE1va2toclpPu+DZo2ig99NBD1efOnftSrVYvn6SSHNq8eXO+p6cndDqdw/f9O7YLmIYCn89HSkrKSwUFBRYBhIaGFnh5eXU2NjZCr9fD2WMcAA8PD6coMhqNWLRoUW1FRcWR2tra9AkfhsnsnzFjxl8KCwth+kmrI0diYuKdDYGRXMDj8bBmzZoN69evnxDA7NmzdwYGBvZ3dHQ4pej51UJgZOj1eiQnJ6vLysr2VFVVrTWpGToXL178VxaLBbFY7NTMbxGAr6+v05TRNA0vLy9s2bJlY0pKSqZer799gBofH/9maGjorfb2dnA4HNypMQ7AwMCAUxWq1Wr4+/tfk8vlhZcuXXoJALhcbltqauq7JElCKBTesdWfEMDo7wSdNVgsFh588MHtP/zwQ57BYHBLT09/dcaMGcbW1law7fgwyqEAnO1+Ix8vyWSyvqCgoEMtLS2PqlSqUoqinFry/urboCkErVaL2bNnv5OZmXlMKpXi6tWr4HLv/OfIxP//cfI+H/8bANeS5YFpLrRuAAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: vault-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - vault.security.coreos.com + resources: + - vaultservices + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + deployments: + - name: vault-operator + spec: + replicas: 1 + selector: + matchLabels: + name: vault-operator + template: + metadata: + labels: + name: vault-operator + spec: + serviceAccountName: vault-operator + containers: + - name: vault-operator + image: quay.io/coreos/vault-operator@sha256:945a0a6d88cf6fa2bce9a83019a2a64f74d89fc8281301a4259f3302eabc79e6 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + version: 0.1.9 + replaces: vault-operator.0.1.5 + maturity: alpha + customresourcedefinitions: + owned: + - name: vaultservices.vault.security.coreos.com + version: v1alpha1 + kind: VaultService + displayName: Vault Service + description: A running Vault instance, backed by an Etcd Cluster + resources: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + - kind: Service + version: v1 + - kind: ConfigMap + version: v1 + - kind: Secret + version: v1 + - kind: Deployment + version: v1beta2 + - kind: ReplicaSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of Pods for the cluster + displayName: Size + path: nodes + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The service at which the running Vault cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The port at which the Vault cluster is running under the service. + displayName: Client Port + path: clientPort + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents a backup for an etcd cluster + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents one try of restoring etcd cluster from previous backup + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + namespace: placeholder + name: vault-operator.0.1.5 + annotations: + tectonic-visibility: ocs + spec: + displayName: Vault + description: | + An encrypted, multi-tentant secure secret store. Vault handles the lifecycle of your secrets: leasing, key revocation, key rolling, and auditing. + + _The Vault Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Unsealing and using Vault + + Once a Vault instance is running, it must be initalized and "unsealed". Afterwards, your software can use the automatically created Kubernetes Service and Secret to communicate with it. + + [Read the complete guide to using the Vault Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/vault-ocs.html) + + ### Supported Features + + **Secure by Default** + Hands-free automated creation of TLS certificates between all components ensure all best practices are followed for secret security. Further, the API makes unseal operations easy. + **Highly available** + Multiple instances of Vault are clustered together via an etcd backend and secured. + **Safe Upgrades** + Rolling out a new Vault version is as easy as updating the Vault Cluster definition. Everything is automatically handled using Vault best practices while pausing for unseal tokens. + + keywords: ['vault', 'secret', 'encryption'] + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + provider: + name: CoreOS, Inc + links: + - name: Vault Project + url: https://www.vaultproject.io/ + labels: + alm-status-descriptors: vault-operator.0.1.5 + alm-owner-vault: vault-operator + operated-by: vault-operator + selector: + matchLabels: + alm-owner-vault: vault-operator + operated-by: vault-operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAEAAAAA7CAYAAADLjIzcAAAACXBIWXMAAAsTAAALEwEAmpwYAAAMLGlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjarVd3VFP51t23JKGEmoCAlNARBAHpSO+CgHQYW0gChBJCCip2x0EFxy4WrOjYcNSxADIWRB3rIPbuAx1URsbBgg2V9wcBZ+Z93x9vrfdb6+budbLPPvuce9dd6wA6HnyptJDUBYokCllSVCgvIzOLx2oHCxxogYQ7XyCXhiQmxgHAwP0vhwDe3gQBANec+VJpIf67oycUyQUAkQggWygXFAHEIYA2EUhlCoDRCsB6skKqABhvAHBlGZlZAFMNADe3H5sC4Gb3Y1cAXFlKUhjADAfU2Hy+LBfQTgTAKxXkKgBtKQBXiVAsAbQ3AwgU5PGFgHYbgOFFRcVCQIcNwCH7Lzq5f9PMHtTk83MHcX8vAAC1cLFcWsifiv/1KSpUDtSwAsDOk0UnAeACxM6C4tgkAGyAOCrJjk8AoA8Q58RCQIXv5imjU1X8LoE8LAuAIUBCyA+PBWAKkIbKgtQQFXbny4B+PhkvVsSkqHC2rDhJpU+WSgrj41Q6C/JEMQN4o0gekTzAyRFHxgDQBchDZXkp6f0+ydOl4rR4ANoA2SovSI5V5T4sywuLH+DIlEmpAGwA8k2OLDKpn0MZFckH+qJcBPyIZABGABWsyEuJ7s+lMkTyjLgBD0JReES/B0ookqSqvFEKqSI0SZVbLi1MVPGpjaLCqKT+OVP75aXJA7lXFbIU1cypR/n80Yn9/qm3UkViSr83mkYcwhAOHpTgIRvFyIe4pau+CzzVP5HgQ4ZciOCsigxkpIMPGSTgIxll+AMSiCAfzAsFHzKIUAoJPg9G+3+dkQM+ZCiFCHIU4AlkKKJN6EDan46jA+lgOpB2p31o34E8ns5AVWYEM5wZzYxkDhv0IUAxClEMGcT/RywWhRBBCRlEkAz08FWP8YRxhfGIcYPRxriDNPwGGcQDrIniubJ/OOdhDNqgVE1FhGxI0DnAoe1od9qTDqUD6EDaFzzakDaBM+1B+9AhdBDtT3vSvn9zqBz09nWW/6wnguRv/aji2o7anioX2YNPJmyQ9U+VsL/MSIhixP6TSS2gDlJnqZPUeeooVQ8edYJqoC5Rx6j6v7wJv0GG3MFqSRBBggIUQjzAca117XT99B/V+SoHMoggBxSiKQoACCuWTpWJc/MUvBCptFDEi5EIXIbz3F3dvIGMzCxe/+fjtSEIAIThha+xkibAtwIgcr/G+NbAkScA5+3XmPUrgL0UONYqUMpK+2M0ADCgAR1wYQxzWMMBznCHF/wRjAiMRgJSkIkJECAPRZBhMqZjDspRiaVYhXXYhK3YiR9xAPU4ipP4BRfRihu4hzZ04Dm68Ra9BEGwCC2CQxgTFoQt4US4Ez5EIBFBxBFJRCYxicglJISSmE58S1QSy4l1xBZiF/ETcYQ4SZwnrhB3iHaik3hFfCQpkk1ySTPSjhxB+pAhZCyZQo4nc8kSsoycRy4m15A15B6yjjxJXiRvkG3kc7KHAqVJGVKWlDPlQ4VRCVQWlUPJqJlUBVVF1VB7qUbqLHWNaqO6qA80k+bQPNqZ9qej6VRaQJfQM+lF9Dp6J11Hn6av0e10N/2FocUwZTgx/BgxjAxGLmMyo5xRxdjOOMw4w7jB6GC8ZTKZhkx7pjczmpnJzGdOYy5ibmDuYzYxrzAfM3tYLJYxy4kVwEpg8VkKVjlrLWsP6wTrKquD9V5NU81CzV0tUi1LTaI2V61KbbfacbWrak/VetV11W3V/dQT1IXqU9WXqG9Tb1S/rN6h3quhp2GvEaCRopGvMUdjjcZejTMa9zVea2pqWmn6ao7VFGvO1lyjuV/znGa75ge2PtuRHcYex1ayF7N3sJvYd9ivtbS07LSCtbK0FFqLtXZpndJ6qPVem6Ptoh2jLdSepV2tXad9VfuFjrqOrU6IzgSdMp0qnYM6l3W6dNV17XTDdPm6M3WrdY/o3tLt0ePouekl6BXpLdLbrXde75k+S99OP0JfqD9Pf6v+Kf3HHIpjzQnjCDjfcrZxznA6uEyuPTeGm8+t5P7IbeF2G+gbeBikGUwxqDY4ZtBmSBnaGcYYFhouMTxgeNPw4xCzISFDREMWDtk75OqQd0ZDjYKNREYVRvuMbhh9NOYZRxgXGC8zrjd+YEKbOJqMNZlsstHkjEnXUO5Q/6GCoRVDDwy9a0qaOpommU4z3Wp6ybTHzNwsykxqttbslFmXuaF5sHm++Urz4+adFhyLQAuxxUqLExa/8wx4IbxC3hreaV63palltKXScotli2Wvlb1VqtVcq31WD6w1rH2sc6xXWjdbd9tY2IyxmW5Ta3PXVt3WxzbPdrXtWdt3dvZ26Xbz7ertntkb2cfYl9nX2t930HIIcihxqHG4Pow5zGdYwbANw1odSUdPxzzHasfLTqSTl5PYaYPTleGM4b7DJcNrht9yZjuHOJc61zq3uxi6xLnMdal3eTHCZkTWiGUjzo744urpWui6zfWem77baLe5bo1ur9wd3QXu1e7XR2qNjBw5a2TDyJceTh4ij40etz05nmM853s2e3728vaSee316vS28Z7kvd77lg/XJ9Fnkc85X4ZvqO8s36O+H/y8/BR+B/z+9Hf2L/Df7f9slP0o0ahtox4HWAXwA7YEtAXyAicFbg5sC7IM4gfVBD0Ktg4WBm8PfhoyLCQ/ZE/Ii1DXUFno4dB3YX5hM8KawqnwqPCK8JYI/YjUiHURDyOtInMjayO7ozyjpkU1RTOiY6OXRd+KMYsRxOyK6R7tPXrG6NOx7Njk2HWxj+Ic42RxjWPIMaPHrBhzP942XhJfn4CEmIQVCQ8S7RNLEn8eyxybOLZ67JMkt6TpSWeTOckTk3cnv00JTVmSci/VIVWZ2pymkzYubVfau/Tw9OXpbRkjMmZkXMw0yRRnNmSxstKytmf1fBPxzapvOsZ5jisfd3O8/fgp489PMJlQOOHYRJ2J/IkHJzEmpU/aPekTP4Ffw+/Jjslen90tCBOsFjwXBgtXCjtFAaLloqc5ATnLc57lBuSuyO3MC8qryusSh4nXiV/mR+dvyn9XkFCwo6CvML1wX5Fa0aSiIxJ9SYHkdLF58ZTiK1Inabm0rcSvZFVJtyxWtl1OyMfLGxRchVRxSemg/E7ZXhpYWl36fnLa5INT9KZIplya6jh14dSnZZFlP0yjpwmmNU+3nD5nevuMkBlbZhIzs2c2z7KeNW9Wx+yo2TvnaMwpmPPrXNe5y+e++Tb928Z5ZvNmz3v8XdR3teXa5bLyW/P9529aQC8QL2hZOHLh2oVfKoQVFypdK6sqPy0SLLrwvdv3a77vW5yzuGWJ15KNS5lLJUtvLgtatnO53vKy5Y9XjFlRt5K3smLlm1UTV52v8qjatFpjtXJ125q4NQ1rbdYuXftpXd66G9Wh1fvWm65fuP7dBuGGqxuDN+7dZLapctPHzeLNt7dEbamrsaup2srcWrr1yba0bWd/8Plh13aT7ZXbP++Q7GjbmbTz9C7vXbt2m+5eUkvWKms794zb0/pj+I8Ne533btlnuK9yP/Yr9//+06Sfbh6IPdB80Ofg3kO2h9Yf5hyuqCPqptZ11+fVtzVkNlw5MvpIc6N/4+GfXX7ecdTyaPUxg2NLjmscn3e870TZiZ4maVPXydyTj5snNt87lXHq+umxp1vOxJ4590vkL6fOhpw9cS7g3NHzfuePXPC5UH/R62LdJc9Lh3/1/PVwi1dL3WXvyw2tvq2NV0ZdOX416OrJa+HXfrkec/3ijfgbV26m3rx9a9ytttvC28/uFN55ebf0bu+92fcZ9yse6D6oemj6sOZfw/61r82r7Vh7ePulR8mP7j0WPH7+m/y3Tx3znmg9qXpq8XTXM/dnRzsjO1t//+b3jufS571d5X/o/bH+hcOLQ38G/3mpO6O746XsZd+rRa+NX+944/GmuSex5+Hbore97yreG7/f+cHnw9mP6R+f9k7+xPq05vOwz41fYr/c7yvq65PyZXwAAAWAzMkBXu0AtDIBTiugod2/f6n2RuLrBvn/4f4dDQDgBewIBlJnA3FNwMYmwHY2wG4CEgGkBIMcOXLwUh15zkj3fi22DGC87+t7bQawGoHPsr6+3g19fZ+3AdQdoKmkf+8DAKYusJkHAL9az/+P/evfXvpsNqq3M8UAADowaVRYdFhNTDpjb20uYWRvYmUueG1wAAAAAAA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/Pgo8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjYtYzExMSA3OS4xNTgzMjUsIDIwMTUvMDkvMTAtMDE6MTA6MjAgICAgICAgICI+CiAgIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgICAgIDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiCiAgICAgICAgICAgIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIKICAgICAgICAgICAgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iCiAgICAgICAgICAgIHhtbG5zOnN0RXZ0PSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VFdmVudCMiCiAgICAgICAgICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgICAgICAgICAgeG1sbnM6cGhvdG9zaG9wPSJodHRwOi8vbnMuYWRvYmUuY29tL3Bob3Rvc2hvcC8xLjAvIgogICAgICAgICAgICB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyIKICAgICAgICAgICAgeG1sbnM6ZXhpZj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8eG1wOkNyZWF0b3JUb29sPkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC94bXA6Q3JlYXRvclRvb2w+CiAgICAgICAgIDx4bXA6Q3JlYXRlRGF0ZT4yMDE3LTA5LTA2VDE1OjMxOjU2LTA0OjAwPC94bXA6Q3JlYXRlRGF0ZT4KICAgICAgICAgPHhtcDpNZXRhZGF0YURhdGU+MjAxNy0wOS0wNlQxNTozMTo1Ni0wNDowMDwveG1wOk1ldGFkYXRhRGF0ZT4KICAgICAgICAgPHhtcDpNb2RpZnlEYXRlPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3htcDpNb2RpZnlEYXRlPgogICAgICAgICA8eG1wTU06SW5zdGFuY2VJRD54bXAuaWlkOjFlMjY4MTE5LWU2NmYtNGJjNC1hZTI0LThiMTViNTg3MzE2MjwveG1wTU06SW5zdGFuY2VJRD4KICAgICAgICAgPHhtcE1NOkRvY3VtZW50SUQ+YWRvYmU6ZG9jaWQ6cGhvdG9zaG9wOjczODM4YzJiLWQzYzgtMTE3YS1iNTYyLTllNjU3MTBkNzc5YzwveG1wTU06RG9jdW1lbnRJRD4KICAgICAgICAgPHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD54bXAuZGlkOjQ1MjdmNDhmLTc2MGMtNGRhYi04NTJkLTNkNGZiOTA4ZmEzNjwveG1wTU06T3JpZ2luYWxEb2N1bWVudElEPgogICAgICAgICA8eG1wTU06SGlzdG9yeT4KICAgICAgICAgICAgPHJkZjpTZXE+CiAgICAgICAgICAgICAgIDxyZGY6bGkgcmRmOnBhcnNlVHlwZT0iUmVzb3VyY2UiPgogICAgICAgICAgICAgICAgICA8c3RFdnQ6YWN0aW9uPmNyZWF0ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDo0NTI3ZjQ4Zi03NjBjLTRkYWItODUyZC0zZDRmYjkwOGZhMzY8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgICAgPHJkZjpsaSByZGY6cGFyc2VUeXBlPSJSZXNvdXJjZSI+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDphY3Rpb24+c2F2ZWQ8L3N0RXZ0OmFjdGlvbj4KICAgICAgICAgICAgICAgICAgPHN0RXZ0Omluc3RhbmNlSUQ+eG1wLmlpZDoxZTI2ODExOS1lNjZmLTRiYzQtYWUyNC04YjE1YjU4NzMxNjI8L3N0RXZ0Omluc3RhbmNlSUQ+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDp3aGVuPjIwMTctMDktMDZUMTU6MzE6NTYtMDQ6MDA8L3N0RXZ0OndoZW4+CiAgICAgICAgICAgICAgICAgIDxzdEV2dDpzb2Z0d2FyZUFnZW50PkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpPC9zdEV2dDpzb2Z0d2FyZUFnZW50PgogICAgICAgICAgICAgICAgICA8c3RFdnQ6Y2hhbmdlZD4vPC9zdEV2dDpjaGFuZ2VkPgogICAgICAgICAgICAgICA8L3JkZjpsaT4KICAgICAgICAgICAgPC9yZGY6U2VxPgogICAgICAgICA8L3htcE1NOkhpc3Rvcnk+CiAgICAgICAgIDxkYzpmb3JtYXQ+aW1hZ2UvcG5nPC9kYzpmb3JtYXQ+CiAgICAgICAgIDxwaG90b3Nob3A6Q29sb3JNb2RlPjM8L3Bob3Rvc2hvcDpDb2xvck1vZGU+CiAgICAgICAgIDxwaG90b3Nob3A6SUNDUHJvZmlsZT5EaXNwbGF5PC9waG90b3Nob3A6SUNDUHJvZmlsZT4KICAgICAgICAgPHRpZmY6T3JpZW50YXRpb24+MTwvdGlmZjpPcmllbnRhdGlvbj4KICAgICAgICAgPHRpZmY6WFJlc29sdXRpb24+NzIwMDAwLzEwMDAwPC90aWZmOlhSZXNvbHV0aW9uPgogICAgICAgICA8dGlmZjpZUmVzb2x1dGlvbj43MjAwMDAvMTAwMDA8L3RpZmY6WVJlc29sdXRpb24+CiAgICAgICAgIDx0aWZmOlJlc29sdXRpb25Vbml0PjI8L3RpZmY6UmVzb2x1dGlvblVuaXQ+CiAgICAgICAgIDxleGlmOkNvbG9yU3BhY2U+NjU1MzU8L2V4aWY6Q29sb3JTcGFjZT4KICAgICAgICAgPGV4aWY6UGl4ZWxYRGltZW5zaW9uPjY0PC9leGlmOlBpeGVsWERpbWVuc2lvbj4KICAgICAgICAgPGV4aWY6UGl4ZWxZRGltZW5zaW9uPjU5PC9leGlmOlBpeGVsWURpbWVuc2lvbj4KICAgICAgPC9yZGY6RGVzY3JpcHRpb24+CiAgIDwvcmRmOlJERj4KPC94OnhtcG1ldGE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz6RZ44uAAAAIGNIUk0AAG11AABzoAAA/N0AAINkAABw6AAA7GgAADA+AAAQkOTsmeoAAAreSURBVHja7Jt5VFN3Fse/7yUkgQSyQBAiJWwTglKZqKBVFgURsVFgpAO2TRUonU7n0MWpVqnL6a7jtAdoz+lAsS61damHTnXascLUojMHLVUcpaesjUAVlFUWY7b35g+KhUBCEhJ71Pmd8/sDeO/edz+/e+/v3t97EDRN434eJO7zcd8DYJr+Ijc396kbN26EMxgM7b1kKE3TBEmSRHJy8m6VSlVrFkBLS4u2vLw8715cbS6X+/WcOXN6LYbAM888szckJOSre814giC0y5YtW93c3HzFIgA+n48nnnhi/b0GICIi4j2ZTHZdp9NZToJarRYpKSmXIiIiyu6ZRMdk9sfHx7/OZrMhEoksAxCJRBCLxdi0adOLDAaDuhcAxMbGFoSHh/exWCwIhULLAJhMJrq6uhAVFaWWyWQf3O3Gs9nsrrS0tB1MJhN8Ph8CgcDyNlhSUgKCIMBmszFz5sxX6urqsmmadrlbASiVyu0KheJma2vruNWf0AM0Gg2GhobQ19cHuVzePmvWrPfvVuN5PF772rVrCwBAIBDcnhY9YPr06SOFAzgcDhISEl6tra3NMRqN3LsNQE5Oztbly5cb6+vrxyU/swBM3UShUHRHR0cXVVZWbrqbjOdwOPXu7u6lhw8fRnd3NwiCuP23sLCwX+oD026wtLR0dPkIDw8PdHV1ua9bt+6yTqcT3S0AYmJifi+VSj9ta2sDkzl2nSsqKsx7AJ/PHycsMjJyQKlU7iwrK3trSp1XkBxU+xVAMzDK5cRAb+fYqi0wGLS62W49AoHgYlRU1KcajQZyudy2bnB0shAIBLeBZGdnv+3m5tZh93ak+gNEF/8L/jdnQU7zGTY0Mg4M1fMgl6QNX8TiwHX7R3D/5wWwcvMBEHbpSkxMzPf19YWHhwdEItG4aRFAQEDAmBkYGAihUIiHH35Yn5ubu81eAK6bXwfJZYEdFQaX5BXDyhXRIIwGEDMjAZIE6RcIVvrjII08sLNeBNhsm/X4+vp+m5iY+AVBEBCJRBAKheOmxSRYVVU1USuJhoYGeHt7l7DZ7Be1Wu1vbH0wTdE7YBa9CUN9O/TffD0s9/tqYE4s6LoLAEWBuqKG7ou/w0WZCt2uEkCvsxlARkbGBh8fH9A0PSbxmW2STJNgSkrKhBcaDAb4+fmhsbEx8+TJkwfs6sgkwaCvmsQ2wQHoW2PdMlAOSl1ns/zg4OCvS0tLE/r6+mAwGMxel56ebt4DgoKCLDUVWLBgwcELFy683NvbG26T8dOmw/VPT8PY8CO0e4drK8Zv54Hz5JPQHfsS+q8+G77O1x+02AdEXyfo3m5b2l0899xzGyQSCSiKsmr1JwRgWimZhoK3tzeSkpJePnjw4Oc2VWV7joCzbD5oAFRrM/QnT4Bb/AVc5nrCJe1J9C8IBtWiBql8HOCLgMAwGD8tASijVfIDAgIOL1my5JxWq4W7u7v9R2KWAIxASEpKOlpZWflde3v7XKs16XQgAIwOONqgBU0CtB6A8WdDKSNAkqAp2xpRmUy2tbi4GHq9HtQk90ZGRtpWB5gCkEgkyMjI2FhQUFBh7QMO5mSAynsBhvom6E+eAAAMZS8Fe7UK+q+Og/qpBQBg/Gw34O0H/NRk9eqHhIR8FBoaWt/a2mqT+0+YBMvKJj8HGWkts7KyKtVqdaz1h3KewJBJXIv9gc7WURmQAWZEJAw1Z6yNfX1WVlaoj4+PemBgwCrjCwsLzdcBE+2bppPH40EikSAvL2+DtbYzlq+G66H/gF30GQjPacN1T95r4H15EZw3dgNMFxBcLtzLqyE8XwW39z8BSOakchUKxW6FQqFmMpm3C7fJpk3NkLlhNBqhVCrPFhUVlV2+fPl3k3pNfCoIigIjfC6I4DDQ3dfgEp8C9PWCEZ0McHggJF5gxyuGmxnVatx8/ilAO2i+jCXJmytXrnyFw+HAw8PDJtc3C2Dfvn1WbztsNhthYWFbrQFgOFIC4tk3QJ2rBP39d8PnjwffB3vNs9Af+wQY6gOlHoRm31FwViyFZmeBReMBIC4u7m/z58+/euXKFasXbtIcsGrVKqtupGkaJEnC398fR48ePdDc3Jw5qTLPaaD7ugHjqCLF3RMYGJsXiIBQ0JfrJ8tDN4qLi4P8/f17enp6bFr9Rx55xLwHSKVSmwi6u7tj0aJFW5qbm9MnkjcGWve1MT+zkpRwfeGPuHX4OLQfvvvLdZMY//NRV+HChQt7WlpaJt25HFoHTBQKc+fObTp//vy+mpqabOu7I3dw9xyDiw/ATFoOQ/VpGC9dsG4z4XLb8/PzdwiFQhiNRrti32EAaJqGm5sbUlNTt9XU1DwKgGNdFtWD+rEZ8AkGdY0GPTRotc7w8PC3BgcHb549e9ZizW9ujD4RmjKAES+Ijo7+KTY29oNTp05Z915RdwsDmQnQr82G9vi/QP3YZJ3juLq2hYeHF+/atQs6nc6u1U9LSzMPwNzh4WRe4Orqiuzs7FdOnz6dTdO0VQeoVFsLbr5m2xHDwoULX5NKpbrOzs4pub5ZAA888IB92wlBYNWqVd3l5eXvfPzxx1uccc7H5/MbExISSimKgqenp0NkjgPQ1NRklyCapjE4OAi5XP4mg8F42mg0ih0NQKlUbgsMDKTb29sdsvoTAtizZ4/dwiiKgpeX161Zs2Ztr6mpeduRxnt7e19KS0s7oNfr7QpTqwGIxVNbOBaLhXnz5r1XV1e3TqPRTHfUg6pUqvygoCC0trbCzc3NeQC8vLymJJCmaYjFYl1MTMzrJ06ccMhrteDg4G8fe+yxf+h0OrtLXqsBOEIBg8HA0qVLS86cObO+v78/aKrycnJy/qxQKNDQ0ACSJJ0LYCpl5eghkUiolStXbtu/f/9HU4z9E0NDQ//euXMnNBqNQ55t69atzvWAkVBIT0/ff/z48Y1dXV0z7ZUTExOT39PTg4sXL457xeUUD7CnEjQHQCqVIicnJ3/Hjh2f2xn7n0dGRp7r7u6e9BWXwwD4+fk5TDiHw0FWVtbRvXv3nu7o6Iix9f4VK1Zs5PP5U254bAJw6NAhhwknSRIcDgcymezljo6OU7bcGxERcSAuLq6uo6PD4ZnfIoDq6mqHCacoCkwmE2FhYafr6upOXr9+fbG1t6pUqk1cLhc8Hs9pqz8hgJCQEIcqoGkaAoEAsbGxLx05cuRbKxueDxMTE1va2toclpPu+DZo2ig99NBD1efOnftSrVYvn6SSHNq8eXO+p6cndDqdw/f9O7YLmIYCn89HSkrKSwUFBRYBhIaGFnh5eXU2NjZCr9fD2WMcAA8PD6coMhqNWLRoUW1FRcWR2tra9AkfhsnsnzFjxl8KCwth+kmrI0diYuKdDYGRXMDj8bBmzZoN69evnxDA7NmzdwYGBvZ3dHQ4pej51UJgZOj1eiQnJ6vLysr2VFVVrTWpGToXL178VxaLBbFY7NTMbxGAr6+v05TRNA0vLy9s2bJlY0pKSqZer799gBofH/9maGjorfb2dnA4HNypMQ7AwMCAUxWq1Wr4+/tfk8vlhZcuXXoJALhcbltqauq7JElCKBTesdWfEMDo7wSdNVgsFh588MHtP/zwQ57BYHBLT09/dcaMGcbW1law7fgwyqEAnO1+Ix8vyWSyvqCgoEMtLS2PqlSqUoqinFry/urboCkErVaL2bNnv5OZmXlMKpXi6tWr4HLv/OfIxP//cfI+H/8bANeS5YFpLrRuAAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: vault-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - vault.security.coreos.com + resources: + - vaultservices + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + deployments: + - name: vault-operator + spec: + replicas: 1 + selector: + matchLabels: + name: vault-operator + template: + metadata: + labels: + name: vault-operator + spec: + serviceAccountName: vault-operator + containers: + - name: vault-operator + image: quay.io/coreos/vault-operator@sha256:74036811bc5d6cc1a136d8cc6d5577db67f29ba95eba02fbf0c3a8d2357dc8fe + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + version: 0.1.5 + maturity: alpha + customresourcedefinitions: + owned: + - name: vaultservices.vault.security.coreos.com + version: v1alpha1 + kind: VaultService + displayName: Vault Service + description: A running Vault instance, backed by an Etcd Cluster + resources: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + - kind: Service + version: v1 + - kind: ConfigMap + version: v1 + - kind: Secret + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of Pods for the cluster + displayName: Size + path: nodes + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the node Pods for the Vault cluster. + displayName: Node Status + path: nodes + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running Vault cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The port at which the Vault cluster is running under the service. + displayName: Client Port + path: clientPort + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/prometheusoperator.0.15.0.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: alpha + currentCSV: prometheusoperator.0.15.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/vaultoperator.0.1.9.clusterserviceversion.yaml + packageName: vault + channels: + - name: alpha + currentCSV: vault-operator.0.1.9 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/09-tectoniccomponents.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/09-tectoniccomponents.configmap.yaml new file mode 100644 index 000000000..953c48342 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/09-tectoniccomponents.configmap.yaml @@ -0,0 +1,444 @@ +##--- +# Source: olm/templates/09-tectoniccomponents.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: tectonic-components + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: chargebacks.chargeback.coreos.com + annotations: + catalog.app.coreos.com/description: An instance of Chargeback + catalog.app.coreos.com/displayName: Chargeback + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: chargebacks + singular: chargeback + kind: Chargeback + listKind: ChargebackList + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prestotables.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Presto Table" + catalog.app.coreos.com/description: "A table within PrestoDB" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: prestotables + singular: prestotable + kind: PrestoTable + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Report" + catalog.app.coreos.com/description: "A chargeback report for a specific time interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reports + kind: Report + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportdatasources.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback data source" + catalog.app.coreos.com/description: "A resource describing a source of data for usage by Report Generation Queries" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportdatasources + singular: reportdatasource + kind: ReportDataSource + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportgenerationqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback generation query" + catalog.app.coreos.com/description: "A SQL query used by Chargeback to generate reports" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportgenerationqueries + singular: reportgenerationquery + kind: ReportGenerationQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportprometheusqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback prometheus query" + catalog.app.coreos.com/description: "A Prometheus query by Chargeback to do metering" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportprometheusqueries + singular: reportprometheusquery + kind: ReportPrometheusQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: scheduledreports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Scheduled Report" + catalog.app.coreos.com/description: "A chargeback report that runs on a scheduled interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: scheduledreports + kind: ScheduledReport + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: storagelocations.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback storage location" + catalog.app.coreos.com/description: "Represents a configurable storage location for Chargeback to store metering and report data" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: storagelocations + kind: StorageLocation + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: chargeback-helm-operator.v0.5.1 + namespace: placeholder + annotations: + tectonic-visibility: tectonic-feature + spec: + displayName: Chargeback + description: Chargeback can generate reports based on historical usage data from a cluster, providing accountability for how resources have been used. + keywords: [chargeback metrics reporting coreos] + version: 0.5.1 + maturity: alpha + maintainers: + - email: support@coreos.com + name: CoreOS, Inc + provider: + name: CoreOS, Inc + labels: + alm-owner-chargeback: chargeback-helm-operator + alm-status-descriptors: chargeback-helm-operator.v0.5.1 + selector: + matchLabels: + alm-owner-chargeback: chargeback-helm-operator + install: + strategy: deployment + spec: + permissions: + - rules: + - apiGroups: + - chargeback.coreos.com + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/attach + - pods/exec + - pods/portforward + - pods/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - replicationcontrollers + - replicationcontrollers/scale + - secrets + - serviceaccounts + - services + - services/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/rollback + - deployments/scale + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/rollback + - deployments/scale + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + serviceAccountName: chargeback-helm-operator + deployments: + - name: chargeback-helm-operator + spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: chargeback-helm-operator + template: + metadata: + labels: + app: chargeback-helm-operator + spec: + containers: + - env: + - name: HELM_RELEASE_CRD_NAME + value: Chargeback + - name: HELM_RELEASE_CRD_API_GROUP + value: chargeback.coreos.com + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: HELM_HOST + value: 127.0.0.1:44134 + - name: SET_OWNER_REFERENCE_VALUE + value: "true" + - name: HELM_WAIT + value: "false" + - name: HELM_RECONCILE_INTERVAL_SECONDS + value: "120" + - name: RELEASE_HISTORY_LIMIT + value: "3" + image: quay.io/coreos/chargeback-helm-operator:0.5.1 + imagePullPolicy: Always + name: chargeback-helm-operator + resources: + limits: + cpu: 50m + memory: 25Mi + requests: + cpu: 50m + memory: 25Mi + - env: + - name: TILLER_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TILLER_HISTORY_MAX + value: "3" + image: gcr.io/kubernetes-helm/tiller:v2.6.2 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: tiller + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readiness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 50m + memory: 100Mi + requests: + cpu: 50m + memory: 50Mi + restartPolicy: Always + serviceAccount: chargeback-helm-operator + terminationGracePeriodSeconds: 30 + customresourcedefinitions: + owned: + - description: An instance of Chargeback + displayName: Chargeback + kind: Chargeback + name: chargebacks.chargeback.coreos.com + version: v1alpha1 + - description: A table within PrestoDB + displayName: Chargeback Presto Table + kind: PrestoTable + name: prestotables.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report for a specific time interval + displayName: Chargeback Report + kind: Report + name: reports.chargeback.coreos.com + version: v1alpha1 + - description: A resource describing a source of data for usage by Report Generation + Queries + displayName: Chargeback data source + kind: ReportDataSource + name: reportdatasources.chargeback.coreos.com + version: v1alpha1 + - description: A SQL query used by Chargeback to generate reports + displayName: Chargeback generation query + kind: ReportGenerationQuery + name: reportgenerationqueries.chargeback.coreos.com + version: v1alpha1 + - description: A Prometheus query by Chargeback to do metering + displayName: Chargeback prometheus query + kind: ReportPrometheusQuery + name: reportprometheusqueries.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report that runs on a scheduled interval + displayName: Chargeback Scheduled Report + kind: ScheduledReport + name: scheduledreports.chargeback.coreos.com + version: v1alpha1 + - description: Represents a configurable storage location for Chargeback to store + metering and report data + displayName: Chargeback storage location + kind: StorageLocation + name: storagelocations.chargeback.coreos.com + version: v1alpha1 + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/components/chargeback.v0.5.1.clusterserviceversion.yaml + packageName: chargeback + channels: + - name: alpha + currentCSV: chargeback-helm-operator.v0.5.1 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/10-tectonicocs.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/10-tectonicocs.catalogsource.yaml new file mode 100644 index 000000000..d70321b30 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/10-tectonicocs.catalogsource.yaml @@ -0,0 +1,19 @@ +##--- +# Source: olm/templates/10-tectonicocs.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: app.coreos.com/v1alpha1 +kind: CatalogSource-v1 +metadata: + name: tectonic-ocs + namespace: kube-system + annotations: + tectonic-operators.coreos.com/upgrade-strategy: 'DeleteAndRecreate' +spec: + name: tectonic-ocs + sourceType: internal + configMap: tectonic-ocs + displayName: Tectonic Open Cloud Services + publisher: CoreOS, Inc. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/11-tectoniccomponents.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/11-tectoniccomponents.catalogsource.yaml new file mode 100644 index 000000000..f99221ca1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/11-tectoniccomponents.catalogsource.yaml @@ -0,0 +1,19 @@ +##--- +# Source: olm/templates/11-tectoniccomponents.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: app.coreos.com/v1alpha1 +kind: CatalogSource-v1 +metadata: + name: tectonic-components + namespace: kube-system + annotations: + tectonic-operators.coreos.com/upgrade-strategy: 'DeleteAndRecreate' +spec: + name: tectonic-components + sourceType: internal + configMap: tectonic-components + displayName: Tectonic Cluster Components + publisher: CoreOS, Inc. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/12-alm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/12-alm-operator.deployment.yaml new file mode 100644 index 000000000..f50678d36 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/12-alm-operator.deployment.yaml @@ -0,0 +1,48 @@ +##--- +# Source: olm/templates/12-alm-operator.deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: alm-operator + namespace: kube-system + labels: + app: alm-operator + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: alm-operator + template: + metadata: + labels: + app: alm-operator + spec: + serviceAccountName: alm-operator-serviceaccount + containers: + - name: alm-operator + command: + - /bin/alm + image: quay.io/coreos/olm@sha256:00b6b703d235b622d8e2e5424d0bfb4aa9e46ec10abd295def47e2c6ed7a18e8 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: alm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/13-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/13-catalog-operator.deployment.yaml new file mode 100644 index 000000000..2874e3a83 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/13-catalog-operator.deployment.yaml @@ -0,0 +1,44 @@ +##--- +# Source: olm/templates/13-catalog-operator.deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: catalog-operator + namespace: kube-system + labels: + app: catalog-operator + tectonic-operators.coreos.com/managed-by: tectonic-x-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: alm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - kube-system + - '-debug' + image: quay.io/coreos/catalog@sha256:08667c7c409c8ca044c05db9bf90a0aa9954ce511490e72df4a3493cebd58b8e + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/18-upstreamcomponents.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/18-upstreamcomponents.configmap.yaml new file mode 100644 index 000000000..955525fef --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/18-upstreamcomponents.configmap.yaml @@ -0,0 +1,462 @@ +##--- +# Source: olm/templates/18-upstreamcomponents.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: upstream-components + namespace: kube-system + labels: + tectonic-operators.coreos.com/managed-by: tectonic-x-operator + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: meterings.chargeback.coreos.com + annotations: + catalog.app.coreos.com/description: An instance of Chargeback + catalog.app.coreos.com/displayName: Chargeback + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: meterings + singular: metering + kind: Metering + listKind: MeteringList + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prestotables.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Presto Table" + catalog.app.coreos.com/description: "A table within PrestoDB" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: prestotables + singular: prestotable + kind: PrestoTable + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Report" + catalog.app.coreos.com/description: "A chargeback report for a specific time interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reports + kind: Report + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportdatasources.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback data source" + catalog.app.coreos.com/description: "A resource describing a source of data for usage by Report Generation Queries" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportdatasources + singular: reportdatasource + kind: ReportDataSource + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportgenerationqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback generation query" + catalog.app.coreos.com/description: "A SQL query used by Chargeback to generate reports" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportgenerationqueries + singular: reportgenerationquery + kind: ReportGenerationQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportprometheusqueries.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback prometheus query" + catalog.app.coreos.com/description: "A Prometheus query by Chargeback to do metering" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: reportprometheusqueries + singular: reportprometheusquery + kind: ReportPrometheusQuery + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: scheduledreports.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback Scheduled Report" + catalog.app.coreos.com/description: "A chargeback report that runs on a scheduled interval" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: scheduledreports + kind: ScheduledReport + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: storagelocations.chargeback.coreos.com + annotations: + catalog.app.coreos.com/displayName: "Chargeback storage location" + catalog.app.coreos.com/description: "Represents a configurable storage location for Chargeback to store metering and report data" + spec: + group: chargeback.coreos.com + version: v1alpha1 + scope: Namespaced + names: + plural: storagelocations + kind: StorageLocation + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: app.coreos.com/v1alpha1 + kind: ClusterServiceVersion-v1 + metadata: + name: metering-helm-operator.v0.6.0 + namespace: placeholder + annotations: + tectonic-visibility: tectonic-feature + labels: + alm-catalog: tectonic-feature + operator-metering: "true" + spec: + displayName: Metering + description: Metering can generate reports based on historical usage data from a cluster, providing accountability for how resources have been used. + keywords: [metering metrics reporting coreos] + version: 0.6.0 + maturity: alpha + maintainers: + - email: support@coreos.com + name: CoreOS, Inc + provider: + name: CoreOS, Inc + labels: + alm-owner-metering: metering-helm-operator + alm-status-descriptors: metering-helm-operator.v0.6.0 + selector: + matchLabels: + alm-owner-metering: metering-helm-operator + install: + strategy: deployment + spec: + permissions: + - rules: + - apiGroups: + - chargeback.coreos.com + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/attach + - pods/exec + - pods/portforward + - pods/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - replicationcontrollers + - replicationcontrollers/scale + - secrets + - serviceaccounts + - services + - services/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/rollback + - deployments/scale + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/rollback + - deployments/scale + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + serviceAccountName: metering-helm-operator + deployments: + - name: metering-helm-operator + spec: + replicas: 1 + selector: + matchLabels: + app: metering-helm-operator + strategy: + type: Recreate + template: + metadata: + labels: + app: metering-helm-operator + spec: + containers: + - args: + - run-operator.sh + env: + - name: HELM_RELEASE_CRD_NAME + value: Metering + - name: HELM_RELEASE_CRD_API_GROUP + value: chargeback.coreos.com + - name: HELM_CHART_PATH + value: /operator-metering-0.1.0.tgz + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: HELM_HOST + value: 127.0.0.1:44134 + - name: HELM_WAIT + value: "false" + - name: HELM_RECONCILE_INTERVAL_SECONDS + value: "30" + - name: RELEASE_HISTORY_LIMIT + value: "3" + image: quay.io/coreos/chargeback-helm-operator:0.6.0 + imagePullPolicy: Always + name: metering-helm-operator + resources: + limits: + cpu: 50m + memory: 25Mi + requests: + cpu: 50m + memory: 25Mi + - args: + - /tiller + env: + - name: TILLER_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TILLER_HISTORY_MAX + value: "3" + image: quay.io/coreos/chargeback-helm-operator:0.6.0 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: tiller + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readiness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 50m + memory: 100Mi + requests: + cpu: 50m + memory: 50Mi + imagePullSecrets: [] + restartPolicy: Always + securityContext: + runAsNonRoot: true + serviceAccount: metering-helm-operator + terminationGracePeriodSeconds: 30 + customresourcedefinitions: + owned: + - description: An instance of Metering + displayName: Metering + kind: Metering + name: meterings.chargeback.coreos.com + version: v1alpha1 + - description: A table within PrestoDB + displayName: Chargeback Presto Table + kind: PrestoTable + name: prestotables.chargeback.coreos.com + version: v1alpha1 + - description: A resource describing a source of data for usage by Report Generation + Queries + displayName: Chargeback data source + kind: ReportDataSource + name: reportdatasources.chargeback.coreos.com + version: v1alpha1 + - description: A SQL query used by Chargeback to generate reports + displayName: Chargeback generation query + kind: ReportGenerationQuery + name: reportgenerationqueries.chargeback.coreos.com + version: v1alpha1 + - description: A Prometheus query by Chargeback to do metering + displayName: Chargeback prometheus query + kind: ReportPrometheusQuery + name: reportprometheusqueries.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report for a specific time interval + displayName: Chargeback Report + kind: Report + name: reports.chargeback.coreos.com + version: v1alpha1 + - description: A chargeback report that runs on a scheduled interval + displayName: Chargeback Scheduled Report + kind: ScheduledReport + name: scheduledreports.chargeback.coreos.com + version: v1alpha1 + - description: Represents a configurable storage location for Chargeback to store + metering and report data + displayName: Chargeback storage location + kind: StorageLocation + name: storagelocations.chargeback.coreos.com + version: v1alpha1 + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/upstream/metering.0.6.0.clusterserviceversion.yaml + packageName: metering + channels: + - currentCSV: metering-helm-operator.v0.6.0 + name: alpha + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/19-upstreamcomponents.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/19-upstreamcomponents.catalogsource.yaml new file mode 100644 index 000000000..8b25e74bf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.5.0/19-upstreamcomponents.catalogsource.yaml @@ -0,0 +1,19 @@ +##--- +# Source: olm/templates/19-upstreamcomponents.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: app.coreos.com/v1alpha1 +kind: CatalogSource-v1 +metadata: + name: upstream-components + namespace: kube-system + annotations: + tectonic-operators.coreos.com/upgrade-strategy: 'DeleteAndRecreate' +spec: + name: upstream-components + sourceType: internal + configMap: upstream-components + displayName: OLM Upstream Components + publisher: CoreOS, Inc. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/01-alm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/01-alm-operator.serviceaccount.yaml new file mode 100644 index 000000000..10b925e33 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/01-alm-operator.serviceaccount.yaml @@ -0,0 +1,9 @@ +##--- +# Source: olm/templates/01-alm-operator.serviceaccount.yaml +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: kube-system +imagePullSecrets: +- name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/02-alm-operator.rolebinding.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/02-alm-operator.rolebinding.yaml new file mode 100644 index 000000000..999508071 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/02-alm-operator.rolebinding.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/02-alm-operator.rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: kube-system diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..1bf274799 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/03-clusterserviceversion.crd.yaml @@ -0,0 +1,438 @@ +##--- +# Source: olm/templates/03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/05-catalogsource.crd.yaml new file mode 100644 index 000000000..9cea24c34 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/06-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/06-installplan.crd.yaml new file mode 100644 index 000000000..7173b4334 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/06-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/06-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/07-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/07-subscription.crd.yaml new file mode 100644 index 000000000..3eaf9572b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/07-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/07-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/08-ocs.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/08-ocs.configmap.yaml new file mode 100644 index 000000000..ce60188f4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/08-ocs.configmap.yaml @@ -0,0 +1,7254 @@ +##--- +# Source: olm/templates/08-ocs.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: ocs + namespace: kube-system + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: alpha + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/ocs/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: alpha + currentCSV: prometheusoperator.0.22.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/10-ocs.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/10-ocs.catalogsource.yaml new file mode 100644 index 000000000..291900dbb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/10-ocs.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/10-ocs.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: ocs + namespace: kube-system +spec: + sourceType: internal + configMap: ocs + displayName: Open Cloud Services + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/12-alm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/12-alm-operator.deployment.yaml new file mode 100644 index 000000000..28f18bc92 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/12-alm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/12-alm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: alm-operator + namespace: kube-system + labels: + app: alm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: alm-operator + template: + metadata: + labels: + app: alm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: alm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:d2e51372b3251321c38d2159e8060fe0bf2f3eeb60a4a3cd53fbee3e1cdd5756 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: alm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/13-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/13-catalog-operator.deployment.yaml new file mode 100644 index 000000000..5c3136a5a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/13-catalog-operator.deployment.yaml @@ -0,0 +1,43 @@ +##--- +# Source: olm/templates/13-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: kube-system + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - kube-system + - '-debug' + image: quay.io/coreos/catalog@sha256:cc60359f7fdeaf71e4d989b470dd8c35c693756b5f24485b0f3df6612a730101 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/20-aggregated-edit.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/20-aggregated-edit.clusterrole.yaml new file mode 100644 index 000000000..86a0977c2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/20-aggregated-edit.clusterrole.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/20-aggregated-edit.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/21-aggregated-view.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/21-aggregated-view.clusterrole.yaml new file mode 100644 index 000000000..2589e9f42 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.6.0/21-aggregated-view.clusterrole.yaml @@ -0,0 +1,13 @@ +##--- +# Source: olm/templates/21-aggregated-view.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/00-olm-operator.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/00-olm-operator.clusterrole.yaml new file mode 100644 index 000000000..0f54e4854 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/00-olm-operator.clusterrole.yaml @@ -0,0 +1,12 @@ +##--- +# Source: olm/templates/00-olm-operator.clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..918e53bb6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/01-olm-operator.serviceaccount.yaml @@ -0,0 +1,7 @@ +##--- +# Source: olm/templates/01-olm-operator.serviceaccount.yaml +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: kube-system diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/02-olm-operator.rolebinding.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/02-olm-operator.rolebinding.yaml new file mode 100644 index 000000000..2c04bdf9f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/02-olm-operator.rolebinding.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/02-olm-operator.rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: kube-system diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..5a2638aa2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/03-clusterserviceversion.crd.yaml @@ -0,0 +1,465 @@ +##--- +# Source: olm/templates/03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/05-catalogsource.crd.yaml new file mode 100644 index 000000000..ec2bc4081 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/06-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/06-installplan.crd.yaml new file mode 100644 index 000000000..7173b4334 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/06-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/06-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/07-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/07-subscription.crd.yaml new file mode 100644 index 000000000..3eaf9572b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/07-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/07-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/08-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/08-rh-operators.configmap.yaml new file mode 100644 index 000000000..aaa654e8b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/08-rh-operators.configmap.yaml @@ -0,0 +1,9699 @@ +##--- +# Source: olm/templates/08-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: kube-system + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/10-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/10-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..45c67dc0a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/10-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/10-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: kube-system +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/12-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/12-olm-operator.deployment.yaml new file mode 100644 index 000000000..f5c577387 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/12-olm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/12-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: kube-system + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:5f593ae61902caef7f2add7e27d1f672a14091a399b852b1b6722ef5f8b9c8e3 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/13-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/13-catalog-operator.deployment.yaml new file mode 100644 index 000000000..12f1b0c12 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/13-catalog-operator.deployment.yaml @@ -0,0 +1,43 @@ +##--- +# Source: olm/templates/13-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: kube-system + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - kube-system + - '-debug' + image: quay.io/coreos/catalog@sha256:8fc933e660a5b143bce7a5e4cb1606630fa9497cc252a7e47e0def3c18268f45 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/20-aggregated-edit.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/20-aggregated-edit.clusterrole.yaml new file mode 100644 index 000000000..6971c1737 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/20-aggregated-edit.clusterrole.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/20-aggregated-edit.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/21-aggregated-view.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/21-aggregated-view.clusterrole.yaml new file mode 100644 index 000000000..b9cf1d233 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/21-aggregated-view.clusterrole.yaml @@ -0,0 +1,13 @@ +##--- +# Source: olm/templates/21-aggregated-view.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/22-packageserver.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/22-packageserver.yaml new file mode 100644 index 000000000..2882236c6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.0/22-packageserver.yaml @@ -0,0 +1,149 @@ +##--- +# Source: olm/templates/22-packageserver.yaml +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.packages.apps.redhat.com +spec: + caBundle: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5VENDQWQyZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RBNU1Ua3hOVEk1TWpGYUZ3MHhPVEE1TVRreE5USTVNakZhTUJ3eApHakFZQmdOVkJBTVRFWEJoWTJ0aFoyVXRjMlZ5ZG1WeUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUF5Sko5amhubXdaaEV2enRZQlNicWt0MTFBUWF3cWNldks2ZS9aY0VnQ0l6RHQvYWkKNVdjdjd2eWE5NlFSZkVZWG5qN2t0VnY3MzYrZGVraWFodWswK0taOXNnTmpIcXp0eGpZUVZvSHI1NTdLTW4vOApxOUd4QUVtQWgvWkdqUzM5bkNtaW5YSUN1M3I2bUdtK2pzQTA2VTAzWUtXclRtVlQweThBbys0MnM2RGRKTXZ5ClVmSjMvT0pLSzFxQVAyQS90ckRieG5peVUyRnBIWVpzVlRWdDM3RU1VYW9VTjJLeldSSVlpODlZM05HYVNxMVYKbzdaeWI2WEY2Uyt3dUpybUZMek9VYTByQ1o2Mko0ajg3OVl2Q0lvODVKQTNWaHdpT3hlYmQ4U2Q0ZW10Z0F3NwpHUm9vWkVraFhLVjBzT2pLdnBvamtSQmlTc0xZUVZ3VTJHTFpKUUlEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSytpcXlUM1NUenM0OHVyTTM1bFBFZWpYVll4TWNHbApnYnExOGt5NG1UQ1lIaFlleDQ2ZVltK1dQMFBCVU43ZHZiNDNhNlA5d0lmZURQem15SjNKOEF1TUxEeVRGSUErClk1Q1M4TlFzOVpzdi9IN0MvVU9HaTFjQzVOVCt5eWU4WXB3cnpLVmphMXNVNFZXN1dUWS9xVnhmUFVKQjNhS3QKcnhzWTU4Vmd6SE91ajRlNE92UCt4TTJEcjJEa2pXSkw4aml4bmdnL0Z6MTU5ZHQvNlhuSko2ZDZHZ3o2cVFDVQpGRkZEQjhTMEozVWRDSUs5cjNwQVh4eFZubVhGRGhaRVZGeFRkcVE4VTNtTmdkRjlqaVVtams2VkdhSHJKMkc5Cmd4c0JMeTJCS050NzBHWmZYTC9ySGY5cWtVN1dpcmlaVHpzNitqb1ZEWnBOMmYzSzZjd2xKa009Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + group: packages.apps.redhat.com + groupPriorityMinimum: 2000 + versionPriority: 15 + service: + name: package-server + namespace: kube-system + version: v1alpha1 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: packagemanifest-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: package-apiserver-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aggregated-apiserver-clusterrole +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: kube-system +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: package-server-certs + namespace: kube-system + labels: + app: package-server +data: + tls.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURPRENDQWlDZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RBNU1Ua3hOVEk1TWpKYUZ3MHhPVEE1TVRreE5USTVNakphTUJreApGekFWQmdOVkJBTVREbkJoWTJ0aFoyVXRjMlZ5ZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXpiQnNZL3hjeWc0bXlTWlR5OWVRNXpYU0JlWjFjTlVYVXp6TEIvQjFUUkJMYjlUR1I4Z1YKZGNmQ09YeElGRlRuVHd6NnRlTlZZczRLclNLc3V6eFFCQko4aUVKMDhTanZqQTFwcXNUWE9OemtDVHVlYUs4ZQp2WGs0SVBvUmJ2NWgyQklVazZBaGVxa0xJVE1TV0ViT3dDY3dIc3lpQ0p5dDlzTkxDSUpsY3RXOUgrbmdMSEZ5ClI2ai9Qck9kUmVoL21NRkF2YTVKbGNONHRFT2dxdFFjNndqWXRxMVJzSkxzRlErc2V4VTFhUWthQjZwVFFJK1IKclc2TFU4dU1CbkJmOWZoTUZUdjdCMDNvajdyLyt4V1JKWjFpdFIyeEpRckhkSnkrc1YydmpqNGg5dHNDc3RkUwpxTmdYNHA1RVNQRDNLZzRHSkJYejQ3MG1IN1N1N3BxTXNRSURBUUFCbzRHSE1JR0VNQTRHQTFVZER3RUIvd1FFCkF3SUZvREFkQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXcKQURCRkJnTlZIUkVFUGpBOGdocHdZV05yWVdkbExYTmxjblpsY2k1cmRXSmxMWE41YzNSbGJZSWVjR0ZqYTJGbgpaUzF6WlhKMlpYSXVhM1ZpWlMxemVYTjBaVzB1YzNaak1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRREJDRWxsClNCZlhhZUQ3SWh6WHlSaXk3Y0FwTStJVmNWOURTWmE4Vm1wc1hydFhJMUJVelN3aFQwbjhmRlZiY3l2OFpzTnEKdVgrRGQ0eWR5TWV0ZUVpS3VhMmZpVXIvaDU0YmpTa0ZsbzZRaW1xN3pLbFB2b1IrZWRLM3ArVFJnZzdELzdGUgp5WDVZeGx5amJPUy9KVHQxMC91aVVxLzZqbjZBOURVSkJ2QWJuR3JzRzY1UkxLdGZuTzNLc2duYUpVN2s5Mm1lCjYyT3gzMGlsQ3pqSW5jQW0rZ09rRFNlNmhUdThuRjVXNjJiRWlMeG43NSt4bk9vazgrbkhtTmNEMzVWU0pqRXUKemJKNVpoZVA1NmFPUGFKYU1iYlV0WDBHamltellncllUd2pQN3pGMStubE13ZTJOODFDeWNnc0srUk5NME4rKwpwdEFja0ZlQkNwYkRjdFVECi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + tls.key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBemJCc1kveGN5ZzRteVNaVHk5ZVE1elhTQmVaMWNOVVhVenpMQi9CMVRSQkxiOVRHClI4Z1ZkY2ZDT1h4SUZGVG5Ud3o2dGVOVllzNEtyU0tzdXp4UUJCSjhpRUowOFNqdmpBMXBxc1RYT056a0NUdWUKYUs4ZXZYazRJUG9SYnY1aDJCSVVrNkFoZXFrTElUTVNXRWJPd0Njd0hzeWlDSnl0OXNOTENJSmxjdFc5SCtuZwpMSEZ5UjZqL1ByT2RSZWgvbU1GQXZhNUpsY040dEVPZ3F0UWM2d2pZdHExUnNKTHNGUStzZXhVMWFRa2FCNnBUClFJK1JyVzZMVTh1TUJuQmY5ZmhNRlR2N0IwM29qN3IvK3hXUkpaMWl0UjJ4SlFySGRKeStzVjJ2amo0aDl0c0MKc3RkU3FOZ1g0cDVFU1BEM0tnNEdKQlh6NDcwbUg3U3U3cHFNc1FJREFRQUJBb0lCQURyQmwrVGo5Um1lKzBOZwptSFZWU2NaU1lJRmcrTkZYZmNkQVNYc21IRXY4U0tCVWRxT1FxMWl1ekhPaFpmR3c0elo0cmJHQmxDV2FXQUJuCk5GSjBBeU4ycUc1QUZhbkNHTk80RFNSRUFIcjAxb3N3cGFxZnc3YzZSbWRkSjllK0FQTTVEdm13dDMrVGhHTmkKZEc0VkpBQk44WGdLMm9wOVAxQ0xMd2JxUU5LUmFzc2prd1ZjeG45T3h3ZXl6d0Ivd1dSOVBSRjdpODZKTVRPVwpTQXVHbTNKUUQ4RHp5eUZwcGE5QkpWTWR4V211dnRuKzBVallFbkFodHJwZVRYYVJVVHNVWjRHbUxKYkhvaXlkCmVxR0R2dFpDSWVEQk5oTk5TT2YxSXFVOWRqQWsxdjBZVlJzQmZQWVoreUtZaDlKTzIxWHM0YndCblc5bk1wSWoKa3lyeTYrVUNnWUVBNFhzQjF2cklOR3JvZE1SS25sek1GUlNCZ24xMXVIek1ZSnRpVklYemg2cTNwN2VUQnBRdApFYktER0lYU25Td1lxaVZJRHJlOUdTUXdPRi9QMG84QTFDbjhiQnhBN1pRSWI2b3gwUWhJUEV1VW04VGY0Sm1MCmJwMmFkcG9uMDdxZks3ZHF5bEJKVVl2OGpRc1dKSWhxVG81dkxCRzBhZjZEQlRrR2VKSlRxNThDZ1lFQTZZZWoKVWNkdFJHeklIS3BoNXh6ZlN1bFplSTVMT243ekU5SHhwTHJnbjltZFpmd2tPODV0MHU4SGgrOUJkMVMraTVRawptd3M3RnloR2p0aWV5QVNadFErYjlEeklleVhKNlFZai9TVmtmQUJ1d25EcXlSWFdWMXdXb25sUFJoR3daU0tVCnIvYTFxU24vNHNuT243dlhEa2ZaQUJvaE1iVmJrNkFhd1pZOTVhOENnWUVBaDdOU0RpSHI3N0FQcW9hZ0tlTEwKYUR4cEhUR0ljYm1aL3VKRk1YMVViV2ZQRS84bFd5WStZWkkvMTdoaVl2a3c5dVZ0RW41K0xlMWJuL0g1ejAwRgpRS3JzSWR4M0x3U1NkekhFdlhyd2pta21UUUVWZzhTazU3T3VUSWJHUldUaGVwdnVoMGYrZURkNWpTRUkrSCtwCkN4SXAwaW50bklUeU1XaDZmb0lDSFIwQ2dZRUEzT01jR3MwOFVEMW9wcHlPa0JFaUwvUTZXYXFXQTVWeWpHdkgKV2Q0ZGUzVlZ5TkpPMzNicE1GeEJUbFdESWNFNW5rS1l3VUpGT1NreVhBa1BYdmZpLzN6dE1YNlF6dEsyZ2IvNgpLSWJHM2ZkMnpGb0w2Zm5Lek1UZzcvczRmWGxiMUwxNTBGcldCMVVmb1Q3clB2Rm9nQ3g3Vi9wZkxXcHlYVmRTCkY0dnByaWNDZ1lCNVdzMHdHMUIxUm9jdFZYMnZMZk1ON0ROUXU4ampRd1FUTW5ucWtkbVd1OUhzeG42aVM0d24KSmlwV1ZDQXlML0V1RTVyZlFyZkl2cFRCdVQ2T2xIUHYrdnBCRzJGODdlK2FyUGJvWFhVMmd3MEpPSnVTL2kvVAp4cjRVRW5RQndFUHRmb0R0V3IrbTVWdXZQTXBQQjFlTC9QK3FrK1BvV0JLOG9vcnZmVWtwcXc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=" +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: package-server + namespace: kube-system + labels: + app: package-server +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: package-server + template: + metadata: + labels: + app: package-server + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: package-server + command: + - /bin/package-server + - -v=4 + - --debug + image: quay.io/coreos/package-server@sha256:66513e76ac0443b6ecec3138a88fa6850a98b1db95400f2f83f6012bee693c6f + imagePullPolicy: Always + ports: + - containerPort: 443 + volumeMounts: + - name: certs + mountPath: /apiserver.local.config/certificates + readOnly: true + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + volumes: + - name: certs + secret: + secretName: package-server-certs + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + imagePullSecrets: + - name: coreos-pull-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: package-server + namespace: kube-system +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 443 + selector: + app: package-server diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_00-namespace.yaml new file mode 100644 index 000000000..d0d4a7fd8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_00-namespace.yaml @@ -0,0 +1,6 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..e75e22e51 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..8bdc8d3dc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,694 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..8742215dc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_03-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..35f0c24a1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_04-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..8facb62fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..3b5db473b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,11364 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: olm + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..cf3f00884 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: olm +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..56144dee5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:058731fac9ecad9a35276612ec79bed76f506aaecd80c8c1fe9d68a262edcddb + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..6ff3e2c56 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,43 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - olm + - '-debug' + image: quay.io/coreos/catalog@sha256:57eb45f2a519c65041d3fad0d7a5199f2ce5ba6a72992606ec4839d3307c5b5f + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..e91d70cb0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,26 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_13-packageserver.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_13-packageserver.yaml new file mode 100644 index 000000000..3b0d8292d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.1/0000_30_13-packageserver.yaml @@ -0,0 +1,149 @@ +##--- +# Source: olm/templates/0000_30_13-packageserver.yaml +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.packages.apps.redhat.com +spec: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5VENDQWQyZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01EZ3hPREk0TXpSYUZ3MHlPREV3TURVeE9ESTRNelJhTUJ3eApHakFZQmdOVkJBTVRFWEJoWTJ0aFoyVXRjMlZ5ZG1WeUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUF3NFhxbnFjejcwZWVlaExpYjlhbzJvTkpBUzRqQ2ZCVE00QjN4b0RiR2gyNjF3djcKUnlqSHJVYVluMGVNMFk1WlhzVnBwanU2djZtMVB3bUVXT2tiNEFYaFNzMlBrZEtrNmhwa1NkS2hEQlRxMSsyWQpvOTg0UFErUFNBaGRKV2ptTjcrMklNMU44am9ETXNmb1kyaVU3a1oxbW9kZ2ZmdE5iaXdlTC9NZytScTJpNzAxCm9aZ0NVNmF4Yk1ZUnJQZkFYNVhmdXhaSi95RkhnN3lCcjd3WnZoUDhNcjM1N2lMNnFxanhpRHV1YlBNOG51TVkKbDBtbVQ5dDZRREVRQjd4MTY5ZmRaTlBEMWpRbUUvS2R5dElJcXRxRElrZ3JCemJSUFlZM0swN3dXVUl2RlFjaApteXd1VUlWK2s0ZXNQamNKYjkxS1pNVFk5N0NRNTJ2MmdTYkdIUUlEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBQ3p5OVlGT2RWSUlScE5rcEJvZEhhUmd0OE4zR2MyUQo1MlY3a0xSZm12TkNEbUJhT04rdGRUMVhiWXNyd3lZQmh1OHZ1SFJXY3JrQkF2YzhXQ1VpUXdpK01yM2Zra2piCkRza2pPNCtrTnRMRDBqZFdFUjZSamNaR21sN2NWVkZCOGlsbURPSFZ3cHBxNTZGUkRRWkw5VC9zMWJ6Wlh2WU0KWWdMRkErKzBIak9xTHJ5L1Yxc3B4S2NsQWUvUDUrUC9rbDNSekQ2QmR4U0UzUkdmTEMwZnpPVU53a3czQVJwdgpWVDd4SXYwcElXcmdLWlQzMXcvLzRzbVY2Q29tdUZGZ2RKa29jMnJFMUh6SFE1VTlhV3FsVTUxOFV5dkM4emVrCkFBRnhGVHk2Vks2RnZkeW90U3N4dHczUXdObHIwK3V2TGRzOFFLR1JZY2FHTTdyMEk1RCs3Q009Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + group: packages.apps.redhat.com + groupPriorityMinimum: 2000 + versionPriority: 15 + service: + name: package-server + namespace: olm + version: v1alpha1 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: packagemanifest-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: package-apiserver-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aggregated-apiserver-clusterrole +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: package-server-certs + namespace: olm + labels: + app: package-server +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURKakNDQWc2Z0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01EZ3hPREk0TXpSYUZ3MHhPVEV3TURneE9ESTRNelJhTUJreApGekFWQmdOVkJBTVREbkJoWTJ0aFoyVXRjMlZ5ZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQThha3JlbFFvM2pTRkphMkc1ckZHVkhYQU9vRHlSZmdha1dSRk1tQk1SN2lFa21sN0I4Q0oKeEFmVGtab29hc2IxUjdpYU1tUnRYSEpWMzhzT0FkbGo3TWhqWFRoMjk1K05uY21nSGhsN1ZMMk54V0YrWTMwawp6cHBSZyt6ejdWa1ZlY2lLa2llZ08rSXJsaTV2U0hOWnQzakl5OTNxRnFBbGtINFNBVW01TmFScm0xMHhwbWNmCmxVa2JmYVcxQ2NETHNLZWp3akJtZkdmeDN0R2hFcW5XMnFLOUNXMGFEbWRBNVZZa1ZldjhoNzE4QXlvS0hlNHYKb0RVRUR4US90cGU4U3NjNkErV0N0Uk1laEZKRGJjS2RyTWVoWTNnRWZudUFnaklsY0lTbUZ2SFZmT2tWMzJCeApML2IzZy85Q3Y0Sk5Zb3Y0WHo4NHU2bGFTUHU2S1VxNXV3SURBUUFCbzNZd2REQU9CZ05WSFE4QkFmOEVCQU1DCkJhQXdIUVlEVlIwbEJCWXdGQVlJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DTUF3R0ExVWRFd0VCL3dRQ01BQXcKTlFZRFZSMFJCQzR3TElJU2NHRmphMkZuWlMxelpYSjJaWEl1YjJ4dGdoWndZV05yWVdkbExYTmxjblpsY2k1dgpiRzB1YzNaak1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQmNrSDlHN2xHL0NnRmZhYmJuL2RFZDlYNDlZdnBNCjNSMzlCaDRIWkk2RWQ2QVAvVVZVYks4ZEg0OGlEb2JYem42NjJ2VkptcDFPMmFQV0VnUnc0ODQxQ3IzcTBpOVQKZ2Y4TmhrRnFKVTVVd1JVZUJnQWFXWTFZeWI4VkVmdnZkOXRBYXU3ZC9hdkFlMG82VWdxZmp1TFRQaHYvNXJ5Rgo2MlBCeldXYTJSYmRqNDNDbFk5VkJhNmJWYVBlMU1pWThlQ0xyS2F4SVdMR2c3N2tjdi9GNUhWeCtZdExDZFhNCkNjdmpRVVRKTGxqT2I4Y1pmZ2RCYXl3aUY5MHZoNHNFVUI1RWQxbXNpb0s4UWdKSkFKV2VlOGF2RWZRYkVnWUQKckZCeWsyRFZ6WXhjRHRJMW02R0xiblNnZEtmU1JWbXJmQ08wRkFIQVBHWGZUc3NUVm1xWTAreVEKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBOGFrcmVsUW8zalNGSmEyRzVyRkdWSFhBT29EeVJmZ2FrV1JGTW1CTVI3aUVrbWw3CkI4Q0p4QWZUa1pvb2FzYjFSN2lhTW1SdFhISlYzOHNPQWRsajdNaGpYVGgyOTUrTm5jbWdIaGw3VkwyTnhXRisKWTMwa3pwcFJnK3p6N1ZrVmVjaUtraWVnTytJcmxpNXZTSE5adDNqSXk5M3FGcUFsa0g0U0FVbTVOYVJybTEweApwbWNmbFVrYmZhVzFDY0RMc0tlandqQm1mR2Z4M3RHaEVxblcycUs5Q1cwYURtZEE1VllrVmV2OGg3MThBeW9LCkhlNHZvRFVFRHhRL3RwZThTc2M2QStXQ3RSTWVoRkpEYmNLZHJNZWhZM2dFZm51QWdqSWxjSVNtRnZIVmZPa1YKMzJCeEwvYjNnLzlDdjRKTllvdjRYejg0dTZsYVNQdTZLVXE1dXdJREFRQUJBb0lCQUEzOGZZQ3grRCtNQ0p5NgpvMUVjdDNaUjdsTTBmVkVoWCtCRVRtRHhBOWt1eTdWeGwyWkdkWEs4QlRtckUyWENxQldEa0tFVUFPUlYxYlNECkd3ZHVYb01vd2Q5MlVpUll2cWlBTDkwdUdsNDRMa2xiTUNadjZyNXVYZ05scG1SNVFHM3c5bHdwSVBQMlRoRisKRklDNzlGaFRERVFJVHZFS1NjSklHYUNyZEtXdkJxVFdmWnZJMWREUExkT01IUW81cDFCMzEyWllEWnZhejl0OQpTKzg2Z1VpN0lhZG5ZS2l3T0Jqc28rckkwd0c2S0lTUUVTbUQwcnhucHVtTlhtWmU1akJFR3FibjI3OHZwQkdPCkVaRGpSL0lJMWdNMTNEcG00cEF0Y2hNNVRna3ZxYlNwQnkzaUZGb01BQmJjSXRpV1J6Z0hyOGttckJRNXovQzEKSGM4cjE5RUNnWUVBK01Vb2Faall3SVZrNkVwVkE3YXllcXBCc1hXUjhxMTN4WnBydUtLem05RG1kQWthNXF6VApDeUhIcTh4Y2d5YVhOSXpOL3A2VzF0Ri9uVlhqRjJlb0p0c3g2Z1MzcE15ZytYOGVrODlFYlNrcU5GUjlxSFY5CitycHdoWXlDQTFTTzJxTExvTXl1cWdWTGhGRnZibTh5VE1FNW5FM1Fzb3h4MEFISjIzaDNJWU1DZ1lFQStLOGUKYVVaSm40cXBQR1hmRUErNEJqd2NxSVJucHNXSFBibzY0dTlieGNtRmx3M2lrRDhxZHAxZmt2ZEE3VG94OEZrWQpnTlA2WkhmakFVU2M4bFRzSzkyMkw5NmMrN3lkN2lLdjNWQ01rNlBCbVZTam1nc1RNS3J2dEgrT01Ya3RaZCtxCjNZN0wwSGpldkR2dG1MeCt1SFdwQ0dOV1Ixc0c3eVVLSmphd0tXa0NnWUVBb3BlcDdDcWNNR2gvSlZ1LzZPZDIKQzdwUHFYN2dYeTZGZzcrRC9HOUsyT0pXWFN5K1NscFdyWVhzalJyS3RHVjZtandWUHYvRU1xOUdxenpCYWtDegpwSUhMUTlyRmRJN1IvMy9ZS2w5anA3MHArbjNtaXo0UGt0cGNSTTByQktZMW9DeWF6b1E0L0tMdFVwUXZNb3kyCjRYZkJBYW5TWjRCbnVyNFFnc05maWFVQ2dZQUp5RW0zOW0zYStzZGhldGhsZDFqVDFmV0NvNEs0U3JqaE1yd3kKUlJ3bEVhSlJxTmdxdUhGaExSdWZXbDZSZG1LVWc4eTA5S0c2NWdSbC9sNzJJV1VRN0szSUFFZklsMGpYSDBJdgp3SVZuSVYveU9pUWRZU1ltR2ZOSDlHU1JpYVRCaHlUZmhraDZNT2NDSEpGaUdyZ1paWGQ2dnYyYjNQYk8zWFFpCndLLzVVUUtCZ0dpWHJ0Y0ZEQ0NQQU0wTVliWHdCMWNEaUZpNjhKQW0zSTdhYzJaUW1KZElIZnpWeWRyNjViOUcKK0EvdWIzcHlrQzBwMUZzZDdkdUVBL2d3SStjc3YyWFBjbE9qbTRyMjBVZWJXTHc4S1RFajZ5R0ttUHRJbW5GQwo0VHZFZXdialhlNmUwWkZlN29nQjBMWjVWcEIrdDl4MFVGK3dFdURKczUvU0J5bUNHVjYvCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: package-server + namespace: olm + labels: + app: package-server +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: package-server + template: + metadata: + labels: + app: package-server + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: package-server + command: + - /bin/package-server + - -v=4 + - --debug + image: quay.io/coreos/package-server@sha256:cc18b5711fb2126329c969f077f67f41981c87f800f6b2ceae5981422c14917b + imagePullPolicy: Always + ports: + - containerPort: 443 + volumeMounts: + - name: certs + mountPath: /apiserver.local.config/certificates + readOnly: true + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + volumes: + - name: certs + secret: + secretName: package-server-certs + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + imagePullSecrets: + - name: coreos-pull-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: package-server + namespace: olm +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 443 + selector: + app: package-server diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_00-namespace.yaml new file mode 100644 index 000000000..1f2166b1a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_00-namespace.yaml @@ -0,0 +1,8 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm + labels: + openshift.io/run-level: "1" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..e75e22e51 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..e738495ba --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,709 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..8742215dc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_03-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..35f0c24a1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_04-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..8facb62fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..b09cd30e0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,11748 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: olm + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + provider: + name: Red Hat, Inc + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: svcat.v0.1.34 + namespace: placeholder + spec: + displayName: Service Catalog + description: Service Catalog lets you provision cloud services directly from the comfort of native Kubernetes tooling. This project is in incubation to bring integration with service brokers to the Kubernetes ecosystem via the Open Service Broker API. + keywords: ['catalog', 'service', 'svcat', 'osb', 'broker'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Documentation + url: https://svc-cat.io/docs + - name: Service Catalog + url: https://github.com/kubernetes-incubator/service-catalog + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-info"] + verbs: ["get","create","list","watch","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["service-catalog-controller-manager"] + verbs: ["get","update"] + clusterPermissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["create","patch","update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get","create","update","delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get","list","update", "patch", "watch", "delete", "initialize"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceinstances","servicebindings"] + verbs: ["get","list","watch", "update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers/status","clusterserviceclasses/status","clusterserviceplans/status","serviceinstances/status","serviceinstances/reference","servicebindings/status"] + verbs: ["update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers/status","serviceclasses/status","serviceplans/status"] + verbs: ["update"] + - serviceAccountName: service-catalog-apiserver + rules: + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authentication.k8s.io"] + resources: ["tokenreviews"] + verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] + deployments: + - name: svcat-catalog-apiserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-catalog-apiserver + template: + metadata: + labels: + app: svcat-catalog-apiserver + spec: + serviceAccountName: "service-catalog-apiserver" + containers: + - name: apiserver + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + args: + - apiserver + - --enable-admission-plugins + - "NamespaceLifecycle,DefaultServicePlan,ServiceBindingsLifecycle,ServicePlanChangeValidator,BrokerAuthSarCheck" + - --secure-port + - "443" + - --etcd-servers + - http://localhost:2379 + - -v + - "10" + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 443 + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + readinessProbe: + httpGet: + port: 443 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 443 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + - name: etcd + image: quay.io/coreos/etcd:latest + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 40Mi + requests: + cpu: 100m + memory: 30Mi + env: + - name: ETCD_DATA_DIR + value: /etcd-data-dir + command: + - /usr/local/bin/etcd + - --listen-client-urls + - http://0.0.0.0:2379 + - --advertise-client-urls + - http://localhost:2379 + ports: + - containerPort: 2379 + volumeMounts: + - name: etcd-data-dir + mountPath: /etcd-data-dir + readinessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + volumes: + - name: etcd-data-dir + emptyDir: {} + - name: svcat-controller-manager + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-controller-manager + template: + metadata: + labels: + app: svcat-controller-manager + spec: + serviceAccountName: svcat-controller-manager + containers: + - name: controller-manager + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - controller-manager + - --secure-port + - "8444" + - "--cluster-id-configmap-namespace=default" + - "--leader-elect=false" + - -v + - "10" + - --resync-interval + - 5m + - --broker-relist-interval + - 24h + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 8444 + readinessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + maturity: alpha + version: 0.1.34 + apiservicedefinitions: + owned: + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceClass + displayName: ClusterServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServicePlan + displayName: ClusterServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceBroker + displayName: ClusterServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceInstance + displayName: ServiceInstance + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBinding + displayName: ServiceBinding + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceClass + displayName: ServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServicePlan + displayName: ServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBroker + displayName: ServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + customresourcedefinitions: + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/svcat.v0.1.34.clusterserviceversion.yaml + packageName: svcat + channels: + - name: alpha + currentCSV: svcat.v0.1.34 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..cf3f00884 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: olm +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..2873a6f31 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:f3b170c8c1cd29c5452afd961e73bada7402623310290926c649cce0b4310470 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..aad71db89 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,43 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - olm + - '-debug' + image: quay.io/coreos/olm@sha256:f3b170c8c1cd29c5452afd961e73bada7402623310290926c649cce0b4310470 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..e91d70cb0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,26 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_13-packageserver.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_13-packageserver.yaml new file mode 100644 index 000000000..69fc291d7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.2/0000_30_13-packageserver.yaml @@ -0,0 +1,151 @@ +##--- +# Source: olm/templates/0000_30_13-packageserver.yaml +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.packages.apps.redhat.com +spec: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5VENDQWQyZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01URXdNalV6TkRCYUZ3MHlPREV3TURnd01qVXpOREJhTUJ3eApHakFZQmdOVkJBTVRFWEJoWTJ0aFoyVXRjMlZ5ZG1WeUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFyenpGYzBBNHJHY29iVzJRS1h4N0RhU3Nod1UyNUE3YjB5clp6THE5bGx2Q3FiWTQKcWl5T0NNZXd2bldUUXZIMnpTQlh6Ujh0a28zMmZucFJDS2p5RlovM1Avam03ZDVwK2cydUloSXdQK0hDWXRIQQpLVEdzeVRzNE1EbjNMTi9IYlNCWDVsNHY0b0U0SW1tZ2pBVUlmYUt0SDE3cnpKVWpIUWx6V1hWLzY5c2pjT0xQCnJNTlNrNFk1ZUIxVW94Z1hHWVRMaDJnanEvZHhBeHlXMjJldFBMb2MvVFg2ZUszNHRmaDQ3SHJMeVU2MTcwOHoKUTIzQld5MmRwNUkrdVdPVFI5cDVicUxHenJVRm44T3UyaDhORDdackRoaTdZM3ora3dSL1JZdVk0Um9wd1YwSgo0QXU5NkpHQzdDbzduRUpBMFU4SElXdk5VcHlmZkxJTGdaUGdPd0lEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBRkc2WnVONUNjU3B1WVVZTnF3dm8yV3NqTm85R0tZZwprTDZEbXcyS3ZRc3hSbEVaWnE1VHVrbWh2dk5IemZxN0FwaFR5T0pFQXZZejBKT2gyVEhoK2g1QSs5VWh3RUV3CkhjQ0x6cUtudnpHL1FUUnRnM2V5ZG9xODRoZEorN2NPajg0RmdOVVNWMVZhNFcxdDdPdzJjMVpBNlRhL09ibisKSklSYU1qYTBzbGJyOGhzQWd2TUJ6aXh5bFpISXVyMWQwN1NoRWoxUU9WYTJkY29NSERZRFVvWGJ2MnlQdUl5RwpGbUFqOFduaWYzell5VUFzRVNwYmpsNmI5TGpQcU1HY1MveGtTU0Uzajl4RG5COUpuRHVXZEVybEoyTjgzU0JRClN0UzViV01aSEtyZkZJMHdXR3VBcEJaaEVDcVUwemtxRnVoZjNGbjg0aVkyNjVaY2w2aTYrQk09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + group: packages.apps.redhat.com + groupPriorityMinimum: 2000 + versionPriority: 15 + service: + name: package-server + namespace: olm + version: v1alpha1 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: packagemanifest-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: package-apiserver-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aggregated-apiserver-clusterrole +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: package-server-certs + namespace: olm + labels: + app: package-server +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURKakNDQWc2Z0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01URXdNalV6TkRCYUZ3MHhPVEV3TVRFd01qVXpOREJhTUJreApGekFWQmdOVkJBTVREbkJoWTJ0aFoyVXRjMlZ5ZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXBjOHBZY1JzNHpiSm53MnNtOFROVC8vWG53bUlMaVZzeGJqQzRydzEwL3JiVXY5M1liQW0KVHN3M3lCTURJaHcxZlROSlo2dFhTa3p3VTV3dHNhQU1VMi9yYldNMEVTcHlKWUR5R2E0UmZWVEp5UnYweituSworNGJWcmtqNDlBdExnVDFPTGxXWTJMUEd1ekhnekZKZEZDWHVCY2ZTemJSVmhrTDAzY1p5ZmxiN3BGbGNQYVo4ClpwVkl4NjR1RzM5UC9icVdrVGFGdG81M0dIZnpIamMxVXlNdTZ5ekUvRWllUi92THJTQzNmRVFHRlNSdnNBb1kKZTFQeUd0QnozZzJxVDluNTI0c3djSitOQTdjeXlDam1Pa0VTRnpLRWEzWWJVRmZsODFCeE00NGJiRVJ6MVJXZgpZYkVXZ2lRc0FzcWNLV0Jqei9DRlZoWWFTRjhyeFo0RFdRSURBUUFCbzNZd2REQU9CZ05WSFE4QkFmOEVCQU1DCkJhQXdIUVlEVlIwbEJCWXdGQVlJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DTUF3R0ExVWRFd0VCL3dRQ01BQXcKTlFZRFZSMFJCQzR3TElJU2NHRmphMkZuWlMxelpYSjJaWEl1YjJ4dGdoWndZV05yWVdkbExYTmxjblpsY2k1dgpiRzB1YzNaak1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQjczVzQ2R1RyckQ5N21LY0VxTjd2QmtnSFNvMGtuCnd5VllEckN2RXV4K2RRYTdGVFJuWGhzbG5oczA3eWdMWWZMZGs0NFJ5ajBaUGZZT3locVZWaGhNb2JlQ09hOFkKNFNJSEVkWWlXYmVpa3F3VTNHcDNXRGVzRTJlU3VwWTlRL1NYUTcydHloMXNmdG5sNVp4bnNJaWFTYlp4d2dNeApRZUYwNUx4cko1Mk1KRFNSMWdINDdhY0ZURnh5WFFwMittYnNaSndqNnBvWFQrMFdoRHdhSnNMVTJHVVRKdUNICnY3UnVNV2cyTGhiTXQ4TzlrQWppdS9ReXNRRVRLZGxVTjlGLzBhMFJTYUFIYlpNVW95N0tGQUtWaVRrVUJqaC8KQnEwT0N1azlGMTVsRk9TVzVDamphMDNCSHFsN281UHNJVnFoL0JmbUpNSm5xZ1pCc2x5QWk4dW0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBcGM4cFljUnM0emJKbncyc204VE5ULy9YbndtSUxpVnN4YmpDNHJ3MTAvcmJVdjkzClliQW1Uc3czeUJNRElodzFmVE5KWjZ0WFNrendVNXd0c2FBTVUyL3JiV00wRVNweUpZRHlHYTRSZlZUSnlSdjAKeituSys0YlZya2o0OUF0TGdUMU9MbFdZMkxQR3V6SGd6RkpkRkNYdUJjZlN6YlJWaGtMMDNjWnlmbGI3cEZsYwpQYVo4WnBWSXg2NHVHMzlQL2JxV2tUYUZ0bzUzR0hmekhqYzFVeU11Nnl6RS9FaWVSL3ZMclNDM2ZFUUdGU1J2CnNBb1llMVB5R3RCejNnMnFUOW41MjRzd2NKK05BN2N5eUNqbU9rRVNGektFYTNZYlVGZmw4MUJ4TTQ0YmJFUnoKMVJXZlliRVdnaVFzQXNxY0tXQmp6L0NGVmhZYVNGOHJ4WjREV1FJREFRQUJBb0lCQUJJVm9rSFRscnpCZ1FRawpEYXQvcjVVR0pwSm1DOEJjdkp4a0puMXNZY0taSGNyVHFrV3hYTHhEY2VJVWtNYnJwTG5mR2lhQWZhalE4M1ZyCkYyREVRQlBwcFJmdE5nU1pTSkhtbW9GS2h3WFFkYUhGdHRIbWdna2xEN0ZPckRpUjhzNUp6WGtvUk45OTNETVcKb1pvbmNaZDgrNVVOMG1RMVF3Njl4czlaa2F0TnpIclMvYzgwdWJJaVNudTEvNkk3aVhrbU54UU5ockg0cUw0ZQpHT1g1UVN4Sy9UOWNseHRuaFBvaDJUdU04YldhWDBpZzFQM000WUt6MmR4MDlBSW1ZQkFmdzgyUnJmd1RoeHRaCktOcHVuMmlMdGhqb0RyMWJCM0lDZnJoaG04aU9IZldYV09TdTdHQytHQWVZRThZNi9iY3IwYktDV2dmeTZOamEKMlBCL2lzRUNnWUVBekdMUUhLR01LOERmWDVzZVdFTVp4RnVXRVFJNXY0ZWIwNFpGN0lNWitucnZXVmRYdU9wVQpUWlJXdTdjVmVGOWNhY1lkQ0o5TFlXQUsvZHNoUTFxTDM5bWxlanM1cGxXK2tXN3hEMFozQ1FXV3Z2bXpjM200Ck5YKzIxTGZNYVRPNEFCYXNpNHN4OWhCRTdLSFJNNVVhNWdCVzg0aDhZTHhkK200WjdmRk5ZVVVDZ1lFQXo2NXUKSm5ZTWg3TGtCSGJsR0x6cnlhT1dIY0psSENmTzN1eFlkREhpOUhNeldXN09YbkZwb1FKNlpRRnRNR2pUODkvYgpnZ3Z6VUxGZWtORkdtR2d6N0ZMNFZWRlV0UVRvQ0JXeUUxVk56Z3pmRjMrTTFONTdaZGx4RE5UdW04TlFXNnJJCnorOFNMbzhUNDhOaDVFb3o4SWdhdmRkSUpNMzVhOG1GTm92eitRVUNnWUJSQTBYTVkzaEZDNEUreXlSL0JiSGIKOUJXS2ptQkhlOEFYV3R5eWY5QzNTUzFBTTIrdyt5a0pTeWdKNWVzYnVHalFBRmdYeDlSQU42cURydTBEWG91Ywo0ZzlHWU4xY0FoYTBYTTR1S05jYisxd2lQS1dWdXdSNktESlhKTGRnWjhDaVFGcUtRVlUvWEhtRmRpcVBFS1lGCnp0S29XMHc1cDlCMGFGbmN4ODNOSlFLQmdBWGIvUDJXelFtekVWM1M0T25Pd3JSQXFrYVNxbm1kNGVkR01jU3QKZDZLLzhVM3ZvMkRrd0Q4cnE3cFh6UFhWcjAwdEhxdFBuUURFMEU4enFGTTZkV1NRZnJNaGhVdEtKU1c5UHZYdQpyVEJJQ3E5R0NQb2tnTVRCMnIrcTdrUjB3VHFrMmQrTDlpNWNHUXFQQTU4R1BPcm5YQ0hKQmg4THRLTEczN3hIClBJM2xBb0dCQUkwV0hOQzhYRzcxR1hVTmd1S0N0YnlXSmVXUW03QUtyZ0ZqdjdqSm9HMmlUbDhzd0hNSUd5MG4KZVZRYS9aNlc1OTBDaWYvVThzY0JvOE5GV09DOEJEYlFQTEpYQjc2R2pmTG9rQTBXZ0FoOVA5QjU0aEE5L2F0dAo5bzdGL1YyRGZia0o0WGFhTml4bk1FMDN0S0pNb1ZkZFh1N0diUVdRWU1aU0Jvd054NmpFCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: package-server + namespace: olm + labels: + app: package-server +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: package-server + template: + metadata: + labels: + app: package-server + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: package-server + command: + - /bin/package-server + - -v=4 + - --global-namespace + - olm + - --debug + image: quay.io/coreos/olm@sha256:f3b170c8c1cd29c5452afd961e73bada7402623310290926c649cce0b4310470 + imagePullPolicy: Always + ports: + - containerPort: 443 + volumeMounts: + - name: certs + mountPath: /apiserver.local.config/certificates + readOnly: true + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 443 + volumes: + - name: certs + secret: + secretName: package-server-certs + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + imagePullSecrets: + - name: coreos-pull-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: package-server + namespace: olm +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 443 + selector: + app: package-server diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_00-namespace.yaml new file mode 100644 index 000000000..1f2166b1a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_00-namespace.yaml @@ -0,0 +1,8 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm + labels: + openshift.io/run-level: "1" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..e75e22e51 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..c321e207e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,718 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + categories: + - all + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + # FIXME(alecmerdler): Doesn't allow boolean values + type: object + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + type: object + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..8742215dc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_03-installplan.crd.yaml @@ -0,0 +1,78 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + categories: + - all + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..35f0c24a1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_04-subscription.crd.yaml @@ -0,0 +1,72 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + categories: + - all + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..8facb62fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,81 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + categories: + - all + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. Currently the only supported type is "internal". + enum: + - internal + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..99d55fe3c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,11756 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: olm + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + provider: + name: Red Hat, Inc + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: svcat.v0.1.34 + namespace: placeholder + spec: + displayName: Service Catalog + description: Service Catalog lets you provision cloud services directly from the comfort of native Kubernetes tooling. This project is in incubation to bring integration with service brokers to the Kubernetes ecosystem via the Open Service Broker API. + keywords: ['catalog', 'service', 'svcat', 'osb', 'broker'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Documentation + url: https://svc-cat.io/docs + - name: Service Catalog + url: https://github.com/kubernetes-incubator/service-catalog + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-info"] + verbs: ["get","create","list","watch","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["service-catalog-controller-manager"] + verbs: ["get","update"] + clusterPermissions: + - serviceAccountName: svcat-controller-manager + rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["create","patch","update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get","create","update","delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get","list","update", "patch", "watch", "delete", "initialize"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceinstances","servicebindings"] + verbs: ["get","list","watch", "update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers/status","clusterserviceclasses/status","clusterserviceplans/status","serviceinstances/status","serviceinstances/reference","servicebindings/status"] + verbs: ["update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers/status","serviceclasses/status","serviceplans/status"] + verbs: ["update"] + - serviceAccountName: service-catalog-apiserver + rules: + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authentication.k8s.io"] + resources: ["tokenreviews"] + verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] + deployments: + - name: svcat-catalog-apiserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-catalog-apiserver + template: + metadata: + labels: + app: svcat-catalog-apiserver + spec: + serviceAccountName: "service-catalog-apiserver" + containers: + - name: apiserver + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + args: + - apiserver + - --enable-admission-plugins + - "NamespaceLifecycle,DefaultServicePlan,ServiceBindingsLifecycle,ServicePlanChangeValidator,BrokerAuthSarCheck" + - --secure-port + - "5443" + - --etcd-servers + - http://localhost:2379 + - -v + - "10" + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 5443 + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + readinessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + - name: etcd + image: quay.io/coreos/etcd:latest + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 40Mi + requests: + cpu: 100m + memory: 30Mi + env: + - name: ETCD_DATA_DIR + value: /etcd-data-dir + command: + - /usr/local/bin/etcd + - --listen-client-urls + - http://0.0.0.0:2379 + - --advertise-client-urls + - http://localhost:2379 + ports: + - containerPort: 2379 + volumeMounts: + - name: etcd-data-dir + mountPath: /etcd-data-dir + readinessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + volumes: + - name: etcd-data-dir + emptyDir: {} + - name: svcat-controller-manager + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: svcat-controller-manager + template: + metadata: + labels: + app: svcat-controller-manager + spec: + serviceAccountName: svcat-controller-manager + containers: + - name: controller-manager + image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.34 + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - controller-manager + - --secure-port + - "8444" + - "--cluster-id-configmap-namespace=default" + - "--leader-elect=false" + - -v + - "10" + - --resync-interval + - 5m + - --broker-relist-interval + - 24h + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - ServicePlanDefaults=false + ports: + - containerPort: 8444 + readinessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + maturity: alpha + version: 0.1.34 + apiservicedefinitions: + owned: + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceClass + displayName: ClusterServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServicePlan + displayName: ClusterServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceBroker + displayName: ClusterServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceInstance + displayName: ServiceInstance + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBinding + displayName: ServiceBinding + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceClass + displayName: ServiceClass + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServicePlan + displayName: ServicePlan + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBroker + displayName: ServiceBroker + description: A service catalog resource + deploymentName: svcat-catalog-apiserver + containerPort: 5443 + customresourcedefinitions: + required: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/svcat.v0.1.34.clusterserviceversion.yaml + packageName: svcat + channels: + - name: alpha + currentCSV: svcat.v0.1.34 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..cf3f00884 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: olm +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..412be3b46 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,47 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + image: quay.io/coreos/olm@sha256:3f3909a6bdf6f4bf429e114832c8cfc03c731f9403b91417d5dc246ad0448772 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..a149519e1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,42 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + - '-namespace' + - olm + image: quay.io/coreos/olm@sha256:3f3909a6bdf6f4bf429e114832c8cfc03c731f9403b91417d5dc246ad0448772 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + imagePullSecrets: + - name: coreos-pull-secret diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..e91d70cb0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,26 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_13-packageserver.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_13-packageserver.yaml new file mode 100644 index 000000000..d2c16556f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.7.4/0000_30_13-packageserver.yaml @@ -0,0 +1,151 @@ +##--- +# Source: olm/templates/0000_30_13-packageserver.yaml +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.packages.apps.redhat.com +spec: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5VENDQWQyZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01Ua3hPRFEyTlROYUZ3MHlPREV3TVRZeE9EUTJOVE5hTUJ3eApHakFZQmdOVkJBTVRFWEJoWTJ0aFoyVXRjMlZ5ZG1WeUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFuMm5NaFJYZ0xoSXhBTjA1TjQ0ZURKeU9aVHFwZmlCUW4vTDg3aXVoYktWZjZXTFoKaU9ERWlaeW1aLzYyRWRrVGRraTJTSEsxOEFIWTBjMXNNb004aXF5d0Nqc25nOEdENG5UbC9YTlBiN2tYMjdxSgo4b3lPbWg0VjE0Q1ROYS8xVFNydW9QM2UzOXFORlZvOGIrMzBmcjVqTlM5emZXN1Vicnd3L1RzRFJvMWdoSUtKClcvSHVRYW9sV3ZRaDRqbGhhRjllTWRoU1Z2T0pENUd3MEpHVUhJU0R1dStCWWZOVURxOUJlS2Y1ZFVRYzkwM2IKN0FtTDFXczdncFkyTXJFOTBPT1lMa0NnalZDMWM5MFUvZThhSHpqVmdodGJrdWNkYkFNVUpmam12WG5aejhFTwpiSnhpRlNkYmRmNUsxVUhzaUVNTEtMN2grNXFQTW5MVVhMUCtrUUlEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBRWE1TE1CT0xJNnFldjEzTEJaWkRIUDVDYnBwaDRGcwp3TTgycTE3SGFvdEJtNi9SWDZ1d2dKdDNMNHk0UEdvajZ3VTZRMjdhdGhROXEyM3dES0NCVVowMjV6ZkR4WHh4CkpsS2tWMk56TFJheFBGdGRjTEk3Tm8zZUV1Qk1US2dnRTRRUDd0TlI2QUxvU1hqUHhVRHBNS0JjU3dXVm1PRVQKV0NIYW9sYlNBTnQyZUJEYUloS09kVUFNVEZJOUlwSG9UUEdJdzcwWjE0UndUV205L2s1T2FsRVA3RzA2VnJWRQorNlNvNjkyWGhYbExJTDlCdlNRZmswTUJMV1BpUDJWV2s0T1pLMzl2QllsZjNpUTlPQndtUERBOTllSFdnOXZoClZkK215UjBrRnprNFBzVkkya2xkRXdGRjZjTXpzK25Pekl0V1QyZ1NmS1gyMm1tZ2Y5T3J4bkE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + group: packages.apps.redhat.com + groupPriorityMinimum: 2000 + versionPriority: 15 + service: + name: package-server + namespace: olm + version: v1alpha1 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: packagemanifest-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: packagemanifest-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: package-apiserver-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aggregated-apiserver-clusterrole +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: package-server-certs + namespace: olm + labels: + app: package-server +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURKakNDQWc2Z0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFjTVJvd0dBWURWUVFERXhGd1lXTnIKWVdkbExYTmxjblpsY2kxallUQWVGdzB4T0RFd01Ua3hPRFEyTlRSYUZ3MHhPVEV3TVRreE9EUTJOVFJhTUJreApGekFWQmdOVkJBTVREbkJoWTJ0aFoyVXRjMlZ5ZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQW5Ndk52MjZTcTlqeHJPNytOKzY1eDhoSFhFM0h2NnlERUlUYmo4ejFZRHVrL1FKc0VNOHYKOHp1ZThPYWtMT0hvek9qTk85T2RuZWVWNW9pUnl5K0I5ZmRDUWQ5WU9SeUpZZkw1ZFMrUS9UVXNDVFQ3RTFYUApQYnErcmkxTERLUjZWcEFpZGpDV01wbjl4UVNyM1ppN1FuK3NGUUxHS3pkZkhiTmlmYmlXcHlqc3JoM2N0NEVUCjNPSDJRZHRDZitJQVd0N0FrRDZQOWNLMTE2Rlc0RkJsTVdLTFZNd3l3Q3VER0FBV0NCUG5nLzlKbStLNkorR0gKWnk3dnMxRkFpamU3Vjdsa25GM1M4aUJNL09lTVVlVk53Tmx4YzJzYVh6ZlVxUlZySlJFMkFudWJHanA5QndnawpvdXNKY0RYYkRpUFQxNHNKNkVqN2htRTVPbWVxUjA1bm53SURBUUFCbzNZd2REQU9CZ05WSFE4QkFmOEVCQU1DCkJhQXdIUVlEVlIwbEJCWXdGQVlJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DTUF3R0ExVWRFd0VCL3dRQ01BQXcKTlFZRFZSMFJCQzR3TElJU2NHRmphMkZuWlMxelpYSjJaWEl1YjJ4dGdoWndZV05yWVdkbExYTmxjblpsY2k1dgpiRzB1YzNaak1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQUREN2YzU3lJOXc4REZ3dUdUU0RJWE1ldDBVTzVMCjBYU0czcEZzbW9jVHNrSDdJUGc3ZXFIanI4cmNjajVZUGUvVENBL2hDcjY4N21KM3dQcVpnYklmZnA1cUMzQVQKVGtHNmlWNU1OZVdUNUlLYWF1cE1GVkNTWkNzZ3hHWlhNNzJWOU9lNFJWcUl0SCtlajNOOHI1U1ZRVmI4OUExdQpTaTRKeS9qeVpJaDY2b1k1RCtwQmFYTlhLbkRCWmlaQ0NINjNHc1hUblk4Z0dGVE1lYkIvbXNFTTl2WnNrZTNMCmsvVW9FUHdLWmVqQmNVd1E3ZjRJdEVaZyt6M2FabU1OUkxnc3QwTlJyNHpLbkNzMzVpUEl1UURHVFhrZ1puMWQKMWhvcnZJcyt0NjIvalpmYms5c1VvZk91YjAyL3dIcXFwcDN4MEtkcHp5S05KbmNpTVh3Y0V0aFUKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBbk12TnYyNlNxOWp4ck83K04rNjV4OGhIWEUzSHY2eURFSVRiajh6MVlEdWsvUUpzCkVNOHY4enVlOE9ha0xPSG96T2pOTzlPZG5lZVY1b2lSeXkrQjlmZENRZDlZT1J5SllmTDVkUytRL1RVc0NUVDcKRTFYUFBicStyaTFMREtSNlZwQWlkakNXTXBuOXhRU3IzWmk3UW4rc0ZRTEdLemRmSGJOaWZiaVdweWpzcmgzYwp0NEVUM09IMlFkdENmK0lBV3Q3QWtENlA5Y0sxMTZGVzRGQmxNV0tMVk13eXdDdURHQUFXQ0JQbmcvOUptK0s2CkorR0haeTd2czFGQWlqZTdWN2xrbkYzUzhpQk0vT2VNVWVWTndObHhjMnNhWHpmVXFSVnJKUkUyQW51YkdqcDkKQndna291c0pjRFhiRGlQVDE0c0o2RWo3aG1FNU9tZXFSMDVubndJREFRQUJBb0lCQUU3WlduMURJTFVVb3V4QgpQMHhuVzd1dzV0bnZMMTBmWnNXZTJqOGxaZHZnQXFkTldZVFdmQm1JU1BTQ045dHVPOEVYN1dXQmxJaTgxakFaClM1L3ZJeDdMR2VIQWJFQkVMbjQ0VHVSMGFDZzlYZ2kvUU9mSFJqR1h3SjRjbnRvYnVIM2hlOE1OeWVwbWNDeHMKbmZVUkFsSjltODd4RnpEU1pwMnNBUUtTR2dpekRVa0hBSGs5cFduZWs5NUJERi9jaWNPNmtBOUZwMG1iM2ZCcApLckhLbVVVZkF5NjIwRis0aUx1TzlzZWw0ZXZuOEJOdC95cXZjdWZ6V3RnTXJ5dllzcmowT0MyTXRubDlPWFZLCjF3b2lnWE9tZFFnNmQwZmFZaS9Dd3k0YlRCUWp0Vlh5MU9CT3drZjNwMVdYc3liNGpYcFR4L1hsdGZ6RW0vU1UKYlVVeHo1RUNnWUVBelhySy8vVHdRNEFQbWxNTGJlRjU1MlJPSmczREdlTWE3aDViaElYMEJWRTRySytCSXZuQgpoaEVvVFFJVFBVSmtLQ0VaUm5WQjdTRTRxMlJkaWdTazhDS3JXVkhsekFLZlp6aHF2ei9iWXB6bDA4cmhVQnBtCjdnRWxmTVlyeUxSbkVkV2xpRVVWeUw5cktNWUR6dTlhLzg1MStBeVBaaVdEaEZ0clQ5WlJUNWNDZ1lFQXcxaksKOW13d0hkVm1WZlgzYnVMTlNFNGdxRHFPUFRvUlJ0ci96NFNoWDk2N2F5QnBSdnZUVHB3eDNWYklFTERIUWx1Qgpmc0R2UFlBbDFIMUFTd0ZFYWMyUzlNWXRsTStjbHZ2SWpveG9KTlp5UFZOb2Ztb3Vab1RaMXh1QitjZkpRWGxHCjBIMDRrUXVPMi9DdDU3OG1vS00yOXp1dWplVDFlRlg5M29DL3FUa0NnWUFQd2hVRFlDTjA2Y05Ja0luVjJXN2gKNGYxa1NiWG1yRllLWU9XZjJpNEdvbDM0VUZWVSsxWnVFNjdGaVIwMG0zelczd0x6TmxiaCtxUS84S2lEeHl0bgpCeUdnN2ZqemxsZm5NSnB2SkZTTTBYK0dxSTV5K0ROZ21WSG9xY0g5MkdmM0pDMVhzQVNscXBoclBoUllzRjZJCk02czBaTEl5b1RuZTBxditLVzkrN1FLQmdRQzRHRHZlRTRNYytubGcxVmFEMTVYaWFFNTZmQVNFU3U3eE9YNE8KMFUxTGpocE9FTk5tSS9pMWdwbXpvQThYTzZIdE5WTktZd1NUanVzWDM1bnhsWllscDZpd3FQdFgzSGdVQ2VDdQpCa0EzUnltT0JjYmFLN0xpeHB5TkRjMWwyaFFlY2U1OG1TWHYrMVo4aThzNE5YcHZ0S0VlU2M1c3hyTlczcU5MClIwWlljUUtCZ1FDK0N0aUF1UFJTWlpIQWc2Q0tKUGZZRzFqUkdBRzVVZG5STTRXcTdPQ3ZZZUZobzZkU3NUOWsKeFJrejdUQ1QrNjJDVUZRWis2elJxUkwxMHp4bVhDVVlHa1B1b1E0c3lmWTB6R0NuSlpka0dVempKNWtuWjN1eApMYUJrbFowTUF5OGV2S1NkSit2RWhJR2NZQ2poL1RqT1EzTTlHQWFqME1OSDB2bURuOXowalE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: package-server + namespace: olm + labels: + app: package-server +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: package-server + template: + metadata: + labels: + app: package-server + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: package-server + command: + - /bin/package-server + - -v=4 + - --secure-port=5443 + - --global-namespace + - olm + image: quay.io/coreos/olm@sha256:3f3909a6bdf6f4bf429e114832c8cfc03c731f9403b91417d5dc246ad0448772 + imagePullPolicy: Always + ports: + - containerPort: 5443 + volumeMounts: + - name: certs + mountPath: /apiserver.local.config/certificates + readOnly: true + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + volumes: + - name: certs + secret: + secretName: package-server-certs + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + imagePullSecrets: + - name: coreos-pull-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: package-server + namespace: olm +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 5443 + selector: + app: package-server diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_00-namespace.yaml new file mode 100644 index 000000000..eea04be79 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_00-namespace.yaml @@ -0,0 +1,15 @@ +##--- +# Source: olm/templates/0000_30_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm + labels: + openshift.io/run-level: "1" +--- +apiVersion: v1 +kind: Namespace +metadata: + name: operators + labels: + openshift.io/run-level: "1" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..e75e22e51 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +##--- +# Source: olm/templates/0000_30_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..55ec96299 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_02-clusterserviceversion.crd.yaml @@ -0,0 +1,760 @@ +##--- +# Source: olm/templates/0000_30_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + pattern: ^(?:[A-Za-z0-9+/]{4}){0,16250}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_03-installplan.crd.yaml new file mode 100644 index 000000000..1cdf63651 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_03-installplan.crd.yaml @@ -0,0 +1,79 @@ +##--- +# Source: olm/templates/0000_30_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_04-subscription.crd.yaml new file mode 100644 index 000000000..9894ebd30 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_04-subscription.crd.yaml @@ -0,0 +1,74 @@ +##--- +# Source: olm/templates/0000_30_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_05-catalogsource.crd.yaml new file mode 100644 index 000000000..0b17256bd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_05-catalogsource.crd.yaml @@ -0,0 +1,120 @@ +##--- +# Source: olm/templates/0000_30_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_06-rh-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_06-rh-operators.configmap.yaml new file mode 100644 index 000000000..7f926ea86 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_06-rh-operators.configmap.yaml @@ -0,0 +1,13200 @@ +##--- +# Source: olm/templates/0000_30_06-rh-operators.configmap.yaml + +kind: ConfigMap +apiVersion: v1 +metadata: + name: rh-operators + namespace: olm + +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: alertmanagers.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkas.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: clusterloggings.logging.openshift.io + spec: + group: logging.openshift.io + names: + kind: ClusterLogging + listKind: ClusterLoggingList + plural: clusterloggings + singular: clusterlogging + scope: Namespaced + version: v1alpha1 + validation: + openAPIV3Schema: + properties: + spec: + description: Specification of the desired behavior of the Logging cluster. + properties: + visualization: + description: Specification of the Visualization component for the cluster + properties: + type: + description: The type of Visualization to configure + type: string + kibana: + description: Specification of the Kibana Visualization component + properties: + resources: + description: The resource requirements for Kibana + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + replicas: + description: Number of instances to deploy for a Kibana deployment + format: int32 + type: integer + proxySpec: + description: Specification of the Kibana Proxy component + properties: + resources: + description: The resource requirements for Kibana + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + required: + - replicas + required: + - type + logStore: + description: Specification of the Log Storage component for the cluster + properties: + type: + description: The type of Log Storage to configure + type: string + elasticsearch: + description: Specification of the Elasticsearch Log Store component + properties: + resources: + description: The resource requirements for Kibana + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + replicas: + description: Number of nodes to deploy for Elasticsearch + format: int32 + type: integer + storage: + description: 'The storage backing for Elasticsearch. More info: ' + type: object + required: + - replicas + - storage + required: + - type + collection: + description: Specification of the Collection component for the cluster + properties: + logCollection: + description: Specification of Log Collection for the cluster + properties: + type: + description: The type of Log Collection to configure + type: string + fluentd: + description: Specification of the Fluentd Log Collection component + properties: + resources: + description: The resource requirements for Fluentd + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + required: + - type + #eventCollection: + #normalizer: + curation: + description: Specification of the Curation component for the cluster + properties: + type: + description: The kind of curation to configure + type: string + curator: + description: The specification of curation to configure + properties: + resources: + description: The resource requirements for Curator + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + schedule: + description: 'The cron schedule that the Curator job is run. Defaults to "30 3 * * *"' + type: string + required: + - schedule + required: + - type + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: deschedulers.descheduler.io + spec: + group: descheduler.io + names: + kind: Descheduler + listKind: DeschedulerList + plural: deschedulers + singular: descheduler + scope: Namespaced + version: v1alpha1 + validation: + openAPIV3Schema: + properties: + spec: + strategies: + type: array + uniqueItems: true + minItems: 1 + maxItems: 4 + collectionFormat: pipes + items: + type: string + schedule: + type: string + pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$' + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: elasticsearches.logging.openshift.io + spec: + group: logging.openshift.io + names: + kind: Elasticsearch + listKind: ElasticsearchList + plural: elasticsearches + singular: elasticsearch + scope: Namespaced + version: v1alpha1 + validation: + openAPIV3Schema: + properties: + spec: + description: Specification of the desired behavior of the Elasticsearch cluster + properties: + nodes: + description: Specification of the different Elasticsearch nodes + properties: + roles: + description: The specific Elasticsearch cluster roles the node should perform + type: object + replicas: + description: Number of nodes to deploy + format: int32 + type: integer + spec: + description: Specification of the Elasticsearch node + properties: + image: + description: The image to use for the Elasticsearch node + type: string + resources: + description: The resource requirements for the Elasticsearch node + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + storage: + description: The type of backing storage that should be used for the node + properties: + hostPath: + description: Use host node storage + type: object + emptyDir: + description: Use ephemeral storage + type: object + volumeClaimTemplate: + description: 'Volume claims that act similarly to the VolumeClaimTemplates + field of StatefulSets. A number of PVCs will be generated based on the number of + node replicas' + type: object + persistentVolumeClaim: + description: Use a specifically named Persistent Volume Claim + type: object + nodeSpec: + description: Specification to be applied to all the Elasticsearch nodes + properties: + image: + description: The image to use for the Elasticsearch nodes + type: string + resources: + description: The resource requirements for the Elasticsearch nodes + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + serviceAccountName: + description: The service account for the Elasticsearch nodes in this cluster + type: string + configMapName: + description: The configmap for the Elasticsearch nodes in this cluster + type: string + secretName: + description: The secret for the Elasticsearch nodes in this cluster + type: string + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: "" + kubebuilder.k8s.io: 0.1.10 + name: clusters.clusterregistry.k8s.io + spec: + group: clusterregistry.k8s.io + names: + kind: Cluster + plural: clusters + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authInfo: + properties: + controller: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + user: + properties: + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: object + kubernetesApiEndpoints: + properties: + caBundle: + items: + type: byte + type: string + serverEndpoints: + items: + properties: + clientCIDR: + type: string + serverAddress: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastHeartbeatTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: dnsendpoints.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: DNSEndpoint + plural: dnsendpoints + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + endpoints: + items: + properties: + dnsName: + type: string + labels: + type: object + recordTTL: + format: int64 + type: integer + recordType: + type: string + targets: + items: + type: string + type: array + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedclusters.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedCluster + plural: federatedclusters + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterRef: + type: object + secretRef: + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + region: + type: string + zone: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmaps.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMap + plural: federatedconfigmaps + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapOverride + plural: federatedconfigmapoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedconfigmapplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedConfigMapPlacement + plural: federatedconfigmapplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeployments.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeployment + plural: federateddeployments + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentOverride + plural: federateddeploymentoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federateddeploymentplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedDeploymentPlacement + plural: federateddeploymentplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingresses.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngress + plural: federatedingresses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedingressplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedIngressPlacement + plural: federatedingressplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJob + plural: federatedjobs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjoboverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobOverride + plural: federatedjoboverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + parallelism: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedjobplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedJobPlacement + plural: federatedjobplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatednamespaceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedNamespacePlacement + plural: federatednamespaceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSet + plural: federatedreplicasets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetOverride + plural: federatedreplicasetoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + replicas: + format: int32 + type: integer + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedreplicasetplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedReplicaSetPlacement + plural: federatedreplicasetplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecrets.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecret + plural: federatedsecrets + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretoverrides.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretOverride + plural: federatedsecretoverrides + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + overrides: + items: + properties: + clusterName: + type: string + data: + type: object + type: object + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedsecretplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedSecretPlacement + plural: federatedsecretplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedservices.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedService + plural: federatedservices + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccounts.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccount + plural: federatedserviceaccounts + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + type: object + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceaccountplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServiceAccountPlacement + plural: federatedserviceaccountplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedserviceplacements.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedServicePlacement + plural: federatedserviceplacements + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterNames: + items: + type: string + type: array + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: federatedtypeconfigs.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: FederatedTypeConfig + plural: federatedtypeconfigs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + comparisonField: + type: string + namespaced: + type: boolean + override: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + overridePath: + items: + type: string + type: array + placement: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + propagationEnabled: + type: boolean + target: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + template: + properties: + group: + type: string + kind: + type: string + pluralName: + type: string + version: + type: string + required: + - kind + type: object + required: + - target + - namespaced + - comparisonField + - propagationEnabled + - template + - placement + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterIngressDNSRecord + plural: multiclusteringressdnsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + hosts: + items: + type: string + type: array + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + spec: + group: multiclusterdns.federation.k8s.io + names: + kind: MultiClusterServiceDNSRecord + plural: multiclusterservicednsrecords + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + dnsSuffix: + type: string + federationName: + type: string + recordTTL: + format: int64 + type: integer + type: object + status: + properties: + dns: + items: + properties: + cluster: + type: string + loadBalancer: + type: object + region: + type: string + zone: + type: string + type: object + type: array + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: propagatedversions.core.federation.k8s.io + spec: + group: core.federation.k8s.io + names: + kind: PropagatedVersion + plural: propagatedversions + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + status: + properties: + clusterVersions: + items: + properties: + clusterName: + type: string + version: + type: string + type: object + type: array + overridesVersion: + type: string + templateVersion: + type: string + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + creationTimestamp: null + labels: + api: federation + kubebuilder.k8s.io: 1.0.3 + name: replicaschedulingpreferences.scheduling.federation.k8s.io + spec: + group: scheduling.federation.k8s.io + names: + kind: ReplicaSchedulingPreference + plural: replicaschedulingpreferences + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusters: + type: object + rebalance: + type: boolean + targetKind: + type: string + totalReplicas: + format: int32 + type: integer + required: + - targetKind + - totalReplicas + type: object + status: + type: object + version: v1alpha1 + status: + acceptedNames: + kind: "" + plural: "" + conditions: null + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: meterings.metering.openshift.io + annotations: + catalog.app.coreos.com/description: An instance of Metering + catalog.app.coreos.com/displayName: Metering + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: meterings + singular: metering + kind: Metering + listKind: MeteringList + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prestotables.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering Presto Table" + catalog.app.coreos.com/description: "A table within PrestoDB" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: prestotables + singular: prestotable + kind: PrestoTable + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheusrules.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reports.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering Report" + catalog.app.coreos.com/description: "A metering report summarizes metrics based on the query specified" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reports + kind: Report + additionalPrinterColumns: + - name: Query + type: string + JSONPath: .spec.generationQuery + - name: Schedule + type: string + JSONPath: .spec.schedule.period + - name: Running + type: string + JSONPath: .status.conditions[?(@.type=="Running")].reason + - name: Failed + type: string + JSONPath: .status.conditions[?(@.type=="Failure")].reason + - name: Table Name + type: string + JSONPath: .status.tableName + - name: Last Report Time + type: string + JSONPath: .status.lastReportTime + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportdatasources.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering data source" + catalog.app.coreos.com/description: "A resource describing a source of data for usage by Report Generation Queries" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reportdatasources + singular: reportdatasource + kind: ReportDataSource + shortNames: + - datasource + - datasources + additionalPrinterColumns: + - name: Table Name + type: string + JSONPath: .status.tableName + - name: Earliest Metric + type: string + JSONPath: .status.prometheusMetricImportStatus.earliestImportedMetricTime + - name: Newest Metric + type: string + JSONPath: .status.prometheusMetricImportStatus.newestImportedMetricTime + - name: Last Import Time + type: string + JSONPath: .status.prometheusMetricImportStatus.lastImportTime + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportgenerationqueries.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering generation query" + catalog.app.coreos.com/description: "A SQL query used by Metering to generate reports" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reportgenerationqueries + singular: reportgenerationquery + kind: ReportGenerationQuery + shortNames: + - rgq + additionalPrinterColumns: + - name: View Disabled + type: string + JSONPath: .spec.view.disabled + - name: View Name + type: string + JSONPath: .status.viewName + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: reportprometheusqueries.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering prometheus query" + catalog.app.coreos.com/description: "A Prometheus query by Metering to do metering" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: reportprometheusqueries + singular: reportprometheusquery + kind: ReportPrometheusQuery + shortNames: + - rpq + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: servicemonitors.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: storagelocations.metering.openshift.io + annotations: + catalog.app.coreos.com/displayName: "Metering storage location" + catalog.app.coreos.com/description: "Represents a configurable storage location for Metering to store metering and report data" + spec: + group: metering.openshift.io + version: v1alpha1 + scope: Namespaced + names: + plural: storagelocations + kind: StorageLocation + + clusterServiceVersions: |- + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAIj5JREFUeNrsnX1wVOW9x5/dBBIgLxvAKFFkGape0Zo4tFNfppLcueKlRQlzi0A7HRKsdG5va5Iy3r96b7Ktf9w71Ztgp+OI1Sx3Wt/wDol2ZLRqFjuibaEktmClRQJULOElGxKSAHm553dyTrpJNpvz9pzzPOd8vzPbDUKzZ3fP5/v8fr/neX5PiEHS6qPrWUR5KtP+WK49L1EeUe3n1L+3qnblkdR+7lQex7WfE/rf33xi/O8hyRTCRyAF6GUa1PRcqoFdLthlJjSj6NBMo1MxhnZ8ezAAyDzs5RroZQ6M4J6qcMOW9qJvfqd94MC+jv7f/jpx3VO7YAowACgF+HIN+JUCjur24P9aFVv0RPOE/3bpsML/rNmJ4XNde/s/2Ju4qq4hgbsABhDEEX6t34CfCf50uvLXTjYy0J8Y+vR4a/LlZkQIMABfQl+pjfCV7O8FOhZ0+NPpcudfOofPn2np2RXfu+i/drTg7oEByAz9Wg36SFDetx34p0QHJz5JhnLntPS99Vpr0Te+DTOAAUgR3tcEDXoe8Kczg0t/PtwyOjiwvWDNg0gTYADCQE+gV2ngR4P6OfCEf7IG2n/TmRVZsP2TlTfEsQYBBuAV+OXK02YN/kDLTfhTNXIhyUYGB+LJ53fsxGwCDMAt8An4+iCP9iLAP1lUPLx06GBMSQ/i+FZgADzC/FotzI/gExEL/lQN93QnL33Usf3EhoompAcwALvgRzXoqwC++PBPNoLR/ovx5EvPblfSg058YzAAs+DXI7+XE/7JdYLLx4/G+97+ZQxGAAMwGurX49OQH/7JRhAuiMT+tCSE1AAGgBw/SPCjRgADyAR/FUNVPxDwTzCC5PnO/vfeDvysQSjA4NOqvUbm4w05gN+AEZw7k+j/IFEX1NWFoQCCH9FG/FqgHWz4dfV3/Y31dp1u6v5qWSxoaUEoYPDTGv1m5PmAX9fg4CDr7e1Vfx69kEwOf3q8umTlvS0wAH+BH9XAR7gP+NPCPyEt+OTjxOW3Xq1e8oMfd8IA5Idfn9bDqM8ZfiWXVqfbBg93TPjvWQWFLGd5GctVHuGCiNDwpyh5Zd/bsWsrNzXBAOTN9Xdj1OcHP7X36n2zlfW90aJAb6yGNuu6KJt7RznLv28ty1tVKSr84xrpPpcIFy1YV1xcnIQBINcH/Ip6Xomz7me3G4Z+OmUp0UDRQ7Vs/pYa1yIDM/Dr8nNtIOQz8FHh5wh/35st7HSsTu3j56TcMgIr8E+IBk6f8t1MQchH8Jdpo34ZcHYWfsrrP9tWrYT7fAdASg/oOihFEA3+FLVTgfC6r3+rHQaAkN/38FNh79OH17HhC+4NegvrGtjC2noR4ddFH0Z1cXGx9ClB2Afw02q+3YDfefgp1z+xocJV+ElnGxvUiENQ+Jl2r+3+2x/aG2W/B7Ilz/dR5ecIv1MQWhG9PsnOWgRO8I/ryu/erdVSz3Wy1gXCksJPH3ob4Pcn/E5cB2/4L/3yRdbX8AjT7sE27Z6UTlkSwk8f+B6G3Xtc4Ke5/VPf3cRGLw0Kcb3qUWKhkKnCoIvw67pGeWz8biH7zU971BOUpVFIMvir2FixD+IAP1X7Kee3O7/PQ9e/1GbIBDyAf7KqlXQgjhTAefgbAD8/+Ennn9suJPwkI6mAAPCTmrV7FSmAg/DTnYvFPRzhp8U9NN0nqig6yZQKCAK/rnIlHYgq6UArIgBn4K8CxvzgJ51tjAn/XrqfbRozArHh11Wl3bswAMAvNvw0+uvTbiKL1iNMvk5B4ZfGBMKCgh9RHgcBP3/4ST2v7JTmfZ1/drss8KeawEFt3QoMwAj8bGyOH2v6XYBfNYBdcWneG0UrNDUoCfy6ynpHWNu7JeKZgIgRAOB3EX6Cyendfbx15tWXZIKfKfCzwZGxxWuimYBQBqDlS4DfJfhJtNlHNl367a9lg388EmBjy9dhANPAj5zfRfhVA3h/r3Tv9cqB92SEX1e5EgU0wwAAv+fwk9ze6eeUho78UUb4dVWJYgJhAeBvAPzewC9rCkAa7b0gK/ypJtAYaANIOZYL8gB+mTXy2QmZ4ddVq5hAVSANQNvVh7X9gN+aAZw6KTv8upoVE6gMlAFoe6d3A2PA75UEgT/VBMoCYQDaQh/07wP8tpR1461+gZ9d/WBV5M5D53aPjo5GfG8A2siPuX5B4KdOvDIqlF/oF/jZjY3NLDsyPzpw9OM2XxuA1sCzHCiLM/LLagDZN97iG/h1zVl2U1lvx/5mXxqA1robe/oFC/vn3imfH9PobzYCEB1+XXm3rai6+PGhKl8ZQMqhHZBgOX/u8lLpPpNZK+7yJfzjpnzj8sYzr71c5gsDQNFPXPjVEWdVpXSfy+zy1b6FX1Nk4Zr1zW5sHHIjAqCFPij6CQh/6mtJZQArV/sZfl1lX/r9qUapDQB5v/jwq6+3frM0n03O/RsN5f+Swz9mdFcvqurt2F8ppQGkhP6QwPCrOecd5dLMBuSs2RgI+MdTtNtWNB9/oiEqnQEwnNcnBfy6FtaJvyVj1oq7ZywA+gl+vR6waPN3mqUyAGX0p7C/HEjLAb/++jyO5XY0Utn2o6DBP2Z8C64qP//O67VSGIACP4Ur2OEnEfzjN2y9uIfd5m7ayrIzLP/1K/y6iipW1/NIBXhEAJjykxB+Nb9eXiakCRD487Y9Flj4eaYCjp4NqFX9scvPZfipqWffmy3sysnjaY/2otV+tOCHQvxwwczeTMdwiXJOAFX8C57ePe3oHxD4x9V/5HD1vJtuiQtnAFrV/xhGf3fgH9EOyaA++Wa6+pIJ0LTfTHP/natv9/ycQMCfVtTDbWkoFEqKZgAUO2LOnzP8BD4d4knHZNnp50fTflT5n84IvD4pGPBPr8unP4vnXFNSLYwBaGv9DwJtvvBTD/+/PrzO0T7+FBFc98zuaVMDL9IBwD+zet5PVETuqkjY/T1OFQEbgTZf+AnCY0pY7vQhHtQU9OjdS1VzSSe6XioMZhW4k9nRXH/Rq/sB/0zGfdOtjjBnOwLQGntixR9n+Gkk5ikC/PqX2tSZgHQi46Fr4NVFmEb9edt+lHGlH+CfoupQKBT3zAC0wh+F/lEgLi/8Rk1AjxjoKHGnjIDAn7NpqzrPn2mNP+CfqqGe7mR2YZGtgqBdA2hgWPTDDX6CjApxbopMYNl7x2acLqSUgWYg6BqtpCW0pVd9rFw94+YewJ9RMcUAGlw3AEz78YWfqvA8cn4jyl9Vya59xthyjoGBAZb8/Qds6MA+9bQeatc9/NmJCW27Ka8fe75LbeZJz0Y7+gD+GWVrWjDbxgvXAn4+8JMozPbq1N7eN1vUkX2mvQF0RHdfX59asMu20aUX8NtSpO/DA1QQtJQnWooAtPX+x4A5H/gJfKrMeylaJ0CpQCb4JTyi22/wp4qiANMjhtVpQOT9nOAn9byy0/P3QSY0XaEP8IunkZERS0yaNgBt9K8C6nzgVw1gV1yI99OzayfglwD+oaEhdvZ4Z9XhHz4adSMCqAHq/OCn6rpXuf9k0QYjwC8+/MlkkoXy8lnePavquRqAVvnH6M8JfvWmfbNVmPdFew30NADwiwv/6Oio+ufZi6NVXV1dEW4GwFD55wo/qf/9hFDvjyISwC8+/CrMY1OrpjbkmZ0GRPjPEX7SyIWkUO/xYtdpNgT4uYiiq/4P9k74b0b6NqSDPyVqq3m3hDXdc4oZupEMTwNizT9/+El/WhIS6n3SIh7amQf4nTN4I9u56f6i7dqTuzVngj9F1cXFxXGnUwBM/XGGP0gKIvxUVKX1HWcbG2bs5UB7QNR/2xQzCz8b7uk2zKohA1BG/3KGDT+AH/BbFgFNvRzMNnEhs6DNYEbhJ2UVFkU7X28pdzIC2Izb1h34c5eLdYqa2YM4AX96+O3s6FTN4wf/Zgh+XbOX3lDjiAFg6s/dkT9cINYki9ljuAH/RNGajq5Yne3fM/jCDnblwD7D/z57wVWVRhYGGYkAAL+LYT918BVJWQ5t8glqtZ9G/mGHZnb6Yt8zd98+sLHKCQOoAfzu5fz5q9YKNfo7kQIEFf5M+ymsiLZY05Zrw9HkvLzNtgxAa/YZBfzuibrxiHJQJzXsAPx2cn/nN3Vdeu1F49GbgWLgTBFADeD34LXXi5F1GTmJF/BPLx6rOoePHDJn4kuWbbZjAJWA34vX937SJVyy2Fb4j+W9jMumLuq2ZCqNy8mptGQA2jFfEcDvvsYO7Wjw9Bry6n8C+AU0gNRWa4bSgIJI5ETiV5VWIoC1gN87zd9S41ktgHJ/q6M/4J9o5I7/Tq2/ohnlLi9da8UAKgG/hyF4QcST66HKf179k4BfUAOg1MyCzEUAQQv/RV3eS7vC3Lwu/UguK4t/AH+a74/Dmg6LkVnkyFOPV5qJAFYC/mBd30zn8QF+K9/dZse/IzpHwYry7rlvrRkDqAT8wblOwM8vBZiptboZzZnh9KRMyr7q6nJDBhCUxT+y7eqj612656DjeeVMh3ECfnuie8yJg1Xp+6Hj02woevQXPyszEgGUA34xRasEqVc/TRHavamomJTX8CRyfheigOJ6ewf5qgenKt+V3Y1Z+fc+MIXtUJoIoM3PJuCX/fzUWYa2iVLr7sFpjvaebsTPuX+DrVV+gN+8zr/0HOv694dcTc8ma7j7XGLRTTdXzGQAo4BfLumbTi4d6mC9Hb9LA/1d6ohv5CBOwO+89GYel/e/p+7oM7qYh9Zj0JSsU1uyR3p72DXLbghNawBa5582wC+n0L1XXPhTm3nQ53jptZfYlQPvpR3xCXyK0JxuxkLq37+vIvqVysR4bSEI+T/gB/xeiKC/cOHClE4+BLeegqU2+QjlF3A5ZHVCNFiymBif1gBWAn7AD/idgZ9G/uHh4RlqMne5el3hOXMnMB72cwQA+AG/l/BT+C+aQtnZ5WkNQJv/B/yAH/D7FH71O2jbw94t+TvrYT+O/oAf8AP+qep59UX22X8+MoH1VAMoBfyAH/D7Hv4JrKcaQBngB/yA3/fwT2DdNwYA+AE/4DcE/1QDkL0ACPgBP+A3DL8qvRCoRwBRwA/4AX8w4E+NAsIyh/+AH/ADfkvwjw/6ugGUAn7AD/gDA/848/pS4AjgH9tVR2e4977Ryi4dbp9wpluudmJP3n1rWf6qSu6HeAJ+wM8R/vEIQN0NKNMWYB7w01bas40xU+e40XUsrKvn0vkV8AN+zvCruucUC4W047+7gwg/NdWg01t7lVHfqqg7z8LaesAP+KWCX1MR1QDKggg/hfjHVt9uC37S2cYG9unD61QzAfyAXyL4SWXhoMJ/YkOFY0c3kYnQ77NjAoAf8LsMPylCRcDyoIX9BOuwAyP2BIAVU6F04tpndgN+j+Cn75bMuP/9vaq505/pmZqpkuigjvxVa8f/HHD41QiAagANyg/1QYCfRPCbKfaZvrnrG1nRllrA7yL8BDkVcalJqhFR4Xb+QzXTfk8BgZ8UoxRgSVDgpxuEJ/xjNYGY4VQA8Nsf8btidezo3UsNw68bxmnt/zf5fggQ/KRSMoBoEODX4eQtSi2MvA7gd6aOc/65JluRA/0OMpEAwq/WAMJBgZ8W+PA4r326SAPw84ffzHkImUQmcur7m4MGvyoygIjf4Vdv4jdaXXsfFAX0TTO9CPjth/08irgX/u9/2cWWnwcKfor+hVkHwHttP+/cf8rrvb8X8HMo+P314XWOwz8eJSqf3dCRPwYF/nED8D38er7npiaHp4DfmdSKt5FfbHgkKPCPpwC+h9/t0X+y4QB+Z+RGEZciAPo8gwC/5wbg5y29ugEAfofCcxeLuIPP7wgE/J4aAPbzA35T1+ZiEZeigJHPTvoefs8MwG34c5e7X+ekY7gBv7MRgJu6nNjje/g9MQAvRn5q3sFj337G1yxZDPgdTKd4Vf4zRQF+h991A/Ay7J97R7nLEcBdgN9BA3BbI6dO+h5+Vw3A65w//761rqcAgB8SGX7XDECEgl/eqkrX0oCc+zey8KLFgB8SGn5XDECkaj/18HMl3dj6KOCXXKH8At/Dz90ARJvqo+vhPSOQu2mro6M/4He/fkPKvvFW38PP1QBEneenjj1ZnFp6003j5OgP+FOM1eWp3GwONRzR4OdmACIv8qE6wPUvtTluAqH8Qpb/xE71GfBzuKfWb3Yx/C/kMosjGvxcDECGFX7UE85JE6CRP/L8O46F/oB/qqiI65bmKGlcEOB33ABkWt5LJhDdc9B2fjm7fDUreHo34HchcqP7y43RP9dhAxAVft0A2oMG/+R0gK7b7BQhzfMXPN3C8h9H2O+WqOFqFucj2aiG49T3KTr8ijqpK3Abs9ka3C8be2jbcN8brepzunZTFOpnK7khzfM7XSUG/MZEewKoKQiXAUE19d1BgZ+UsG0AQdjVNzAwwPr6+rj9fsBvEqxX4uoZDE6KDJ3gd2r0lwB+1QAoBegE/NOLtvQCfrFU8C+bWeEPfwr47StJBnAc8E8PP7b0iiW9dXf2V9azQpp5sbnrkgp+AYWf1BEG/IBfNvj11t3q9Osv3rFUuNOLuPO2PRZU+FVRDYDy/zbAD/hlgn/K3/f2sMt796iNPK4c2Kf+OV2oz6uIKyP8itaZMgDAD/hFhD+dqKXXcMqefl79GSSGn1RBBkATq92AH/D7BX43JTH8pKIQ/a9iAqOAH/AD/kDBz+45xUJ6ETAB+AE/4A8O/ExbAawbQBLwA37AHxj4SZ2pBtAB+AE/4A8M/OPMh1PDAcAP+AF/IOCfEgF0An7AD/gDA//4oB/S/0QzAYAf8AP+QMCvzgCkRgCscMOWdsAP+AG//+FPTfnHDaDom99pB/yAH/D7Hv70BjBwYF8H4Af8gN/38JM6phhA/29/nXDr1emsN+q6Q48Rzoc+An7AD/inaJz10ARYDh0czeHUf51aOfXs2qlCP/mkV+rHl7+qkhU9VOPo8V2A375RpzuYk3r0hy325gP83ksvAE41gCOH2nJuWF7uKCSH29npWJ0KvhHRTAQ1fwzbbP4I+M2LorFexaj1voiZjuQmo6aOynToqtGW3YBfjNFfMYCKtAZw8f22BuVLdewAPau92+jmuu6Z3cxqNAL4zYN/tjGmfl/DFlIy+r7o3MVMbbsBvzCKKQbQMKUGoNYBPtib8Bp+PfQ8saFCjR4AP1/4u59rYkfvXsrOK8/DFusx9H3Rd02/J12kB/jFzP+nRACkyyePjdrNwwncY6tvt32ludoJPkbTAcBvbtSn9tpGUzMzWljXwBbW1gN+wfP/KRGAemMM9Nu+I5xq2Uy9+c8/tx3wOwy/btA84CedbWxQ7wHAL/bon9YAhj493mo39B887Nyaou5nm2acKgT85tOrdNV9R+FS7oOjq25jV7rPAX5x1DqjASRfbrY1LFAF2UkNa5VpwO9M2P+pEvYPc157MT6YHPkj64s9AvhligCue2pX++XOv1geHjLB6rSpAH7zqZmT0ZkRUZfewRd2AH7v1ank/+0zGoA66p4/Y4niS5xurnQ3LeA3aaKKMfMwZyPq3/FjtUsv4Bdr9J/WAHp2xfdaDdd5aHK+CvjNixZjeSXq0U8mAPjFyv+nNYBF/7Wj5cqJT5IivgvAb+HmfyXOveg34+f62oueRQGAnyWV8L/FsAGQQrlzTMeLTq7jTxUtOQX81tX97HYh7sKB558G/N5oWpanNYC+t15rtWIAWTbX8KcTLQgC/NbTJ7cLf9OJju4C/OKE/xkNoOgb37aUBhjdGGJGI5//AuC3qD6PCn9pv8dTJ9WpQcAvRvif0QBUMP582PTdU7h+s6NXT8c/Z315FeC3WjM5JFafl2EXDADwGwv/ZzSA0cEB08mjukXUwShg3vcfA/w2UwCRNHLqJOB3VzstG0DBmgfbB9p/Y/oOouaiTtQCZpevVh+A37p4rfe3bEgH9gF+90SLfxKWDYCUFVlgOgqg3Xu0i8+OCdD57Xn1TwJ+CPBzGv0NGcAnK2+IW+nbl6Nt5bUyNUijfsHTu1kovxDwQ4DfuuK2DeDmEyw5MjgQt/LqZAJL9xxk87fUGoscShaz/Md3qg/A70+F8gsAvztqUcL/TtsGQEo+v2On1augdKC4vpEte++Y2uuPioSpqQHN8VMrqUjjz1nRqweQ8zssfRGVKKLUDvC7IkOpe8gwQMf+fGx29HNRHleKRT78RDsAaSmwKMpreJLlrNkI+PmKin9LDQ3QhiE6dDAG+OUL++feuVKoO3PWirsBP38ZZtWwARSseTA+3NOdBPxy5fwipQAU/ocXLQb8fEWMtjhuACpQH3VsB/zywK+OuFr/fhGUc/9GwO9C7q+E/0kuBnBiQ0WTE1EA4HdXTi/PtiKa1clZswHw81eTmX9sygBoSnC0/2Ic8MsDv2oAX6vitlXbqOZs2mp5ahfwG1bczOivGrPZVzjT2BCdv6XmmJWjuwD/zKKlu9RabfhCD+t/PzHh72j6NOeWMgXmJWpYbwZq+r3UDdir0b/o1f2WDADwm9JSI3P/tgyANPDh/ubcz6+oAvz24U89j89szz79UFUK8Y0co+bVlCAt7LKyvgPwmx79TR/IYckAzEYBgD89+HbO45ssWlBFpytnOp+PXpOiADcbhOQqof+8bY8BfgFHf8sGQBodHW1QnuoBv3n4zzbF1ANPeDRRJSMo1lZcem0CVPW3sqEL8Lsz+tsygI+uZ5EbPjx/LKuwKAL4jcFPub1bvflp/wWd2Ds5SqPjurpPHmfnH7qfa3cewO+aktrob2k0CVt9VZoRyLQuAPBPurGVUJ/O43Mr/KbTficfAaaf1Tc8Zx4rfP4dNTznIQr5Ab9r2m4VflsRwHgU0HHuYFZkfhTwN2cM+enATC+UpfVmmH1zadqDOqlBR1/se4506qFlvnO3/cjShh/A7/7ob9sASBd++XJV/lfXNwP+9OqK1amjsZciEyjc0cpCn7s54+eqnuBjwQgI/DlbH1We77J0fYDfsqoV+ON2fkHIiasYOtvVlrXgqnLAPzXsd+qodLsyOhdPdQE6xGNIiQwy1QgIer1lm531/YDfstoV+G+3fV84cSVKFFCW9cUvH7wYygL8+vUquT7l/CKJQnPK/c2ITvMZTokKsm+8xbFmLYDflipm6vfnmgGQ/vaH9sbw1SW1gH9sqo3gF60jL2muEqpTuO61AL8tWZ72m6ywU1fU/dWy2OiFZDLo8JNogY+I8JMoz3frcA7Az0XEmGMnvTpmADQtOPzp8eqgw0/ge130m9EEnvgPwC+v6uxU/bkZAKlk5b0tw598nAgq/ProL7quHHiPa39+wM9NCbtVf64GQLr81qvVWpgSOPhp9Bep/14mDb7wNOCXL/R3fErJcQNY8oMfd17Z93YsaPCrN/krO6W5my4n9qgVfsAvjWJWNvu4bgCkays3NY10n0sECX71Rt8Vl+qOIhMA/NKE/lwKS2FeVxwuWrDOzKyA7PBT+C9q5T9TLQDwBzP0524AxcXFhmcF/NLJRzbxjAAAv2Oq5hH6czcAEs0KjJw+1eR3+NX3cahDyruLx5oAwO+YaMFPC88XCPN+B7RASHlq9zP8JDe77DgpJ3YBAn4uohuqjveLcDcAWiCUbmrQb917Rzh093FDww5GAIDf2bzfyQU/nhkA6bqvf6s9tZDhx9bdskYAgF9I0Wo/V26osFvvqLi4WK0HoG8/4IdmzPvjbr1Ytpvv7JrPl9V9dD2j/tXlgB/wQ1Pzfqd2+QkXAaRoHWP2wxvR4M810Jcf8EMZ1Kk8XD+5xXUDoKKgVg9I+gV+9YO0cFKSCMq2eFw34HdUxMI6N4p+IkQAZALtWiTgm7Bf1ggglF8A+L1XtVtFPyEMQDOBBDO5xFHknD/nllI5IwCTHXwBPxf4W7x68bCX71wxgbjyFJMdftJ0J/GILLPn9QF+x9XkZsVfOAPQTKBBeYrLDD+JDuqULQ2YZSL/B/yOi6b76ry+iLAIn4RiAtXTmYBMU310Sq9MylmzAfB7B78Q/eLDonwi6UxAtnn+vFWVUoX/Rtp7A37HlRAFfqEMIMUE2mWEX08DMh3PLZJyN30b8Lsvy7NfgTAATRUK/O2yrvCjE3llyP1nOsYL8HOBv8KLuX6pDIAWCinwVzCLqwW9Xt5LUcDCugah78S8hicBP+AXNgJg2gdFJpCQCX5d87fUqEYgouhkoExn+QF+53N+UeEnhUT/9N4tYUR0lSzw6xLxbEAK/Que3g343VNcpIKfNBHApGhg2ilCUeEn5SwvY4ueEOeawiWLWf7jccAP+CcoS4ZPsrmXtVbnM9ptc4cM8OuihUGzFkdZ35ut3oZ5+YWs4CcvsqyS6wG/O6IVfv8qw4VmyfKJKibwhmICx5UfK2WAfzwSuLmUDc0vZpfaXvcOfiXsn27NP+B3XLS2/79ludgsmT5ZxQTaFROg9rv/rMCfKzr8o6OjLElHIyy7WRl9F4+dx3f5kmuvT9BHnn8HI787oiLfJgX+F2W66JCMn/S7JazszkPndmdH5kdFh39oaGj8v1EL7osNj7hyPHfupq1s3rbHkPO7o042tp9fusaQIVk/cQWwyMDRj9vmLLupTAb4UzWw48ds4IUdbLS3x/HXpkr/nK2PZlzoA/gdlbBz/L42AF29Hfub825bUSUL/OP/ToF/UDEBp4yAwM+5fwPLWbMx478D/I5Kikq/rw2AdPHjQ1Vzb1zeqPwYkQH+yaJOyXRMF9UIzJgBTe3NXrlaAX+jocYegN/RfL/O6738MIAUnXnt5bKFa9ZTVbBMJvgni0yADusgIxhSny9MAD5rkfJQYM++6daMK/oAP9eQv1rGfN/XBkB6t4RFvvT7U42zr15UJSP8vAT4nQv5tZE/6Zc3FPLjt9Tbsb8y77YVzW6kBIA/MCG/p737eCnsx28rv/QLLSf+J3b7lXNnEoAf8NsU3UO3+xF+30YAqTr/zuu1RRWr652OBgB/IEb9mAJ+k5/fZNjv3+L8f/xKk9PRAOAPzKjf5Pc3GgrSt0rThbOvXtSYXVgUAfzQNKO+L6b3YADTAxzp+/BAo5XFQ4Df14ozn1X4kQKkc7xQKJlf+oVqJS2ouHL+bDvgD7z0pbzVQYM/kBGAlbQA8CPchwH4WLSA6IsfHKvNXRytYZNmCwC/L8HfzsaadiSD/mHAANLUB3Kjy6qyCyKAH3k+DCCIOv5EQ3T+P62pH4wsqBqdMw/w+wN8mtPvxEcBAzCswz98NJp3z6r62YujVWEDx2gBfoAPA/Churq6qC5QO3whWZNVEIkAfuT4MIAAioqF/9DeVTnc012fVVgUBfxCiUb5mPJoAfgwAP532+st5bOX3lCTveCqSsDvqWiTznYF+gQ+ChiAJ3WCwgc2VoXn5W3mFRUA/rSj/U421pIL+T0MQKCoYMmyzaGcnEqnagWAf0JuT6P9Toz2MADhdSLxq8rc5aVr2dhBJhHAbwv6Vr/ux4cBBEBHnnq8Mu+e+9ZmX3V1ufLHKOCfMbxPAHoYgC919Bc/K8u/94Hy4e5za0PZ2eXp1hcEEH4VeHr2S7NNGABkuG4wq2RxeXjO3JVkCL1te4IAPwG/VwMe+TwMANJFx54pT5QqlLKxFudlkr+ldu3RgREeBgBZN4UyrX5Qqj2XCQh6pwY6PbcDdhgAxNcYIpoRRFIMoZT9fdYhygwWHTNlKdqDlNQA14FPaqBj5Z2k+n8BBgCYs/pPRyOn1wAAAABJRU5ErkJggg== + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: clusterlogging.v0.0.1 + namespace: placeholder + annotations: + olm-examples: '[{"apiVersion": "logging.openshift.io/v1alpha1","kind": "ClusterLogging","metadata":{"name": "example","annotations":{"io.openshift.clusterlogging.alpha/allinone": ""}},"spec": {"logStore":{"type": "elasticsearch","elasticsearch":{"replicas":1,"storage":{"emptyDir": {}}}},"visualization":{"type": "kibana","kibana":{"replicas": 1}},"curation":{"type": "curator","curator": {"schedule": "30 3 * * *"}},"collection": {"logCollection":{"type": "fluentd","fluentd":{"nodeSelector":{"logging-infra-fluentd: "true"}}}}}]' + test: "yes" + spec: + displayName: Cluster Logging + + description: | + The Cluster Logging Operator for OKD provides a means for configuring and managing your aggregated logging stack. + + Once installed, the Cluster Logging Operator provides the following features: + * **Create/Destroy**: Launch and create an aggregated logging stack in the `openshift-logging` namespace. + * **Simplified Configuration**: Configure your aggregated logging cluster's structure like components and end points easily. + + keywords: ['elasticsearch', 'kibana', 'fluentd', 'logging', 'aggregated', 'efk'] + + maintainers: + - name: Red Hat + email: aos-logging@redhat.com + + provider: + name: Red Hat + + links: + - name: Elastic + url: https://www.elastic.co/ + - name: Fluentd + url: https://www.fluentd.org/ + - name: Documentation + url: https://github.com/openshift/cluster-logging-operator/blob/master/README.md + - name: Cluster Logging Operator + url: https://github.com/openshift/cluster-logging-operator + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: cluster-logging-operator + rules: + - apiGroups: + - logging.openshift.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + - apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - "*" + - apiGroups: + - batch + resources: + - cronjobs + verbs: + - "*" + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - "*" + - serviceAccountName: elasticsearch-operator + rules: + - apiGroups: + - logging.openshift.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - pods/exec + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + - apiGroups: + - monitoring.coreos.com + resources: + - prometheusrules + - servicemonitors + verbs: + - "*" + clusterPermissions: + - serviceAccountName: cluster-logging-operator + rules: + - apiGroups: + - scheduling.k8s.io + resources: + - priorityclasses + verbs: + - "*" + - apiGroups: + - oauth.openshift.io + resources: + - oauthclients + verbs: + - "*" + deployments: + - name: cluster-logging-operator + spec: + replicas: 1 + selector: + matchLabels: + name: cluster-logging-operator + template: + metadata: + labels: + name: cluster-logging-operator + spec: + serviceAccountName: cluster-logging-operator + containers: + - name: cluster-logging-operator + image: quay.io/openshift/cluster-logging-operator:latest + imagePullPolicy: IfNotPresent + command: + - cluster-logging-operator + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: "cluster-logging-operator" + - name: ELASTICSEARCH_IMAGE + value: "docker.io/openshift/origin-logging-elasticsearch5:latest" + - name: FLUENTD_IMAGE + value: "docker.io/openshift/origin-logging-fluentd:latest" + - name: KIBANA_IMAGE + value: "docker.io/openshift/origin-logging-kibana5:latest" + - name: CURATOR_IMAGE + value: "docker.io/openshift/origin-logging-curator5:latest" + - name: OAUTH_PROXY_IMAGE + value: "docker.io/openshift/oauth-proxy:latest" + - name: RSYSLOG_IMAGE + value: "docker.io/viaq/rsyslog:latest" + - name: elasticsearch-operator + spec: + replicas: 1 + selector: + matchLabels: + name: elasticsearch-operator + template: + metadata: + labels: + name: elasticsearch-operator + spec: + serviceAccountName: elasticsearch-operator + containers: + - name: elasticsearch-operator + image: quay.io/openshift/elasticsearch-operator:latest + imagePullPolicy: IfNotPresent + command: + - elasticsearch-operator + ports: + - containerPort: 60000 + name: metrics + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: "elasticsearch-operator" + maturity: alpha + version: 0.0.1 + customresourcedefinitions: + owned: + - name: clusterloggings.logging.openshift.io + version: v1alpha1 + kind: ClusterLogging + displayName: Cluster Logging + description: A Cluster Logging instance + resources: + - kind: Deployment + version: v1 + - kind: DaemonSet + version: v1 + - kind: CronJob + version: v1beta1 + - kind: ReplicaSet + version: v1 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + - kind: Secret + version: v1 + - kind: Service + version: v1 + - kind: Route + version: v1 + - kind: Elasticsearch + version: v1alpha1 + specDescriptors: + - description: The desired number of Kibana Pods for the Visualization component + displayName: Kibana Size + path: visualization.kibana.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Resource requirements for the Kibana pods + displayName: Kibana Resource Requirements + path: visualization.kibana.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Kibana Visualization component + displayName: Kibana Node Selector + path: visualization.kibana.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: The desired number of Elasticsearch Pods for the Log Storage component + displayName: Elasticsearch Size + path: logStore.elasticsearch.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Resource requirements for the Elasticsearch pods + displayName: Elasticsearch Resource Requirements + path: logStore.elasticsearch.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Elasticsearch Log Storage component + displayName: Elasticsearch Node Selector + path: logStore.elasticsearch.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: Resource requirements for the Fluentd pods + displayName: Fluentd Resource Requirements + path: collection.logCollection.fluentd.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Fluentd log collection component + displayName: Fluentd node selector + path: collection.logCollection.fluentd.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: Resource requirements for the Rsyslog pods + displayName: Rsyslog Resource Requirements + path: collection.logCollection.rsyslog.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Rsyslog log collection component + displayName: Rsyslog node selector + path: collection.logCollection.rsyslog.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: Resource requirements for the Curator pods + displayName: Curator Resource Requirements + path: curation.curator.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The node selector to use for the Curator component + displayName: Curator Node Selector + path: curation.curator.nodeSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:nodeSelector' + - description: The cron schedule for the Curator component + displayName: Curation Schedule + path: curation.curator.schedule + statusDescriptors: + - description: The status for each of the Kibana pods for the Visualization component + displayName: Kibana Status + path: visualization.kibanaStatus.pods + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch Client pods for the Log Storage component + displayName: Elasticsearch Client Pod Status + path: logStore.elasticsearchStatus.pods.client + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch Data pods for the Log Storage component + displayName: Elasticsearch Data Pod Status + path: logStore.elasticsearchStatus.pods.data + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch Master pods for the Log Storage component + displayName: Elasticsearch Master Pod Status + path: logStore.elasticsearchStatus.pods.master + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The cluster status for each of the Elasticsearch Clusters for the Log Storage component + displayName: Elasticsearch Cluster Health + path: logstore.elasticsearchStatus.clusterHealth + - description: The status for each of the Fluentd pods for the Log Collection component + displayName: Fluentd status + path: collection.logCollection.fluentdStatus.pods + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Rsyslog pods for the Log Collection component + displayName: Rsyslog status + path: collection.logCollection.rsyslogStatus.pods + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - name: elasticsearches.logging.openshift.io + version: v1alpha1 + kind: Elasticsearch + displayName: Elasticsearch + description: An Elasticsearch cluster instance + resources: + - kind: Deployment + version: v1 + - kind: StatefulSet + version: v1 + - kind: ReplicaSet + version: v1 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + - kind: Service + version: v1 + - kind: Route + version: v1 + specDescriptors: + - description: The name of the serviceaccount used by the Elasticsearch pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: The name of the configmap used by the Elasticsearch pods + displayName: Config Map + path: configMapName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ConfigMap' + - description: The name of the secret used by the Elasticsearch pods + displayName: Secret + path: secretName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: nodeSpec.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current health of Elasticsearch Cluster + displayName: Elasticsearch Cluster Health + path: clusterHealth + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: The status for each of the Elasticsearch pods with the Client role + displayName: Elasticsearch Client Status + path: pods.client + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch pods with the Data role + displayName: Elasticsearch Data Status + path: pods.data + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The status for each of the Elasticsearch pods with the Master role + displayName: Elasticsearch Master Status + path: pods.master + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + categories: openshift optional + certifiedLevel: Primed + containerImage: registry.svc.ci.openshift.org/openshift/origin-v4.0:descheduler-operator + createdAt: 2019/11/15 + description: An operator to run the OpenShift descheduler + healthIndex: B + repository: https://github.com/openshift/descheduler-operator + support: Red Hat + name: descheduler.v0.0.1 + namespace: openshift-descheduler-operator + spec: + description: | + # Descheduler for Kubernetes + + ## Introduction + + Scheduling in Kubernetes is the process of binding pending pods to nodes, and is performed by + a component of Kubernetes called kube-scheduler. The scheduler's decisions, whether or where a + pod can or can not be scheduled, are guided by its configurable policy which comprises of set of + rules, called predicates and priorities. The scheduler's decisions are influenced by its view of + a Kubernetes cluster at that point of time when a new pod appears first time for scheduling. + As Kubernetes clusters are very dynamic and their state change over time, there may be desired + to move already running pods to some other nodes for various reasons + + * Some nodes are under or over utilized. + * The original scheduling decision does not hold true any more, as taints or labels are added to + or removed from nodes, pod/node affinity requirements are not satisfied any more. + * Some nodes failed and their pods moved to other nodes. + New nodes are added to clusters. + + Consequently, there might be several pods scheduled on less desired nodes in a cluster. + Descheduler, based on its policy, finds pods that can be moved and evicts them. Please + note, in current implementation, descheduler does not schedule replacement of evicted pods + but relies on the default scheduler for that. + + ## Note + + Any api could be changed any time with out any notice. That said, your feedback is + very important and appreciated to make this project more stable and useful. + + customresourcedefinitions: + owned: + - description: Represents an instance of a Descheduler application + displayName: Descheduler Operator + kind: Descheduler + name: deschedulers.descheduler.io + version: v1alpha1 + displayName: Descheduler + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - services + - pods + - configmaps + - secrets + - names + - nodes + - pods/eviction + verbs: + - '*' + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - batch + - extensions + resources: + - jobs + verbs: + - '*' + - apiGroups: + - descheduler.io + resources: + - '*' + verbs: + - '*' + serviceAccountName: openshift-descheduler + deployments: + - name: descheduler-operator + spec: + replicas: 1 + selector: + matchLabels: + app: descheduler-operator + template: + metadata: + labels: + app: descheduler-operator + spec: + containers: + - command: + - descheduler-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: descheduler-operator + image: registry.svc.ci.openshift.org/openshift/origin-v4.0:descheduler-operator + imagePullPolicy: Always + name: descheduler-operator + restartPolicy: Always + serviceAccount: openshift-descheduler + serviceAccountName: openshift-descheduler + terminationGracePeriodSeconds: 5 + strategy: deployment + labels: + olm-owner-enterprise-app: descheduler-operator + olm-status-descriptors: descheduler.v0.0.1 + maintainers: + - email: support@redhat.com + name: Red Hat + provider: + name: Red Hat + version: 0.0.1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' + spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: federationv2.v0.0.2 + namespace: placeholder + spec: + displayName: FederationV2 + description: | + Kubernetes Federation V2 namespace-scoped installation + version: 0.0.2 + maturity: alpha + provider: + name: Red Hat, Inc + labels: + alm-owner-federationv2: federationv2 + alm-status-descriptors: federationv2.v0.0.2 + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: federation-controller-manager + rules: + - apiGroups: + - clusterregistry.k8s.io + resources: + - clusters + verbs: + - "*" + - apiGroups: + - core.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - multiclusterdns.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - scheduling.federation.k8s.io + resources: + - "*" + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - "*" + # TODO(font): use statefulset + deployments: + - name: federation-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app: federation-controller-manager + template: + metadata: + labels: + app: federation-controller-manager + spec: + containers: + - name: controller-manager + image: quay.io/kubernetes-multicluster/federation-v2:v0.0.2-rc.1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + command: + - /root/controller-manager + args: + - --federation-namespace=$(FEDERATION_NAMESPACE) + - --install-crds=false + - --limited-scope=true + - --registry-namespace=$(CLUSTER_REGISTRY_NAMESPACE) + imagePullPolicy: Always + env: + - name: FEDERATION_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_REGISTRY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Always + terminationGracePeriodSeconds: 5 + serviceAccountName: federation-controller-manager + serviceAccount: federation-controller-manager + customresourcedefinitions: + owned: + # TODO(font): Move Cluster CRD to required once OLM supports CSVs + # without a deployment. + - description: Represents an instance of a Cluster Registry + displayName: Cluster Registry Application + kind: Cluster + name: clusters.clusterregistry.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedCluster resource + displayName: FederatedCluster Resource + kind: FederatedCluster + name: federatedclusters.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMap resource + displayName: FederatedConfigMap Resource + kind: FederatedConfigMap + name: federatedconfigmaps.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapOverride resource + displayName: FederatedConfigMapOverride Resource + kind: FederatedConfigMapOverride + name: federatedconfigmapoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedConfigMapPlacement resource + displayName: FederatedConfigMapPlacement Resource + kind: FederatedConfigMapPlacement + name: federatedconfigmapplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeployment resource + displayName: FederatedDeployment Resource + kind: FederatedDeployment + name: federateddeployments.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentOverride resource + displayName: FederatedDeploymentOverride Resource + kind: FederatedDeploymentOverride + name: federateddeploymentoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedDeploymentPlacement resource + displayName: FederatedDeploymentPlacement Resource + kind: FederatedDeploymentPlacement + name: federateddeploymentplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngress resource + displayName: FederatedIngress Resource + kind: FederatedIngress + name: federatedingresses.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedIngressPlacement resource + displayName: FederatedIngressPlacement Resource + kind: FederatedIngressPlacement + name: federatedingressplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJob resource + displayName: FederatedJob Resource + kind: FederatedJob + name: federatedjobs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobOverride resource + displayName: FederatedJobOverride Resource + kind: FederatedJobOverride + name: federatedjoboverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedJobPlacement resource + displayName: FederatedJobPlacement Resource + kind: FederatedJobPlacement + name: federatedjobplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedNamespacePlacement resource + displayName: FederatedNamespacePlacement Resource + kind: FederatedNamespacePlacement + name: federatednamespaceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSet resource + displayName: FederatedReplicaSet Resource + kind: FederatedReplicaSet + name: federatedreplicasets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetOverride resource + displayName: FederatedReplicaSetOverride Resource + kind: FederatedReplicaSetOverride + name: federatedreplicasetoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedReplicaSetPlacement resource + displayName: FederatedReplicaSetPlacement Resource + kind: FederatedReplicaSetPlacement + name: federatedreplicasetplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecret resource + displayName: FederatedSecret Resource + kind: FederatedSecret + name: federatedsecrets.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretOverride resource + displayName: FederatedSecretOverride Resource + kind: FederatedSecretOverride + name: federatedsecretoverrides.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedSecretPlacement resource + displayName: FederatedSecretPlacement Resource + kind: FederatedSecretPlacement + name: federatedsecretplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedService resource + displayName: FederatedService Resource + kind: FederatedService + name: federatedservices.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccount resource + displayName: FederatedServiceAccount Resource + kind: FederatedServiceAccount + name: federatedserviceaccounts.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServiceAccountPlacement resource + displayName: FederatedServiceAccountPlacement Resource + kind: FederatedServiceAccountPlacement + name: federatedserviceaccountplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederatedServicePlacement resource + displayName: FederatedServicePlacement Resource + kind: FederatedServicePlacement + name: federatedserviceplacements.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a FederationV2 sync controller + displayName: FederationV2 Push Reconciler Application + kind: FederatedTypeConfig + name: federatedtypeconfigs.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a PropagatedVersion resource + displayName: PropagatedVersion Resource + kind: PropagatedVersion + name: propagatedversions.core.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a DNSEndpoint resource + displayName: DNSEndpoint Resource + kind: DNSEndpoint + name: dnsendpoints.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterIngressDNSRecord resource + displayName: MultiClusterIngressDNSRecord Resource + kind: MultiClusterIngressDNSRecord + name: multiclusteringressdnsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a MultiClusterServiceDNSRecord resource + displayName: MultiClusterServiceDNSRecord Resource + kind: MultiClusterServiceDNSRecord + name: multiclusterservicednsrecords.multiclusterdns.federation.k8s.io + version: v1alpha1 + - description: Represents an instance of a ReplicaSchedulingPreference resource + displayName: ReplicaSchedulingPreference Resource + kind: ReplicaSchedulingPreference + name: replicaschedulingpreferences.scheduling.federation.k8s.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: metering-operator.v0.12.0 + namespace: placeholder + labels: + operator-metering: "true" + spec: + displayName: Metering + description: Metering can generate reports based on historical usage data from a cluster, providing accountability for how resources have been used. + keywords: [metering metrics reporting] + version: 0.12.0 + maturity: alpha + maintainers: + - email: sd-operator-metering@redhat.com + name: Red Hat + provider: + name: Red Hat + labels: + alm-owner-metering: metering-operator + alm-status-descriptors: metering-operator.v0.12.0 + selector: + matchLabels: + alm-owner-metering: metering-operator + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: false + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: false + install: + strategy: deployment + spec: + permissions: + - rules: + - apiGroups: + - metering.openshift.io + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/attach + - pods/exec + - pods/portforward + - pods/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - replicationcontrollers + - replicationcontrollers/scale + - secrets + - serviceaccounts + - services + - services/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/rollback + - deployments/scale + - statefulsets + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/rollback + - deployments/scale + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - get + - list + - watch + - update + - delete + serviceAccountName: metering-operator + deployments: + - name: metering-operator + spec: + replicas: 1 + selector: + matchLabels: + app: metering-operator + strategy: + type: Recreate + template: + metadata: + labels: + app: metering-operator + spec: + containers: + - args: + - run-operator.sh + env: + - name: HELM_RELEASE_CRD_NAME + value: Metering + - name: HELM_RELEASE_CRD_API_GROUP + value: metering.openshift.io + - name: HELM_CHART_PATH + value: /openshift-metering-0.1.0.tgz + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: HELM_HOST + value: 127.0.0.1:44134 + - name: HELM_WAIT + value: "false" + - name: HELM_RECONCILE_INTERVAL_SECONDS + value: "30" + - name: RELEASE_HISTORY_LIMIT + value: "3" + image: quay.io/coreos/metering-helm-operator:0.12.0 + imagePullPolicy: Always + name: metering-operator + resources: + limits: + cpu: 50m + memory: 25Mi + requests: + cpu: 50m + memory: 25Mi + - args: + - tiller + env: + - name: TILLER_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TILLER_HISTORY_MAX + value: "3" + image: quay.io/coreos/metering-helm-operator:0.12.0 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: tiller + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readiness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 50m + memory: 100Mi + requests: + cpu: 50m + memory: 50Mi + restartPolicy: Always + securityContext: + runAsNonRoot: true + serviceAccount: metering-operator + terminationGracePeriodSeconds: 30 + customresourcedefinitions: + owned: + - description: An instance of Metering + displayName: Metering + kind: Metering + name: meterings.metering.openshift.io + version: v1alpha1 + - description: A table within PrestoDB + displayName: Metering Presto Table + kind: PrestoTable + name: prestotables.metering.openshift.io + version: v1alpha1 + - description: A resource describing a source of data for usage by Report Generation + Queries + displayName: Metering data source + kind: ReportDataSource + name: reportdatasources.metering.openshift.io + version: v1alpha1 + - description: A SQL query used by Metering to generate reports + displayName: Metering generation query + kind: ReportGenerationQuery + name: reportgenerationqueries.metering.openshift.io + version: v1alpha1 + - description: A Prometheus query by Metering to do metering + displayName: Metering prometheus query + kind: ReportPrometheusQuery + name: reportprometheusqueries.metering.openshift.io + version: v1alpha1 + - description: A metering report for a specific time interval + displayName: Metering Report + kind: Report + name: reports.metering.openshift.io + version: v1alpha1 + - description: Represents a configurable storage location for Metering to store metering + and report data + displayName: Metering storage location + kind: StorageLocation + name: storagelocations.metering.openshift.io + version: v1alpha1 + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder + spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' + spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + - kind: Service + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + - kind: Service + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + + - #! validate-crd: deploy/chart/templates/0000_30_02-clusterserviceversion.crd.yaml + #! parse-kind: ClusterServiceVersion + apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: svcat.v0.1.34 + namespace: placeholder + spec: + displayName: Service Catalog + description: Service Catalog lets you provision cloud services directly from the comfort of native Kubernetes tooling. This project is in incubation to bring integration with service brokers to the Kubernetes ecosystem via the Open Service Broker API. + keywords: ['catalog', 'service', 'svcat', 'osb', 'broker'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Documentation + url: https://svc-cat.io/docs + - name: Service Catalog + url: https://github.com/kubernetes-incubator/service-catalog + + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: service-catalog-controller + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-info"] + verbs: ["get","create","list","watch","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create", "list", "watch", "get", "update"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["service-catalog-controller-manager"] + verbs: ["get","update"] + clusterPermissions: + - serviceAccountName: service-catalog-controller + rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["create","patch","update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get","create","update","delete","list","watch","patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get","list","update", "patch", "watch", "delete", "initialize"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterserviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceinstances","servicebindings"] + verbs: ["get","list","watch", "update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["clusterservicebrokers/status","clusterserviceclasses/status","clusterserviceplans/status","serviceinstances/status","serviceinstances/reference","servicebindings/status","servicebindings/finalizers"] + verbs: ["update"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceclasses"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["serviceplans"] + verbs: ["get","list","watch","create","patch","update","delete"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers"] + verbs: ["get","list","watch"] + - apiGroups: ["servicecatalog.k8s.io"] + resources: ["servicebrokers/status","serviceclasses/status","serviceplans/status"] + verbs: ["update"] + - serviceAccountName: service-catalog-apiserver + rules: + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["extension-apiserver-authentication"] + verbs: ["get"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authentication.k8s.io"] + resources: ["tokenreviews"] + verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] + deployments: + - name: apiserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: apiserver + template: + metadata: + labels: + app: apiserver + spec: + serviceAccountName: service-catalog-apiserver + containers: + - name: apiserver + image: quay.io/openshift/origin-service-catalog:v4.0.0 + imagePullPolicy: IfNotPresent + command: ["/usr/bin/service-catalog"] + resources: + limits: + cpu: 100m + memory: 140Mi + requests: + cpu: 100m + memory: 40Mi + args: + - apiserver + - --enable-admission-plugins + - "NamespaceLifecycle,DefaultServicePlan,ServiceBindingsLifecycle,ServicePlanChangeValidator,BrokerAuthSarCheck" + - --secure-port + - "5443" + - --etcd-servers + - http://localhost:2379 + - -v + - "3" + - --feature-gates + - OriginatingIdentity=true + - --feature-gates + - NamespacedServiceBroker=true + ports: + - containerPort: 5443 + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + readinessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 30 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + livenessProbe: + httpGet: + port: 5443 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + - name: etcd + image: quay.io/coreos/etcd:latest + imagePullPolicy: Always + resources: + limits: + cpu: 100m + memory: 150Mi + requests: + cpu: 100m + memory: 50Mi + env: + - name: ETCD_DATA_DIR + value: /etcd-data-dir + command: + - /usr/local/bin/etcd + - --listen-client-urls + - http://0.0.0.0:2379 + - --advertise-client-urls + - http://localhost:2379 + ports: + - containerPort: 2379 + volumeMounts: + - name: etcd-data-dir + mountPath: /etcd-data-dir + readinessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 1 + initialDelaySeconds: 30 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + livenessProbe: + httpGet: + port: 2379 + path: /health + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + volumes: + - name: etcd-data-dir + emptyDir: {} + - name: controller-manager + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: controller-manager + template: + metadata: + labels: + app: controller-manager + spec: + serviceAccountName: service-catalog-controller + containers: + - name: controller-manager + image: quay.io/openshift/origin-service-catalog:v4.0.0 + imagePullPolicy: IfNotPresent + command: ["/usr/bin/service-catalog"] + resources: + limits: + cpu: 100m + memory: 150Mi + requests: + cpu: 100m + memory: 100Mi + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - controller-manager + - --secure-port + - "8444" + - -v + - "3" + - --leader-election-namespace + - kube-service-catalog + - --leader-elect-resource-lock + - configmaps + - --cluster-id-configmap-namespace=kube-service-catalog + - --broker-relist-interval + - "5m" + - --feature-gates + - "OriginatingIdentity=true" + - --feature-gates + - "AsyncBindingOperations=true" + - --feature-gates + - "NamespacedServiceBroker=true" + ports: + - containerPort: 8444 + readinessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 1 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + port: 8444 + path: /healthz + scheme: HTTPS + failureThreshold: 3 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + # The following apiservice-cert is borrowed from the apiservice - it should be + # replaced with one specific for the controller manager. How to create service + # for controller manager?? + volumeMounts: + - name: apiservice-cert + mountPath: /var/run/kubernetes-service-catalog + volumes: + - name: apiservice-cert + secret: + defaultMode: 420 + items: + - key: tls.crt + path: apiserver.crt + - key: tls.key + path: apiserver.key + secretName: v1beta1.servicecatalog.k8s.io-cert + maturity: alpha + version: 0.1.34 + apiservicedefinitions: + owned: + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceClass + name: clusterserviceclasses + displayName: ClusterServiceClass + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServicePlan + name: clusterserviceplans + displayName: ClusterServicePlan + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ClusterServiceBroker + name: clusterservicebrokers + displayName: ClusterServiceBroker + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceInstance + name: serviceinstances + displayName: ServiceInstance + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBinding + name: servicebindings + displayName: ServiceBinding + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceClass + name: serviceclasses + displayName: ServiceClass + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServicePlan + name: serviceplans + displayName: ServicePlan + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + - group: servicecatalog.k8s.io + version: v1beta1 + kind: ServiceBroker + name: servicebrokers + displayName: ServiceBroker + description: A service catalog resource + deploymentName: apiserver + containerPort: 5443 + + packages: |- + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0.clusterserviceversion.yaml + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/clusterlogging.v0.0.1.clusterserviceversion.yaml + packageName: cluster-logging + channels: + - name: preview + currentCSV: clusterlogging.v0.0.1 + + - packageName: descheduler + channels: + - name: alpha + currentCSV: descheduler.v0.0.1 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml + packageName: etcd + channels: + - name: alpha + currentCSV: etcdoperator.v0.9.2 + + - packageName: federationv2 + channels: + - name: alpha + currentCSV: federationv2.v0.0.2 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/metering-operator.v0.12.0.clusterserviceversion.yaml + packageName: metering + channels: + - name: alpha + currentCSV: metering-operator.v0.12.0 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml + packageName: prometheus + channels: + - name: preview + currentCSV: prometheusoperator.0.22.2 + + - #! package-manifest: deploy/chart/catalog_resources/rh-operators/svcat.v0.1.34.clusterserviceversion.yaml + packageName: svcat + channels: + - name: alpha + currentCSV: svcat.v0.1.34 + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_09-rh-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_09-rh-operators.catalogsource.yaml new file mode 100644 index 000000000..cf3f00884 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_09-rh-operators.catalogsource.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_09-rh-operators.catalogsource.yaml + +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: rh-operators + namespace: olm +spec: + sourceType: internal + configMap: rh-operators + displayName: Red Hat Operators + publisher: Red Hat + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_10-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_10-olm-operator.deployment.yaml new file mode 100644 index 000000000..aaa0573b0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_10-olm-operator.deployment.yaml @@ -0,0 +1,46 @@ +##--- +# Source: olm/templates/0000_30_10-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + image: quay.io/coreos/olm@sha256:1639d570809c5827810a1870763016e8c046283632d47e0b47183c82f8e515f2 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_11-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_11-catalog-operator.deployment.yaml new file mode 100644 index 000000000..5aae85380 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_11-catalog-operator.deployment.yaml @@ -0,0 +1,41 @@ +##--- +# Source: olm/templates/0000_30_11-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - olm + image: quay.io/coreos/olm@sha256:1639d570809c5827810a1870763016e8c046283632d47e0b47183c82f8e515f2 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_12-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_12-aggregated.clusterrole.yaml new file mode 100644 index 000000000..e91d70cb0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_12-aggregated.clusterrole.yaml @@ -0,0 +1,26 @@ +##--- +# Source: olm/templates/0000_30_12-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "view" default roles + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_13-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_13-operatorgroup.crd.yaml new file mode 100644 index 000000000..995ab2e07 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_13-operatorgroup.crd.yaml @@ -0,0 +1,86 @@ +##--- +# Source: olm/templates/0000_30_13-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + targetNamespaces: + type: array + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - namespaces + - lastUpdated + type: object + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_14-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_14-olm-operators.configmap.yaml new file mode 100644 index 000000000..78a3d910e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_14-olm-operators.configmap.yaml @@ -0,0 +1,128 @@ +##--- +# Source: olm/templates/0000_30_14-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: olm + +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.8.0 + namespace: olm + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/packageserver + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.apps.redhat.com" + resources: + - packagemanifests + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + deployments: + - name: packageserver + spec: + replicas: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - olm + image: quay.io/coreos/olm@sha256:1639d570809c5827810a1870763016e8c046283632d47e0b47183c82f8e515f2 + imagePullPolicy: Always + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.8.0 + apiservicedefinitions: + owned: + - group: packages.apps.redhat.com + version: v1alpha1 + kind: PackageManifest + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.8.0 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_15-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_15-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..7f50890e5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_15-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/0000_30_15-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: olm +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_16-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_16-operatorgroup-default.yaml new file mode 100644 index 000000000..bd30009a8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_16-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +##--- +# Source: olm/templates/0000_30_16-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: global-operators + namespace: operators +--- +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: olm +spec: + targetNamespaces: + - olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_17-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_17-packageserver.subscription.yaml new file mode 100644 index 000000000..301e02cc5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.0/0000_30_17-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +##--- +# Source: olm/templates/0000_30_17-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/04-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: olm +spec: + source: olm-operators + sourceNamespace: olm + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..e86d3aae1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_00-namespace.yaml @@ -0,0 +1,15 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm + labels: + openshift.io/run-level: "1" +--- +apiVersion: v1 +kind: Namespace +metadata: + name: operators + labels: + openshift.io/run-level: "1" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..1a2e303d8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_02-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_02-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..3a8453efe --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_02-clusterserviceversion.crd.yaml @@ -0,0 +1,767 @@ +--- +# Source: olm/templates/0000_50_olm_02-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_03-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_03-installplan.crd.yaml new file mode 100644 index 000000000..c7b8eab72 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_03-installplan.crd.yaml @@ -0,0 +1,79 @@ +--- +# Source: olm/templates/0000_50_olm_03-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_04-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_04-subscription.crd.yaml new file mode 100644 index 000000000..24d3648b6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_04-subscription.crd.yaml @@ -0,0 +1,74 @@ +--- +# Source: olm/templates/0000_50_olm_04-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_05-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_05-catalogsource.crd.yaml new file mode 100644 index 000000000..c8a64bb13 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_05-catalogsource.crd.yaml @@ -0,0 +1,129 @@ +--- +# Source: olm/templates/0000_50_olm_05-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_06-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_06-olm-operator.deployment.yaml new file mode 100644 index 000000000..9d581350d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_06-olm-operator.deployment.yaml @@ -0,0 +1,52 @@ +--- +# Source: olm/templates/0000_50_olm_06-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - "" + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_07-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_07-catalog-operator.deployment.yaml new file mode 100644 index 000000000..9685da1d2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_07-catalog-operator.deployment.yaml @@ -0,0 +1,45 @@ +--- +# Source: olm/templates/0000_50_olm_07-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - olm + - -configmapServerImage=quay.io/operatorframework/configmap-operator-registry:latest + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_08-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_08-aggregated.clusterrole.yaml new file mode 100644 index 000000000..1d07e091a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_08-aggregated.clusterrole.yaml @@ -0,0 +1,28 @@ +--- +# Source: olm/templates/0000_50_olm_08-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_09-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_09-operatorgroup.crd.yaml new file mode 100644 index 000000000..3bac32d2b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_09-operatorgroup.crd.yaml @@ -0,0 +1,96 @@ +--- +# Source: olm/templates/0000_50_olm_09-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - namespaces + - lastUpdated + type: object + required: + - metadata \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_10-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_10-olm-operators.configmap.yaml new file mode 100644 index 000000000..d576559e3 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_10-olm-operators.configmap.yaml @@ -0,0 +1,128 @@ +--- +# Source: olm/templates/0000_50_olm_10-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: olm + +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.8.1 + namespace: olm + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.apps.redhat.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + replicas: 2 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - olm + image: quay.io/operator-framework/olm@sha256:4b7dec341fc754fdd2c8784ca7d81747ebbb2b87866b9e61ebbebc8c5614cfdc + imagePullPolicy: Always + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.8.1 + apiservicedefinitions: + owned: + - group: packages.apps.redhat.com + version: v1alpha1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.8.1 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_11-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_11-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..d1da93702 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_11-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: olm +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_12-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_12-operatorgroup-default.yaml new file mode 100644 index 000000000..4e9a73068 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_12-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_12-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: global-operators + namespace: operators +--- +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: olm +spec: + targetNamespaces: + - olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_13-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_13-packageserver.subscription.yaml new file mode 100644 index 000000000..d36d4bb1b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_13-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_13-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/04-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: olm +spec: + source: olm-operators + sourceNamespace: olm + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_17-upstream-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_17-upstream-operators.catalogsource.yaml new file mode 100644 index 000000000..710d22224 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.8.1/0000_50_olm_17-upstream-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_17-upstream-operators.catalogsource.yaml + +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: operatorhubio-catalog + namespace: olm +spec: + sourceType: grpc + image: quay.io/operator-framework/upstream-community-operators:latest + displayName: Community Operators + publisher: OperatorHub.io + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..f2eda530b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_00-namespace.yaml @@ -0,0 +1,13 @@ +--- +# Source: olm/templates/0000_50_olm_00-namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: olm + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: operators + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..1a2e303d8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,31 @@ +--- +# Source: olm/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..f11ca58af --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,767 @@ +--- +# Source: olm/templates/0000_50_olm_03-clusterserviceversion.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..3e83c677f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,79 @@ +--- +# Source: olm/templates/0000_50_olm_04-installplan.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..5ba0b3cd5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,74 @@ +--- +# Source: olm/templates/0000_50_olm_05-subscription.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subcribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..26f027427 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,129 @@ +--- +# Source: olm/templates/0000_50_olm_06-catalogsource.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..598e0a708 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,57 @@ +--- +# Source: olm/templates/0000_50_olm_07-olm-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - "" + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..56884c607 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,52 @@ +--- +# Source: olm/templates/0000_50_olm_08-catalog-operator.deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - olm + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + env: + + + + nodeSelector: + beta.kubernetes.io/os: linux + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..5bc6832fc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,28 @@ +--- +# Source: olm/templates/0000_50_olm_09-aggregated.clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..e9a7de669 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,99 @@ +--- +# Source: olm/templates/0000_50_olm_10-operatorgroup.crd.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + type: object + status: + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - namespaces + - lastUpdated + type: object + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..d870db803 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,131 @@ +--- +# Source: olm/templates/0000_50_olm_11-olm-operators.configmap.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: olm +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.9.0 + namespace: olm + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - olm + image: quay.io/operator-framework/olm@sha256:7e4b13b89b3d59876b228697bbd0c9e364fd73f946ab90308c34fd82053a5a76 + imagePullPolicy: Always + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + maturity: alpha + version: 0.9.0 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.9.0 \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..b1be6a655 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_12-olm-operators.catalogsource.yaml +#! validate-crd: ./deploy/chart/templates/06-catalogsource.crd.yaml +#! parse-kind: CatalogSource +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: olm +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..028458300 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,16 @@ +--- +# Source: olm/templates/0000_50_olm_13-operatorgroup-default.yaml +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: olm +spec: + targetNamespaces: + - olm diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..69ea7b01a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,14 @@ +--- +# Source: olm/templates/0000_50_olm_14-packageserver.subscription.yaml +#! validate-crd: ./deploy/chart/templates/05-subscription.crd.yaml +#! parse-kind: Subscription +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: olm +spec: + source: olm-operators + sourceNamespace: olm + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_18-upstream-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_18-upstream-operators.catalogsource.yaml new file mode 100644 index 000000000..3275c6f27 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/0.9.0/0000_50_olm_18-upstream-operators.catalogsource.yaml @@ -0,0 +1,12 @@ +--- +# Source: olm/templates/0000_50_olm_18-upstream-operators.catalogsource.yaml +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: operatorhubio-catalog + namespace: olm +spec: + sourceType: grpc + image: quay.io/operator-framework/upstream-community-operators:latest + displayName: Community Operators + publisher: OperatorHub.io diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/latest b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/latest new file mode 120000 index 000000000..9b8324584 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/manifests/latest @@ -0,0 +1 @@ +./0.10.1 \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/crds.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/crds.yaml new file mode 100644 index 000000000..c859e686a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/crds.yaml @@ -0,0 +1,1144 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subscribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + status: {} + validation: + openAPIV3Schema: + description: Subscribes service catalog to a source and channel to recieve updates for packages. + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + status: {} + validation: + openAPIV3Schema: + description: A source configured to find packages and updates. + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: A grouping of namespaces for usage with an operator. + properties: + spec: + type: object + description: Spec for an OperatorGroup. + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + status: + type: object + description: The status of the OperatorGroup. + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - lastUpdated + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/install.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/install.sh new file mode 100755 index 000000000..9f7083f24 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/install.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash + + +# This script is for installing OLM from a GitHub release + +set -e + +if [[ ${#@} -ne 1 ]]; then + echo "Usage: $0 version" + echo "* version: the github release version" + exit 1 +fi + +release=$1 +url=https://github.com/operator-framework/operator-lifecycle-manager/releases/download/${release} +namespace=olm + +kubectl apply -f ${url}/crds.yaml +kubectl apply -f ${url}/olm.yaml + +# wait for deployments to be ready +kubectl rollout status -w deployment/olm-operator --namespace="${namespace}" +kubectl rollout status -w deployment/catalog-operator --namespace="${namespace}" + +retries=50 +until [[ $retries == 0 || $new_csv_phase == "Succeeded" ]]; do + new_csv_phase=$(kubectl get csv -n "${namespace}" packageserver.v${release} -o jsonpath='{.status.phase}' 2>/dev/null || echo "Waiting for CSV to appear") + if [[ $new_csv_phase != "$csv_phase" ]]; then + csv_phase=$new_csv_phase + echo "Package server phase: $csv_phase" + fi + sleep 1 + retries=$((retries - 1)) +done + +if [ $retries == 0 ]; then + echo "CSV \"packageserver\" failed to reach phase succeeded" + exit 1 +fi + +kubectl rollout status -w deployment/packageserver --namespace="${namespace}" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/olm.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/olm.yaml new file mode 100644 index 000000000..e7dfcade0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/olm.yaml @@ -0,0 +1,361 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: olm + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: operators + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-olm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: olm +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: olm + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - "" + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + + nodeSelector: + beta.kubernetes.io/os: linux + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: olm + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - olm + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + + + nodeSelector: + beta.kubernetes.io/os: linux + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["subscriptions"] + verbs: ["create", "update", "patch", "delete"] +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] + verbs: ["get", "list", "watch"] +- apiGroups: ["packages.operators.coreos.com"] + resources: ["packagemanifests"] + verbs: ["get", "list", "watch"] +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: olm +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.10.1 + namespace: olm + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + nodeSelector: + beta.kubernetes.io/os: linux + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - olm + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: Always + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.1 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.10.1 +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: olm +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: olm +spec: + targetNamespaces: + - olm +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: olm +spec: + source: olm-operators + sourceNamespace: olm + name: packageserver + channel: alpha +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: operatorhubio-catalog + namespace: olm +spec: + sourceType: grpc + image: quay.io/operator-framework/upstream-community-operators:latest + displayName: Community Operators + publisher: OperatorHub.io diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/values.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/values.yaml new file mode 100644 index 000000000..de8e6ef70 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/values.yaml @@ -0,0 +1,31 @@ +installType: upstream +rbacApiVersion: rbac.authorization.k8s.io +namespace: olm +catalog_namespace: olm +operator_namespace: operators +imagestream: false +writeStatusName: '""' +writePackageServerStatusName: "" +olm: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + pullPolicy: IfNotPresent + service: + internalPort: 8080 +catalog: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + pullPolicy: IfNotPresent + service: + internalPort: 8080 +package: + replicaCount: 2 + image: + ref: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + pullPolicy: Always + service: + internalPort: 5443 +catalog_sources: +- rh-operators diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/e2e-local-run.Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/e2e-local-run.Dockerfile new file mode 100644 index 000000000..35daa78db --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/e2e-local-run.Dockerfile @@ -0,0 +1,9 @@ +FROM golang:1.11 as builder +WORKDIR /go/src/github.com/operator-framework/operator-lifecycle-manager +RUN apt-get update +RUN apt-get install -y jq +COPY pkg pkg +COPY vendor vendor +COPY test/e2e test/e2e +RUN go test -c -o /bin/e2e ./test/e2e/... +CMD ["./test/e2e/e2e.sh"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/e2e.Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/e2e.Dockerfile new file mode 100644 index 000000000..4acf1763d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/e2e.Dockerfile @@ -0,0 +1,26 @@ +FROM golang:1.10 as builder +LABEL stage=builder +WORKDIR /go/src/github.com/operator-framework/operator-lifecycle-manager +RUN curl -L https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 -o /bin/jq +RUN chmod +x /bin/jq +# copy just enough of the git repo to parse HEAD, used to record version in OLM binaries +COPY .git/HEAD .git/HEAD +COPY .git/refs/heads/. .git/refs/heads +RUN mkdir -p .git/objects +COPY Makefile Makefile +COPY OLM_VERSION OLM_VERSION +COPY pkg pkg +COPY vendor vendor +COPY cmd cmd +COPY test test +RUN make build-coverage + +FROM alpine:latest as olm +LABEL stage=olm +WORKDIR / +COPY --from=builder /go/src/github.com/operator-framework/operator-lifecycle-manager/bin/olm /bin/olm +COPY --from=builder /go/src/github.com/operator-framework/operator-lifecycle-manager/bin/catalog /bin/catalog +COPY --from=builder /go/src/github.com/operator-framework/operator-lifecycle-manager/bin/package-server /bin/package-server +EXPOSE 8080 +EXPOSE 5443 +CMD ["/bin/olm"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/go.mod b/vendor/github.com/operator-framework/operator-lifecycle-manager/go.mod new file mode 100644 index 000000000..3397d8033 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/go.mod @@ -0,0 +1,79 @@ +module github.com/operator-framework/operator-lifecycle-manager + +go 1.12 + +require ( + github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect + github.com/blang/semver v3.5.1+incompatible + github.com/coreos/etcd v3.3.12+incompatible // indirect + github.com/coreos/go-semver v0.2.0 + github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e // indirect + github.com/docker/distribution v2.7.1+incompatible // indirect + github.com/docker/docker v0.7.3-0.20190409004836-2e1cfbca03da // indirect + github.com/emicklei/go-restful v2.9.3+incompatible // indirect + github.com/ghodss/yaml v1.0.0 + github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8 // indirect + github.com/go-openapi/analysis v0.17.2 // indirect + github.com/go-openapi/errors v0.17.2 // indirect + github.com/go-openapi/jsonpointer v0.19.0 // indirect + github.com/go-openapi/jsonreference v0.19.0 // indirect + github.com/go-openapi/loads v0.17.2 // indirect + github.com/go-openapi/runtime v0.17.2 // indirect + github.com/go-openapi/spec v0.19.0 + github.com/go-openapi/swag v0.17.2 // indirect + github.com/gogo/protobuf v1.2.0 // indirect + github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b + github.com/golang/mock v1.2.1-0.20190329180013-73dc87cad333 + github.com/google/btree v1.0.0 // indirect + github.com/google/go-cmp v0.2.0 // indirect + github.com/google/gofuzz v1.0.0 // indirect + github.com/googleapis/gnostic v0.3.0 // indirect + github.com/grpc-ecosystem/grpc-gateway v1.8.5 // indirect + github.com/json-iterator/go v1.1.6 // indirect + github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect + github.com/maxbrunsfeld/counterfeiter/v6 v6.0.2 + github.com/mitchellh/hashstructure v1.0.0 + github.com/onsi/ginkgo v1.8.0 // indirect + github.com/openshift/api v3.9.1-0.20190424152011-77b8897ec79a+incompatible + github.com/openshift/client-go v0.0.0-20190401163519-84c2b942258a + github.com/operator-framework/operator-registry v1.1.1 + github.com/pkg/errors v0.8.1 + github.com/prometheus/client_golang v0.9.2 + github.com/sirupsen/logrus v1.4.1 + github.com/spf13/cobra v0.0.3 + github.com/stretchr/testify v1.2.2 + go.uber.org/atomic v1.4.0 // indirect + go.uber.org/zap v1.10.0 // indirect + golang.org/x/crypto v0.0.0-20190404164418-38d8ce5564a5 // indirect + golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db // indirect + golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 + google.golang.org/appengine v1.5.0 // indirect + google.golang.org/grpc v1.19.1 + gotest.tools v2.2.0+incompatible // indirect + k8s.io/api v0.0.0-20190313235455-40a48860b5ab + k8s.io/apiextensions-apiserver v0.0.0-20190315093550-53c4693659ed + k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d + k8s.io/apiserver v0.0.0-20190531031430-24fd0f18bc21 + k8s.io/client-go v11.0.0+incompatible + k8s.io/code-generator v0.0.0-20190311093542-50b561225d70 + k8s.io/gengo v0.0.0-20190327210449-e17681d19d3a // indirect + k8s.io/klog v0.2.0 // indirect + k8s.io/kube-aggregator v0.0.0-20190404125450-f5e124c822d6 + k8s.io/kube-openapi v0.0.0-20190401085232-94e1e7b7574c + k8s.io/kubernetes v1.14.3 + k8s.io/utils v0.0.0-20190308190857-21c4ce38f2a7 // indirect + sigs.k8s.io/yaml v1.1.0 // indirect +) + +replace ( + // pin kube dependencies to release-1.12 branch + github.com/evanphx/json-patch => github.com/evanphx/json-patch v0.0.0-20190203023257-5858425f7550 + k8s.io/api => k8s.io/api v0.0.0-20181128191700-6db15a15d2d3 + k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.0.0-20190221101132-cda7b6cfba78 + k8s.io/apimachinery => k8s.io/apimachinery v0.0.0-20190221084156-01f179d85dbc + k8s.io/apiserver => k8s.io/apiserver v0.0.0-20190402012035-5e1c1f41ee34 + k8s.io/client-go => k8s.io/client-go v0.0.0-20190228133956-77e032213d34 + k8s.io/code-generator => k8s.io/code-generator v0.0.0-20181128191024-b1289fc74931 + k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.0.0-20190221095344-e77f03c95d65 + k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20180711000925-0cf8f7e6ed1d +) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/go.sum b/vendor/github.com/operator-framework/operator-lifecycle-manager/go.sum new file mode 100644 index 000000000..ae8ce6b40 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/go.sum @@ -0,0 +1,401 @@ +bitbucket.org/ww/goautoneg v0.0.0-20120707110453-75cd24fc2f2c h1:t+Ra932MCC0eeyD/vigXqMbZTzgZjd4JOfBJWC6VSMI= +bitbucket.org/ww/goautoneg v0.0.0-20120707110453-75cd24fc2f2c/go.mod h1:1vhO7Mn/FZMgOgDVGLy5X1mE6rq1HbkBdkF/yj8zkcg= +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= +github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= +github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/NYTimes/gziphandler v1.0.1 h1:iLrQrdwjDd52kHDA5op2UBJFjmOb9g+7scBan4RN8F0= +github.com/NYTimes/gziphandler v1.0.1/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.0 h1:rmGxhojJlM0tuKtfdvliR84CFHljx9ag64t2xmVkjK4= +github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf h1:eg0MeVzsP1G42dRafH3vf+al2vQIJU0YHX+1Tw87oco= +github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= +github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4= +github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/coreos/bbolt v1.3.0 h1:HIgH5xUWXT914HCI671AxuTTqjj64UOFr7pHn48LUTI= +github.com/coreos/bbolt v1.3.0/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= +github.com/coreos/etcd v3.3.9+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/etcd v3.3.12+incompatible h1:pAWNwdf7QiT1zfaWyqCtNZQWCLByQyA3JrSQyuYAqnQ= +github.com/coreos/etcd v3.3.12+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-semver v0.2.0 h1:3Jm3tLmsgAYcjC+4Up7hJrFBPr+n7rAqYeSw/SZazuY= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20181031085051-9002847aa142/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e h1:Wf6HqHfScWJN9/ZjdUKyjop4mf3Qdd+1TvvltAvM3m8= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f h1:lBNOc5arjvs8E5mO2tbpBpLoyyu8B6e44T7hJy6potg= +github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/docker/distribution v2.6.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.7.0+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= +github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v0.7.3-0.20190409004836-2e1cfbca03da h1:9ouQ6UxUR99krN1mfiQP+ygP5mS9YSioeyXD01WcwLA= +github.com/docker/docker v0.7.3-0.20190409004836-2e1cfbca03da/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/elazarl/go-bindata-assetfs v1.0.0 h1:G/bYguwHIzWq9ZoyUQqrjTmJbbYn3j3CKKpKinvZLFk= +github.com/elazarl/go-bindata-assetfs v1.0.0/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4= +github.com/emicklei/go-restful v2.8.0+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/emicklei/go-restful v2.8.1+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/emicklei/go-restful v2.9.3+incompatible h1:2OwhVdhtzYUp5P5wuGsVDPagKSRd9JK72sJCHVCXh5g= +github.com/emicklei/go-restful v2.9.3+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/emicklei/go-restful-swagger12 v0.0.0-20170926063155-7524189396c6 h1:V94anc0ZG3Pa/cAMwP2m1aQW3+/FF8Qmw/GsFyTJAp4= +github.com/emicklei/go-restful-swagger12 v0.0.0-20170926063155-7524189396c6/go.mod h1:qr0VowGBT4CS4Q8vFF8BSeKz34PuqKGxs/L0IAQA9DQ= +github.com/evanphx/json-patch v0.0.0-20190203023257-5858425f7550 h1:mV9jbLoSW/8m4VK16ZkHTozJa8sesK5u5kTMFysTYac= +github.com/evanphx/json-patch v0.0.0-20190203023257-5858425f7550/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= +github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8 h1:DujepqpGd1hyOd7aW59XpK7Qymp8iy83xq74fLr21is= +github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= +github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= +github.com/go-openapi/analysis v0.17.2 h1:eYp14J1o8TTSCzndHBtsNuckikV1PfZOSnx4BcBeu0c= +github.com/go-openapi/analysis v0.17.2/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= +github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= +github.com/go-openapi/errors v0.17.2 h1:azEQ8Fnx0jmtFF2fxsnmd6I0x6rsweUF63qqSO1NmKk= +github.com/go-openapi/errors v0.17.2/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= +github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= +github.com/go-openapi/jsonpointer v0.19.0 h1:FTUMcX77w5rQkClIzDtTxvn6Bsa894CcrzNj2MMfeg8= +github.com/go-openapi/jsonpointer v0.19.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= +github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= +github.com/go-openapi/jsonreference v0.19.0 h1:BqWKpV1dFd+AuiKlgtddwVIFQsuMpxfBDBHGfM2yNpk= +github.com/go-openapi/jsonreference v0.19.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= +github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= +github.com/go-openapi/loads v0.17.2 h1:tEXYu6Xc0pevpzzQx5ghrMN9F7IVpN/+u4iD3rkYE5o= +github.com/go-openapi/loads v0.17.2/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= +github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= +github.com/go-openapi/runtime v0.17.2 h1:/ZK67ikFhQAMFFH/aPu2MaGH7QjP4wHBvHYOVIzDAw0= +github.com/go-openapi/runtime v0.17.2/go.mod h1:QO936ZXeisByFmZEO1IS1Dqhtf4QV1sYYFtIq6Ld86Q= +github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= +github.com/go-openapi/spec v0.17.2/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= +github.com/go-openapi/spec v0.19.0 h1:A4SZ6IWh3lnjH0rG0Z5lkxazMGBECtrZcbyYQi+64k4= +github.com/go-openapi/spec v0.19.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= +github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= +github.com/go-openapi/strfmt v0.17.2/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= +github.com/go-openapi/strfmt v0.18.0 h1:FqqmmVCKn3di+ilU/+1m957T1CnMz3IteVUcV3aGXWA= +github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= +github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= +github.com/go-openapi/swag v0.17.2 h1:K/ycE/XTUDFltNHSO32cGRUhrVGJD64o8WgAIZNyc3k= +github.com/go-openapi/swag v0.17.2/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= +github.com/go-openapi/validate v0.17.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= +github.com/go-openapi/validate v0.17.2/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= +github.com/go-openapi/validate v0.18.0 h1:PVXYcP1GkTl+XIAJnyJxOmK6CSG5Q1UcvoCvNO++5Kg= +github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.0 h1:xU6/SpYbvkNYiptHJYEDRseDLvYE7wSqhYYNy0QSUzI= +github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20180924190550-6f2cf27854a4/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20181024230925-c65c006176ff h1:kOkM9whyQYodu09SJ6W3NCsHG7crFaJILQ22Gozp3lg= +github.com/golang/groupcache v0.0.0-20181024230925-c65c006176ff/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.1-0.20190329180013-73dc87cad333 h1:T7BbTPTeAnatnqlwwWt+77l0YF8UBKcWf1GEK5M9YQ8= +github.com/golang/mock v1.2.1-0.20190329180013-73dc87cad333/go.mod h1:L3bP22mxdfCUHSUVMs+SPJMx55FrxQew7MSXT11Q86g= +github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0 h1:0udJVsspx3VBr5FwtLhQQtuAsVc79tTq0ocGIPAU6qo= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0 h1:+dTQ8DZQJz0Mb/HjFlkptS1FeQ4cWSnN941F8aEG4SQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/gofuzz v0.0.0-20170612174753-24818f796faf/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= +github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.0.0 h1:b4Gk+7WdP/d3HZH8EJsZpvV7EtDOgaZLtnaNGIu1adA= +github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gnostic v0.2.0 h1:l6N3VoaVzTncYYW+9yOz2LJJammFZGBO13sqgEhpy9g= +github.com/googleapis/gnostic v0.2.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= +github.com/googleapis/gnostic v0.3.0 h1:CcQijm0XKekKjP/YCz28LXVSpgguuB+nCxaSjCe09y0= +github.com/googleapis/gnostic v0.3.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= +github.com/gorilla/websocket v1.4.0 h1:WDFjx/TMzVgy9VdMMQi2K2Emtwi2QcUQsztZ/zLaH/Q= +github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/gregjones/httpcache v0.0.0-20181110185634-c63ab54fda8f/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/gregjones/httpcache v0.0.0-20190203031600-7a902570cb17 h1:prg2TTpTOcJF1jRWL2zSU1FQNgB0STAFNux8GK82y8k= +github.com/gregjones/httpcache v0.0.0-20190203031600-7a902570cb17/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 h1:Iju5GlWwrvL6UBg4zJJt3btmonfrMlCDdsejg4CZE7c= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92BcuyuQ/YW4NSIpoGtfXNho= +github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.5.1/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= +github.com/grpc-ecosystem/grpc-gateway v1.6.3/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= +github.com/grpc-ecosystem/grpc-gateway v1.8.5 h1:2+KSC78XiO6Qy0hIjfc1OD9H+hsaJdJlb8Kqsd41CTE= +github.com/grpc-ecosystem/grpc-gateway v1.8.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/grpc-ecosystem/grpc-health-probe v0.2.0/go.mod h1:4GVx/bTCtZaSzhjbGueDY5YgBdsmKeVx+LErv/n0L6s= +github.com/grpc-ecosystem/grpc-health-probe v0.2.1-0.20181220223928-2bf0a5b182db/go.mod h1:uBKkC2RbarFsvS5jMJHpVhTLvGlGQj9JJwkaePE3FWI= +github.com/hashicorp/golang-lru v0.5.0 h1:CL2msUPvZTLb5O648aiLNJw3hnBxN2+1Jq8rCOH9wdo= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/imdario/mergo v0.3.7 h1:Y+UAYTZ7gDEuOfhxKWy+dvb5dRQ6rJjFSdX2HZY1/gI= +github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= +github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/joefitzgerald/rainbow-reporter v0.1.0 h1:AuMG652zjdzI0YCCnXAqATtRBpGXMcAnrajcaTrSeuo= +github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= +github.com/jonboulle/clockwork v0.1.0 h1:VKV+ZcuP6l3yW9doeqz6ziZGgcynBVQO+obU0+0hcPo= +github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/json-iterator/go v1.1.5/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.6 h1:MrUvLMLTMxbqFJ9kzlvat/rYZqZnW3u4wkLzWTaFwKs= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v0.0.0-20180402223658-b729f2633dfe/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329 h1:2gxZ0XQIU/5z3Z3bUBu+FXuk2pFbkN6tcwi/pjyaDic= +github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mattn/go-sqlite3 v1.9.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= +github.com/mattn/go-sqlite3 v1.10.0 h1:jbhqpg7tQe4SupckyijYiy0mJJ/pRyHvXf7JdWK860o= +github.com/mattn/go-sqlite3 v1.10.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= +github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/maxbrunsfeld/counterfeiter v0.0.0-20181017030959-1aadac120687/go.mod h1:aoVsckWnsNzazwF2kmD+bzgdr4GBlbK91zsdivQJ2eU= +github.com/maxbrunsfeld/counterfeiter/v6 v6.0.2 h1:pbpJx2aGTIexkk+R+XLnCA9r2TBLg8KKyDo4GvaJan0= +github.com/maxbrunsfeld/counterfeiter/v6 v6.0.2/go.mod h1:jDaYg8/bmdfygnyq5gnvMRDocYTEcXLPU0bXPtTco58= +github.com/mitchellh/hashstructure v1.0.0 h1:ZkRJX1CyOoTkar7p/mLS5TZU4nJ1Rn/F8u9dGS02Q3Y= +github.com/mitchellh/hashstructure v1.0.0/go.mod h1:QjSHrPWS+BGUVBYkbTZWEnOh3G1DutKwClXU/ABz6AQ= +github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.8.0 h1:VkHVNpR4iVnU8XQR6DBm8BqYjN7CRzw+xKUbVVbbW9w= +github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v1.4.2-0.20180831124310-ae19f1b56d53/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.5.0 h1:izbySO9zDPmjJ8rDjLvkA2zJHIo+HkYXHnf7eN7SSyo= +github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ= +github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/openshift/api v3.9.1-0.20190424152011-77b8897ec79a+incompatible h1:q2JBuObKafI7B4Eli6eLd+2T5JsU9ioWZ82zQwyjJPg= +github.com/openshift/api v3.9.1-0.20190424152011-77b8897ec79a+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY= +github.com/openshift/client-go v0.0.0-20190401163519-84c2b942258a h1:2t89qt9TR5koRb55cdTMM3NOMP238eHNeUnZ7uihHSA= +github.com/openshift/client-go v0.0.0-20190401163519-84c2b942258a/go.mod h1:6rzn+JTr7+WYS2E1TExP4gByoABxMznR6y2SnUIkmxk= +github.com/operator-framework/go-appr v0.0.0-20180917210448-f2aef88446f2/go.mod h1:YNzwUx1i6C4dXWcffyq3yaIb0rh/K8/OvQ4vG0SNlSw= +github.com/operator-framework/operator-lifecycle-manager v0.0.0-20181023032605-e838f7fb2186/go.mod h1:Ma5ZXd4S1vmMyewWlF7aO8CZiokR7Sd8dhSfkGkNU4U= +github.com/operator-framework/operator-lifecycle-manager v0.0.0-20190105193533-81104ffdc4fb/go.mod h1:XMyE4n2opUK4N6L45YGQkXXi8F9fD7XDYFv/CsS6V5I= +github.com/operator-framework/operator-lifecycle-manager v0.0.0-20190125151539-1e295784b30a/go.mod h1:vq6TTFvg6ti1Bn6ACsZneZTmjTsURgDD6tQtVDbEgsU= +github.com/operator-framework/operator-marketplace v0.0.0-20190216021216-57300a3ef3ba/go.mod h1:msZSL8pXwzQjB+hU+awVrZQw94IwJi3sNZVD3NoESIs= +github.com/operator-framework/operator-registry v1.0.1 h1:Z2155w77HzIkTrdp2qoY0QMkywxhJpuABUSGcgogXuc= +github.com/operator-framework/operator-registry v1.0.1/go.mod h1:1xEdZjjUg2hPEd52LG3YQ0jtwiwEGdm98S1TH5P4RAA= +github.com/operator-framework/operator-registry v1.0.4/go.mod h1:hve6YwcjM2nGVlscLtNsp9sIIBkNZo6jlJgzWw7vP9s= +github.com/operator-framework/operator-registry v1.1.1 h1:oDIevJvKXFsp7BEb7iJHuLvuhPZYBtIx5oZQ7iSISAs= +github.com/operator-framework/operator-registry v1.1.1/go.mod h1:7D4WEwL+EKti5npUh4/u64DQhawCBRugp8Ql20duUb4= +github.com/pborman/uuid v1.2.0 h1:J7Q5mO4ysT1dv8hyrUGHb9+ooztCXu1D8MY8DZYsu3g= +github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= +github.com/petar/GoLLRB v0.0.0-20130427215148-53be0d36a84c/go.mod h1:HUpKUBZnpzkdx0kD/+Yfuft+uD3zHGtXF/XJB14TUr4= +github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.2 h1:awm861/B8OKDd2I/6o1dy3ra4BamzKhYOiGItCeZ740= +github.com/prometheus/client_golang v0.9.2/go.mod h1:OsXs2jCmiKlQ1lTBmv21f2mNfw4xf/QclQDMrYNZzcM= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910 h1:idejC8f05m9MGOsuEi1ATq9shN03HrxNkD/luQvxCv8= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.0.0-20190104105734-b1c43a6df3ae h1:iq3e1tH4dCzdqscIkWimcnzYt6Pkz0zOzHSgV9cb5DE= +github.com/prometheus/common v0.0.0-20190104105734-b1c43a6df3ae/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20190104112138-b1a0a9a36d74 h1:d1Xoc24yp/pXmWl2leBiBA+Tptce6cQsA+MMx/nOOcY= +github.com/prometheus/procfs v0.0.0-20190104112138-b1a0a9a36d74/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/sclevine/spec v1.0.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= +github.com/sclevine/spec v1.2.0 h1:1Jwdf9jSfDl9NVmt8ndHqbTZ7XCCPbh1jI3hkDBHVYA= +github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= +github.com/sirupsen/logrus v1.1.1/go.mod h1:zrgwTnHtNr00buQ1vSptGe8m1f/BbgsPukg8qsT7A+A= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.4.1 h1:GL2rEmy6nsikmW0r8opw9JIRScdMF5hA8cOYLH7In1k= +github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/soheilhy/cmux v0.1.4 h1:0HKaf1o97UwFjHH9o5XsHUOF+tqmdA7KEzXLpiyaw0E= +github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spf13/cobra v0.0.3 h1:ZlrZ4XsMRm04Fr5pSFxBgfND2EBVa1nLpiy1stUsX/8= +github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= +github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/stevvooe/resumable v0.0.0-20180830230917-22b14a53ba50/go.mod h1:1pdIZTAHUz+HDKDVZ++5xg/duPlhKAIzw9qy42CWYp4= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/tmc/grpc-websocket-proxy v0.0.0-20171017195756-830351dc03c6/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5 h1:LnC5Kc/wtumK+WB441p7ynQJzVuNRJiqddSIE3IlSEQ= +github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/ugorji/go v1.1.1 h1:gmervu+jDMvXTbcHQ0pd2wee85nEoE0BsVyEuzkfK8w= +github.com/ugorji/go v1.1.1/go.mod h1:hnLbHMwcvSihnDhEfx2/BzKp2xb0Y+ErdfYcrs9tkJQ= +github.com/ugorji/go/codec v0.0.0-20181022190402-e5e69e061d4f/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/xiang90/probing v0.0.0-20160813154853-07dd2e8dfe18/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2 h1:eY9dn8+vbi4tKz5Qo6v2eYzo7kUS51QINcR5jNpbZS8= +github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +go.uber.org/atomic v1.3.2 h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4= +go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/zap v1.9.1 h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o= +go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.10.0 h1:ORx85nbTijNz8ljznvCMR1ZBIPKFn3jQrag10X2AsuM= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181015023909-0c41d7ab0a0e/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190404164418-38d8ce5564a5 h1:bselrhR0Or1vomJZC8ZIjWtbDmn9OYFLX5Ik9alpJpE= +golang.org/x/crypto v0.0.0-20190404164418-38d8ce5564a5/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= +golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180911220305-26e67e76b6c3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3 h1:eH6Eip3UpmR+yM/qI9Ijluzb1bNv/cAU/n+6l8tRSis= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53 h1:kcXqo9vE6fsZY5X5Rd7R1l7fTgnWaDCVmln65REefiE= +golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20181105165119-ca4130e427c7 h1:g9UOdtsRWEwHYUG2bDHMxKrvfSGE5epIX2HkaMHSMBY= +golang.org/x/oauth2 v0.0.0-20181105165119-ca4130e427c7/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f h1:Bl/8QSvNqXvPGPGXa2z5xUTmV7VDcZyvRZ+QQXkXTZQ= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181023152157-44b849a8bc13/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190318195719-6c81ef8f67ca/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e h1:nFYrTHrdrAOpShe27kaFHjsqYSEQ0KWqdWLu3xuZJts= +golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db h1:6/JqlYfC1CCaLnGceQTI+sDGhC9UBSPAsBqI0Gun6kU= +golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181011152555-a398e557df60/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181207222222-4c874b978acb/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b h1:qMK98NmNCRVDIYFycQ5yVRkvgDUFfdP8Ip4KqmDEB7g= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190221204921-83362c3779f5/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190320215829-36c10c0a621f h1:1ZEOEQCgHwWeZkEp7AeN0DROZtO+h0NDRxtar5CdyYQ= +golang.org/x/tools v0.0.0-20190320215829-36c10c0a621f/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0 h1:KxkO13IPW4Lslp2bz+KHP2E3gtFlrIGNThxkZQ3g+4c= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20181016170114-94acd270e44e h1:I5s8aUkxqPjgAssfOv+dVr+4/7BC40WV6JhcVoORltI= +google.golang.org/genproto v0.0.0-20181016170114-94acd270e44e/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= +google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.19.1 h1:TrBcJ1yqAl1G++wO39nD/qtgpsW9/1+QGrluyMGEYgM= +google.golang.org/grpc v1.19.1/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/natefinch/lumberjack.v2 v2.0.0-20170531160350-a96e63847dc3/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= +gopkg.in/natefinch/lumberjack.v2 v2.0.0 h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8= +gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= +gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= +gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= +honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +k8s.io/api v0.0.0-20181128191700-6db15a15d2d3 h1:yU+uHaWFaeWjRoVDuKI2qxcOP9PPFJ+665yJuHI5Ils= +k8s.io/api v0.0.0-20181128191700-6db15a15d2d3/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA= +k8s.io/apiextensions-apiserver v0.0.0-20190221101132-cda7b6cfba78 h1:aD1uPt1N+ejP5ZYd04RGxbsw67rmOaBJiVM/9ID6jC4= +k8s.io/apiextensions-apiserver v0.0.0-20190221101132-cda7b6cfba78/go.mod h1:IxkesAMoaCRoLrPJdZNZUQp9NfZnzqaVzLhb2VEQzXE= +k8s.io/apimachinery v0.0.0-20190221084156-01f179d85dbc h1:7z9/6jKWBqkK9GI1RRB0B5fZcmkatLQ/nv8kysch24o= +k8s.io/apimachinery v0.0.0-20190221084156-01f179d85dbc/go.mod h1:ccL7Eh7zubPUSh9A3USN90/OzHNSVN6zxzde07TDCL0= +k8s.io/apiserver v0.0.0-20190402012035-5e1c1f41ee34 h1:5d+YN9C7gYxZIdr9aFzYzYjaFP2cT/5O06rOImHvHIQ= +k8s.io/apiserver v0.0.0-20190402012035-5e1c1f41ee34/go.mod h1:6bqaTSOSJavUIXUtfaR9Os9JtTCm8ZqH2SUl2S60C4w= +k8s.io/client-go v0.0.0-20190228133956-77e032213d34 h1:6Iif3YYUETtutLCzzC1hPC6Fjvg/qdcQM3NwxS86TmA= +k8s.io/client-go v0.0.0-20190228133956-77e032213d34/go.mod h1:7vJpHMYJwNQCWgzmNV+VYUl1zCObLyodBc8nIyt8L5s= +k8s.io/code-generator v0.0.0-20181128191024-b1289fc74931 h1:5nlNOG+ShM9gcSivU8/IEhrANa/ljMMEJ1sw86/eFzQ= +k8s.io/code-generator v0.0.0-20181128191024-b1289fc74931/go.mod h1:MYiN+ZJZ9HkETbgVZdWw2AsuAi9PZ4V80cwfuf2axe8= +k8s.io/gengo v0.0.0-20181106084056-51747d6e00da/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20181113154421-fd15ee9cc2f7/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20190327210449-e17681d19d3a h1:QoHVuRquf80YZ+/bovwxoMO3Q/A3nt3yTgS0/0nejuk= +k8s.io/gengo v0.0.0-20190327210449-e17681d19d3a/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= +k8s.io/klog v0.1.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= +k8s.io/klog v0.2.0 h1:0ElL0OHzF3N+OhoJTL0uca20SxtYt4X4+bzHeqrB83c= +k8s.io/klog v0.2.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= +k8s.io/kube-aggregator v0.0.0-20190221095344-e77f03c95d65 h1:GIHtHBIAREPptnilzCJypTzXq70klKYlUI9lq9MfwWM= +k8s.io/kube-aggregator v0.0.0-20190221095344-e77f03c95d65/go.mod h1:8sbzT4QQKDEmSCIbfqjV0sd97GpUT7A4W626sBiYJmU= +k8s.io/kube-openapi v0.0.0-20180711000925-0cf8f7e6ed1d h1:mn2F9UzCk6KGa7M/d2ibLyRtBQm7n6QvbCjDe/cDWSg= +k8s.io/kube-openapi v0.0.0-20180711000925-0cf8f7e6ed1d/go.mod h1:BXM9ceUBTj2QnfH2MK1odQs778ajze1RxcmP6S8RVVc= +k8s.io/kubernetes v1.11.7-beta.0.0.20181219023948-b875d52ea96d/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= +k8s.io/kubernetes v1.11.8-beta.0.0.20190124204751-3a10094374f2/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= +k8s.io/kubernetes v1.14.3 h1:/FQkOJpjc1jGA37s7Rt3U10VwIKW685ejrgOp4UDRFE= +k8s.io/kubernetes v1.14.3/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= +k8s.io/utils v0.0.0-20190308190857-21c4ce38f2a7 h1:8r+l4bNWjRlsFYlQJnKJ2p7s1YQPj4XyXiJVqDHRx7c= +k8s.io/utils v0.0.0-20190308190857-21c4ce38f2a7/go.mod h1:8k8uAuAQ0rXslZKaEWd0c3oVhZz7sSzSiPnVZayjIX0= +sigs.k8s.io/controller-runtime v0.1.10/go.mod h1:HFAYoOh6XMV+jKF1UjFwrknPbowfyHEHHRdJMf2jMX8= +sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= +sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/local.Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/local.Dockerfile new file mode 100644 index 000000000..e0963b708 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/local.Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:latest +WORKDIR / +COPY olm /bin/olm +COPY catalog /bin/catalog +COPY package-server /bin/package-server +EXPOSE 8080 +EXPOSE 5443 +CMD ["/bin/olm"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/logo.png b/vendor/github.com/operator-framework/operator-lifecycle-manager/logo.png new file mode 100644 index 000000000..fd1a65566 Binary files /dev/null and b/vendor/github.com/operator-framework/operator-lifecycle-manager/logo.png differ diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/logo.svg b/vendor/github.com/operator-framework/operator-lifecycle-manager/logo.svg new file mode 100644 index 000000000..47ea75471 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/logo.svg @@ -0,0 +1 @@ +operator_logo_lifecycle_manager_color \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_00-namespace.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_00-namespace.yaml new file mode 100644 index 000000000..7398f0944 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_00-namespace.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operator-lifecycle-manager + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + openshift.io/cluster-monitoring: "true" + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-operators + + annotations: + openshift.io/node-selector: "" + labels: + openshift.io/run-level: "1" + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_01-olm-operator.serviceaccount.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_01-olm-operator.serviceaccount.yaml new file mode 100644 index 000000000..c8d1023f2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_01-olm-operator.serviceaccount.yaml @@ -0,0 +1,29 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: olm-operator-binding-openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:controller:operator-lifecycle-manager +subjects: +- kind: ServiceAccount + name: olm-operator-serviceaccount + namespace: openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_02-services.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_02-services.yaml new file mode 100644 index 000000000..d6f6868cc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_02-services.yaml @@ -0,0 +1,39 @@ + +apiVersion: v1 +kind: Service +metadata: + name: olm-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: olm-operator-serving-cert + labels: + app: olm-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: olm-operator +--- +apiVersion: v1 +kind: Service +metadata: + name: catalog-operator-metrics + namespace: openshift-operator-lifecycle-manager + annotations: + service.alpha.openshift.io/serving-cert-secret-name: catalog-operator-serving-cert + labels: + app: catalog-operator +spec: + type: ClusterIP + ports: + - name: https-metrics + port: 8081 + protocol: TCP + targetPort: metrics + selector: + app: catalog-operator + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_03-clusterserviceversion.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_03-clusterserviceversion.crd.yaml new file mode 100644 index 000000000..613893753 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_03-clusterserviceversion.crd.yaml @@ -0,0 +1,766 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterserviceversions.operators.coreos.com + annotations: + displayName: Operator Version + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. +spec: + names: + plural: clusterserviceversions + singular: clusterserviceversion + kind: ClusterServiceVersion + listKind: ClusterServiceVersionList + shortNames: + - csv + - csvs + categories: + - olm + additionalPrinterColumns: + - name: Display + type: string + description: The name of the CSV + JSONPath: .spec.displayName + - name: Version + type: string + description: The version of the CSV + JSONPath: .spec.version + - name: Replaces + type: string + description: The name of a CSV that this one replaces + JSONPath: .spec.replaces + - name: Phase + type: string + JSONPath: .status.phase + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents an Operator that should be running on the cluster, including requirements and install strategy. + properties: + spec: + type: object + description: Spec for a ClusterServiceVersion + required: + - displayName + - install + properties: + displayName: + type: string + description: Human readable name of the application that will be displayed in the ALM UI + + description: + type: string + description: Human readable description of what the application does + + minKubeVersion: + type: string + description: Minimum kubernetes version requirement on the server to deploy operator + pattern: ^\bv?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + keywords: + type: array + description: List of keywords which will be used to discover and categorize app types + items: + type: string + + maintainers: + type: array + description: Those responsible for the creation of this specific app type + items: + type: object + description: Information for a single maintainer + required: + - name + - email + properties: + name: + type: string + description: Maintainer's name + email: + type: string + description: Maintainer's email address + format: email + optionalProperties: + type: string + description: "Any additional key-value metadata you wish to expose about the maintainer, e.g. github: " + + links: + type: array + description: Interesting links to find more information about the project, such as marketing page, documentation, or github page + items: + type: object + description: A single link to describe one aspect of the project + required: + - name + - url + properties: + name: + type: string + description: Name of the link type, e.g. homepage or github url + url: + type: string + description: URL to which the link should point + format: uri + + icon: + type: array + description: Icon which should be rendered with the application information + items: + type: object + required: + - base64data + - mediatype + properties: + base64data: + type: string + description: Base64 binary representation of the icon image + mediatype: + type: string + description: Mediatype for the binary data specified in the base64data property + enum: + - image/gif + - image/jpeg + - image/png + - image/svg+xml + version: + type: string + description: Version string, recommended that users use semantic versioning + pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(-(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\+[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*)?$ + + replaces: + type: string + description: Name of the ClusterServiceVersion custom resource that this version replaces + + maturity: + type: string + description: What level of maturity the software has achieved at this version + enum: + - planning + - pre-alpha + - alpha + - beta + - stable + - mature + - inactive + - deprecated + labels: + type: object + description: Labels that will be applied to associated resources created by the operator. + selector: + type: object + description: Label selector to find resources associated with or managed by the operator + properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + nativeAPIs: + type: array + description: What resources are required by the Operator, but must be provided by the underlying cluster and not as an extension. + items: + type: object + required: + - group + - version + - kind + properties: + group: + type: string + description: Group of the API resource + version: + type: string + description: Version of the API resource + kind: + type: string + description: Kind of the API resource + apiservicedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - deploymentName + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + name: + type: string + description: The plural name for the APIService provided + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the APIService + required: + - kind + - version + properties: + name: + type: string + description: If a APIService, the fully qualified name of the APIService (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API resource and can be found here instead of on the API resource. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the APIService resource. + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the API Resource and can be found here instead of on the API resource. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the API resource + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the API resource where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the API resource and can be found here instead of on the API resource. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - group + - version + - kind + - name + - displayName + - description + properties: + group: + type: string + description: Group of the APIService (e.g. app.coreos.com) + version: + type: string + description: The version field of the APIService + kind: + type: string + description: The kind field of the APIService + name: + type: string + description: The plural name for the APIService provided + deploymentName: + type: string + description: Name of the extension api-server's deployment + containerPort: + type: number + description: Port where the extension api-server serves TLS traffic + displayName: + type: string + description: A human-readable name for the APIService. + description: + type: string + description: A description of the APIService + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the APIService + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the API Resource where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the API Resource and can be found here instead of on the API Resource. + + customresourcedefinitions: + type: object + properties: + owned: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + resources: + type: array + items: + type: object + description: A list of resources that should be displayed for the CRD + required: + - kind + - version + properties: + name: + type: string + description: If a CRD, the fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version of the resource kind + kind: + type: string + description: The kind field of the resource kind + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + specDescriptors: + type: array + items: + type: object + description: A spec for a field in the spec block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the spec entry. + description: + type: string + description: A description of the spec entry. + x-descriptors: + type: array + description: A list of descriptors for the spec entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. + required: + type: array + description: What resources this operator is responsible for managing. No two running operators should manage the same resource. + items: + type: object + required: + - name + - version + - kind + - displayName + - description + properties: + name: + type: string + description: Fully qualified name of the CustomResourceDefinition (e.g. my-resource-v1.app.coreos.com) + version: + type: string + description: The version field of the CustomResourceDefinition + kind: + type: string + description: The kind field of the CustomResourceDefinition + displayName: + type: string + description: A human-readable name for the CRD. + description: + type: string + description: A description of the CRD + statusDescriptors: + type: array + items: + type: object + description: A spec for a field in the status block of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the status object on the CR where the the status value can be found. + displayName: + type: string + description: A human-readable name for the status entry. + description: + type: string + description: A description of the status entry. + x-descriptors: + type: array + description: A list of descriptors for the status entry that indicate the meaning of the field. + items: + type: string + value: + description: If present, the value of this status is the same for all instances of the CRD and can be found here instead of on the CR. + + + install: + type: object + description: Information required to install this specific version of the operator software + oneOf: + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['image'] + spec: + type: object + required: + - image + properties: + image: + type: string + - type: object + required: + - strategy + - spec + properties: + strategy: + type: string + enum: ['deployment'] + spec: + type: object + required: + - deployments + properties: + installModes: + type: array + description: List of supported install modes for the operator + items: + type: object + description: A tuple representing a mode of installation and whether the operator supports it + required: + - type + - supported + properties: + type: + type: string + description: A type of install mode + enum: + - OwnNamespace + - SingleNamespace + - MultiNamespace + - AllNamespaces + supported: + type: boolean + description: Represents if the install mode type is supported + deployments: + type: array + description: List of deployments to create + items: + type: object + description: A name and deployment to create in the cluster + required: + - name + - spec + properties: + name: + type: string + description: the consistent name of the deployment + spec: + type: object + description: The deployment spec to create in the cluster + permissions: + type: array + description: Permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection + - initialize + - use + clusterPermissions: + type: array + description: Cluster permissions needed by the deployement to run correctly + items: + type: object + required: + - serviceAccountName + - rules + properties: + serviceAccountName: + type: string + description: The service account name to create for the deployment + rules: + type: array + items: + type: object + required: + - verbs + description: a rule required by the service account + properties: + apiGroups: + type: array + description: apiGroups the rule applies to + items: + type: string + resources: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + verbs: + type: array + items: + type: string + enum: + - "*" + - assign + - get + - list + - watch + - create + - update + - patch + - put + - post + - delete + - deletecollection + - initialize + - use + status: + type: object + description: Status for a ClusterServiceVersion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_04-installplan.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_04-installplan.crd.yaml new file mode 100644 index 000000000..d406d57c8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_04-installplan.crd.yaml @@ -0,0 +1,78 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: installplans.operators.coreos.com + annotations: + displayName: Install Plan + description: Represents a plan to install and resolve dependencies for Cluster Services +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: installplans + singular: installplan + kind: InstallPlan + listKind: InstallPlanList + shortNames: + - ip + categories: + - olm + additionalPrinterColumns: + - name: CSV + type: string + description: The first CSV in the list of clusterServiceVersionNames + JSONPath: .spec.clusterServiceVersionNames[0] + - name: Source + type: string + description: The catalog source for the specified CSVs. + JSONPath: .spec.source + - name: Approval + type: string + description: The approval mode + JSONPath: .spec.approval + - name: Approved + type: boolean + JSONPath: .spec.approved + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Represents a plan to install and resolve dependencies for Cluster Services. + properties: + spec: + type: object + description: Spec for an InstallPlan + required: + - clusterServiceVersionNames + - approval + properties: + source: + type: string + description: Name of the preferred CatalogSource + sourceNamespace: + type: string + description: Namespace that contains the preffered CatalogSource + clusterServiceVersionNames: + type: array + description: A list of the names of the Cluster Services + items: + type: string + anyOf: + - properties: + approval: + enum: + - Manual + approved: + type: boolean + required: + - approved + - properties: + approval: + enum: + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_05-subscription.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_05-subscription.crd.yaml new file mode 100644 index 000000000..f9aaf7ac6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_05-subscription.crd.yaml @@ -0,0 +1,73 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.operators.coreos.com + annotations: + displayName: Subscription + description: Subscribes service catalog to a source and channel to recieve updates for packages. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: subscriptions + singular: subscription + kind: Subscription + listKind: SubscriptionList + shortNames: + - sub + - subs + categories: + - olm + additionalPrinterColumns: + - name: Package + type: string + description: The package subscribed to + JSONPath: .spec.name + - name: Source + type: string + description: The catalog source for the specified package + JSONPath: .spec.source + - name: Channel + type: string + description: The channel of updates to subscribe to + JSONPath: .spec.channel + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: Subscribes service catalog to a source and channel to recieve updates for packages. + properties: + spec: + type: object + description: Spec for a Subscription + required: + - source + - name + properties: + source: + type: string + description: Name of a CatalogSource that defines where and how to find the channel + sourceNamespace: + type: string + description: The Kubernetes namespace where the CatalogSource used is located + name: + type: string + description: Name of the package that defines the application + channel: + type: string + description: Name of the channel to track + startingCSV: + type: string + description: Name of the AppType that this subscription tracks + installPlanApproval: + type: string + description: Approval mode for emitted InstallPlans + enum: + - Manual + - Automatic diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_06-catalogsource.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_06-catalogsource.crd.yaml new file mode 100644 index 000000000..17bdd214c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_06-catalogsource.crd.yaml @@ -0,0 +1,128 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: catalogsources.operators.coreos.com + annotations: + displayName: CatalogSource + description: A source configured to find packages and updates. +spec: + group: operators.coreos.com + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + plural: catalogsources + singular: catalogsource + kind: CatalogSource + listKind: CatalogSourceList + shortNames: + - catsrc + categories: + - olm + additionalPrinterColumns: + - name: Name + type: string + description: The pretty name of the catalog + JSONPath: .spec.displayName + - name: Type + type: string + description: The type of the catalog + JSONPath: .spec.sourceType + - name: Publisher + type: string + description: The publisher of the catalog + JSONPath: .spec.publisher + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A source configured to find packages and updates. + properties: + spec: + type: object + description: Spec for a catalog source. + required: + - sourceType + properties: + sourceType: + type: string + description: The type of the source. `configmap` is the new name for `internal` + enum: + - internal # deprecated + - configmap + - grpc + + configMap: + type: string + description: The name of a ConfigMap that holds the entries for an in-memory catalog. + + address: + type: string + description: An optional address. When set, directs OLM to connect to use a pre-existing registry server at this address. + + image: + type: string + description: An image that serves a grpc registry. Only valid for `grpc` sourceType. If both image and address are set, OLM does not use the address field. + + displayName: + type: string + description: Pretty name for display + + publisher: + type: string + description: The name of an entity that publishes this catalog + + secrets: + type: array + description: A set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry. + items: + type: string + description: A name of a secret in the namespace where the CatalogSource is defined. + status: + type: object + description: The status of the CatalogSource + properties: + configMapReference: + type: object + description: If sourceType is `internal` or `configmap`, then this holds a reference to the configmap associated with this CatalogSource. + properties: + name: + type: string + description: name of the configmap + namespace: + type: string + description: namespace of the configmap + resourceVersion: + type: string + description: resourceVersion of the configmap + uid: + type: string + description: uid of the configmap + registryService: + type: object + properties: + protocol: + type: string + description: protocol of the registry service + enum: + - grpc + serviceName: + type: string + description: name of the registry service + serviceNamespace: + type: string + description: namespace of the registry service + port: + type: string + description: port of the registry service + lastSync: + type: string + description: the last time the catalog was updated. If this time is less than the last updated time on the object, the catalog will be re-cached. + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_07-olm-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_07-olm-operator.deployment.yaml new file mode 100644 index 000000000..9e72fc0d9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_07-olm-operator.deployment.yaml @@ -0,0 +1,89 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: olm-operator + template: + metadata: + labels: + app: olm-operator + spec: + serviceAccountName: olm-operator-serviceaccount + priorityClassName: "system-cluster-critical" + containers: + - name: olm-operator + command: + - /bin/olm + args: + - -writeStatusName + - operator-lifecycle-manager + - -writePackageServerStatusName + - operator-lifecycle-manager-packageserver + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: olm-operator + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: olm-operator-serving-cert + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_08-catalog-operator.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_08-catalog-operator.deployment.yaml new file mode 100644 index 000000000..8a824f802 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_08-catalog-operator.deployment.yaml @@ -0,0 +1,84 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + strategy: + type: RollingUpdate + replicas: 1 + selector: + matchLabels: + app: catalog-operator + template: + metadata: + labels: + app: catalog-operator + spec: + serviceAccountName: olm-operator-serviceaccount + priorityClassName: "system-cluster-critical" + containers: + - name: catalog-operator + command: + - /bin/catalog + args: + - '-namespace' + - openshift-marketplace + - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest + - -writeStatusName + - operator-lifecycle-manager-catalog + - -tls-cert + - /var/run/secrets/serving-cert/tls.crt + - -tls-key + - /var/run/secrets/serving-cert/tls.key + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + - containerPort: 8081 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + terminationMessagePolicy: FallbackToLogsOnError + env: + + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + + + volumeMounts: + - mountPath: /var/run/secrets/serving-cert + name: serving-cert + + + volumes: + - name: serving-cert + secret: + secretName: catalog-operator-serving-cert + + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_09-aggregated.clusterrole.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_09-aggregated.clusterrole.yaml new file mode 100644 index 000000000..459092c39 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_09-aggregated.clusterrole.yaml @@ -0,0 +1,32 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-edit + labels: + # Add these permissions to the "admin" and "edit" default roles. + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["subscriptions"] + verbs: ["create", "update", "patch", "delete"] +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] + verbs: ["delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aggregate-olm-view + labels: + # Add these permissions to the "admin", "edit" and "view" default roles + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: +- apiGroups: ["operators.coreos.com"] + resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] + verbs: ["get", "list", "watch"] +- apiGroups: ["packages.operators.coreos.com"] + resources: ["packagemanifests"] + verbs: ["get", "list", "watch"] diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_10-operatorgroup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_10-operatorgroup.crd.yaml new file mode 100644 index 000000000..d0b44a4d9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_10-operatorgroup.crd.yaml @@ -0,0 +1,99 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: operatorgroups.operators.coreos.com +spec: + group: operators.coreos.com + version: v1 + versions: + - name: v1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false + names: + plural: operatorgroups + singular: operatorgroup + kind: OperatorGroup + listKind: OperatorGroupList + shortNames: + - og + categories: + - olm + scope: Namespaced + subresources: + # status enables the status subresource. + status: {} + validation: + openAPIV3Schema: + description: A grouping of namespaces for usage with an operator. + properties: + spec: + type: object + description: Spec for an OperatorGroup. + properties: + selector: + type: object + description: Optional label selector to find resources associated with or managed by the operator + anyOf: + - properties: + matchLabels: + type: object + description: Label key:value pairs to match directly + required: + - matchLabels + - properties: + matchExpressions: + type: array + description: A set of expressions to match against the resource. + items: + allOf: + - type: object + required: + - key + - operator + - values + properties: + key: + type: string + description: the key to match + operator: + type: string + description: the operator for the expression + enum: + - In + - NotIn + - Exists + - DoesNotExist + values: + type: array + description: set of values for the expression + required: + - matchExpressions + targetNamespaces: + type: array + description: Optional list of target namespaces. If set, OLM will ignore selector. + items: + type: string + pattern: ^\S+$ + serviceAccountName: + type: string + staticProvidedAPIs: + type: boolean + description: If true, OLM will not modify the OperatorGroup's providedAPIs annotation. + status: + type: object + description: The status of the OperatorGroup. + properties: + lastUpdated: + format: date-time + type: string + namespaces: + items: + type: string + type: array + required: + - lastUpdated + required: + - metadata diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_11-olm-operators.configmap.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_11-olm-operators.configmap.yaml new file mode 100644 index 000000000..852845ae1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_11-olm-operators.configmap.yaml @@ -0,0 +1,147 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +data: + customResourceDefinitions: |- + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: packageserver.v0.10.1 + namespace: openshift-operator-lifecycle-manager + labels: + olm.clusteroperator.name: operator-lifecycle-manager-packageserver + spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-marketplace + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.1 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 + packages: |- + - packageName: packageserver + channels: + - name: alpha + currentCSV: packageserver.v0.10.1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_12-olm-operators.catalogsource.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_12-olm-operators.catalogsource.yaml new file mode 100644 index 000000000..361818ada --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_12-olm-operators.catalogsource.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + sourceType: internal + configMap: olm-operators + displayName: OLM Operators + publisher: Red Hat diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_13-operatorgroup-default.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_13-operatorgroup-default.yaml new file mode 100644 index 000000000..3e030c3c3 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_13-operatorgroup-default.yaml @@ -0,0 +1,14 @@ +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: global-operators + namespace: openshift-operators +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: olm-operators + namespace: openshift-operator-lifecycle-manager +spec: + targetNamespaces: + - openshift-operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_14-packageserver.subscription.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_14-packageserver.subscription.yaml new file mode 100644 index 000000000..a995fa406 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_14-packageserver.subscription.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager +spec: + source: olm-operators + sourceNamespace: openshift-operator-lifecycle-manager + name: packageserver + channel: alpha diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_15-packageserver.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_15-packageserver.clusterserviceversion.yaml new file mode 100644 index 000000000..f79bfaec8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_15-packageserver.clusterserviceversion.yaml @@ -0,0 +1,134 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: packageserver.v0.10.1 + namespace: openshift-operator-lifecycle-manager + labels: + olm.clusteroperator.name: operator-lifecycle-manager-packageserver +spec: + displayName: Package Server + description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. + minKubeVersion: 1.11.0 + keywords: ['packagemanifests', 'olm', 'packages'] + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + provider: + name: Red Hat + links: + - name: Package Server + url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server + installModes: + - type: OwnNamespace + supported: true + - type: SingleNamespace + supported: true + - type: MultiNamespace + supported: true + - type: AllNamespaces + supported: true + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: packageserver + rules: + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "operators.coreos.com" + resources: + - catalogsources + verbs: + - get + - list + - watch + - apiGroups: + - "packages.operators.coreos.com" + resources: + - packagemanifests + verbs: + - get + - list + deployments: + - name: packageserver + spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-marketplace + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError + maturity: alpha + version: 0.10.1 + apiservicedefinitions: + owned: + - group: packages.operators.coreos.com + version: v1 + kind: PackageManifest + name: packagemanifests + displayName: PackageManifest + description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps + deploymentName: packageserver + containerPort: 5443 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_16-packageserver.deployment.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_16-packageserver.deployment.yaml new file mode 100644 index 000000000..3156420fa --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_16-packageserver.deployment.yaml @@ -0,0 +1,62 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: packageserver + namespace: openshift-operator-lifecycle-manager + labels: + app: packageserver +spec: + strategy: + type: RollingUpdate + replicas: 2 + selector: + matchLabels: + app: packageserver + template: + metadata: + labels: + app: packageserver + spec: + serviceAccountName: packageserver + priorityClassName: "system-cluster-critical" + nodeSelector: + beta.kubernetes.io/os: linux + node-role.kubernetes.io/master: "" + + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + + containers: + - name: packageserver + command: + - /bin/package-server + - -v=4 + - --secure-port + - "5443" + - --global-namespace + - openshift-marketplace + image: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5443 + livenessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + readinessProbe: + httpGet: + scheme: HTTPS + path: /healthz + port: 5443 + terminationMessagePolicy: FallbackToLogsOnError diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_18-service-monitor.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_18-service-monitor.yaml new file mode 100644 index 000000000..a26b23f32 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_18-service-monitor.yaml @@ -0,0 +1,91 @@ + +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: olm-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: olm-operator +spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: olm-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: olm-operator +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: catalog-operator + namespace: openshift-operator-lifecycle-manager + labels: + app: catalog-operator +spec: + jobLabel: k8s-app + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + metricRelabelings: + - action: drop + regex: etcd_(debugging|disk|request|server).* + sourceLabels: + - __name__ + port: https-metrics + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: catalog-operator-metrics.openshift-operator-lifecycle-manager.svc + jobLabel: component + namespaceSelector: + matchNames: + - openshift-operator-lifecycle-manager + selector: + matchLabels: + app: catalog-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: operator-lifecycle-manager-metrics +subjects: +- kind: ServiceAccount + name: prometheus-k8s + namespace: openshift-monitoring +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: operator-lifecycle-manager-metrics + namespace: openshift-operator-lifecycle-manager +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_99-operatorstatus.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_99-operatorstatus.yaml new file mode 100644 index 000000000..b49b60fa9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/0000_50_olm_99-operatorstatus.yaml @@ -0,0 +1,27 @@ + +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager +status: + versions: + - name: operator + version: "0.0.1-snapshot" +--- +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager-catalog +status: + versions: + - name: operator + version: "0.0.1-snapshot" +--- +apiVersion: config.openshift.io/v1 +kind: ClusterOperator +metadata: + name: operator-lifecycle-manager-packageserver +status: + versions: + - name: operator + version: "0.0.1-snapshot" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/image-references b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/image-references new file mode 100644 index 000000000..8072c08ae --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/manifests/image-references @@ -0,0 +1,13 @@ + +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: operator-lifecycle-manager + from: + kind: DockerImage + name: quay.io/operator-framework/olm@sha256:f965474776bada158e4bf7be5c84b54460843e7478f06060990d2fdeb31b0b90 + - name: operator-registry + from: + kind: DockerImage + name: quay.io/operator-framework/configmap-operator-registry:latest diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/mockgen.Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/mockgen.Dockerfile new file mode 100644 index 000000000..af13da401 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/mockgen.Dockerfile @@ -0,0 +1,12 @@ +FROM golang:1.12 +WORKDIR /operator-lifecycle-manager +COPY Makefile Makefile +COPY cmd cmd +COPY pkg pkg +COPY vendor vendor +COPY go.mod go.mod +COPY go.sum go.sum +COPY scripts/generate_mocks.sh scripts/generate_mocks.sh +COPY boilerplate.go.txt boilerplate.go.txt +RUN chmod +x scripts/generate_mocks.sh && \ + make mockgen \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/client.go new file mode 100644 index 000000000..fb4c90c3f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/client.go @@ -0,0 +1,27 @@ +package client + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "k8s.io/client-go/rest" +) + +// NewClient creates a client that can interact with OLM resources in k8s api +func NewClient(kubeconfig string) (client versioned.Interface, err error) { + var config *rest.Config + config, err = getConfig(kubeconfig) + if err != nil { + return + } + return versioned.NewForConfig(config) +} + +// NewInternalClient creates a client that can interact with OLM resources in the k8s api using internal versions. +func NewInternalClient(kubeconfig string) (client internalversion.Interface, err error) { + var config *rest.Config + config, err = getConfig(kubeconfig) + if err != nil { + return + } + return internalversion.NewForConfig(config) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/clientset.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/clientset.go new file mode 100644 index 000000000..f3c972328 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/clientset.go @@ -0,0 +1,90 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + operatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + Operators() operatorsinternalversion.OperatorsInterface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + operators *operatorsinternalversion.OperatorsClient +} + +// Operators retrieves the OperatorsClient +func (c *Clientset) Operators() operatorsinternalversion.OperatorsInterface { + return c.operators +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.operators, err = operatorsinternalversion.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.operators = operatorsinternalversion.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.operators = operatorsinternalversion.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/doc.go new file mode 100644 index 000000000..676a0fe25 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package internalversion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/clientset_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/clientset_generated.go new file mode 100644 index 000000000..c4ddc663a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/clientset_generated.go @@ -0,0 +1,77 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + operatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion" + fakeoperatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +var _ clientset.Interface = &Clientset{} + +// Operators retrieves the OperatorsClient +func (c *Clientset) Operators() operatorsinternalversion.OperatorsInterface { + return &fakeoperatorsinternalversion.FakeOperators{Fake: &c.Fake} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/doc.go new file mode 100644 index 000000000..ee22a9450 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/register.go new file mode 100644 index 000000000..2312d48f4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/fake/register.go @@ -0,0 +1,56 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) +var parameterCodec = runtime.NewParameterCodec(scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + operatorsinternalversion.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme/doc.go new file mode 100644 index 000000000..25323d108 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme/register.go new file mode 100644 index 000000000..074282381 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme/register.go @@ -0,0 +1,41 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/install" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + Install(Scheme) +} + +// Install registers the API group and adds types to a scheme +func Install(scheme *runtime.Scheme) { + operators.Install(scheme) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/catalogsource.go new file mode 100644 index 000000000..261fab027 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/catalogsource.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CatalogSourcesGetter has a method to return a CatalogSourceInterface. +// A group's client should implement this interface. +type CatalogSourcesGetter interface { + CatalogSources(namespace string) CatalogSourceInterface +} + +// CatalogSourceInterface has methods to work with CatalogSource resources. +type CatalogSourceInterface interface { + Create(*operators.CatalogSource) (*operators.CatalogSource, error) + Update(*operators.CatalogSource) (*operators.CatalogSource, error) + UpdateStatus(*operators.CatalogSource) (*operators.CatalogSource, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*operators.CatalogSource, error) + List(opts v1.ListOptions) (*operators.CatalogSourceList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.CatalogSource, err error) + CatalogSourceExpansion +} + +// catalogSources implements CatalogSourceInterface +type catalogSources struct { + client rest.Interface + ns string +} + +// newCatalogSources returns a CatalogSources +func newCatalogSources(c *OperatorsClient, namespace string) *catalogSources { + return &catalogSources{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the catalogSource, and returns the corresponding catalogSource object, and an error if there is any. +func (c *catalogSources) Get(name string, options v1.GetOptions) (result *operators.CatalogSource, err error) { + result = &operators.CatalogSource{} + err = c.client.Get(). + Namespace(c.ns). + Resource("catalogsources"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of CatalogSources that match those selectors. +func (c *catalogSources) List(opts v1.ListOptions) (result *operators.CatalogSourceList, err error) { + result = &operators.CatalogSourceList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("catalogsources"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested catalogSources. +func (c *catalogSources) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("catalogsources"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a catalogSource and creates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *catalogSources) Create(catalogSource *operators.CatalogSource) (result *operators.CatalogSource, err error) { + result = &operators.CatalogSource{} + err = c.client.Post(). + Namespace(c.ns). + Resource("catalogsources"). + Body(catalogSource). + Do(). + Into(result) + return +} + +// Update takes the representation of a catalogSource and updates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *catalogSources) Update(catalogSource *operators.CatalogSource) (result *operators.CatalogSource, err error) { + result = &operators.CatalogSource{} + err = c.client.Put(). + Namespace(c.ns). + Resource("catalogsources"). + Name(catalogSource.Name). + Body(catalogSource). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *catalogSources) UpdateStatus(catalogSource *operators.CatalogSource) (result *operators.CatalogSource, err error) { + result = &operators.CatalogSource{} + err = c.client.Put(). + Namespace(c.ns). + Resource("catalogsources"). + Name(catalogSource.Name). + SubResource("status"). + Body(catalogSource). + Do(). + Into(result) + return +} + +// Delete takes name of the catalogSource and deletes it. Returns an error if one occurs. +func (c *catalogSources) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("catalogsources"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *catalogSources) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("catalogsources"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched catalogSource. +func (c *catalogSources) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.CatalogSource, err error) { + result = &operators.CatalogSource{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("catalogsources"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/clusterserviceversion.go new file mode 100644 index 000000000..538ef1d44 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/clusterserviceversion.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ClusterServiceVersionsGetter has a method to return a ClusterServiceVersionInterface. +// A group's client should implement this interface. +type ClusterServiceVersionsGetter interface { + ClusterServiceVersions(namespace string) ClusterServiceVersionInterface +} + +// ClusterServiceVersionInterface has methods to work with ClusterServiceVersion resources. +type ClusterServiceVersionInterface interface { + Create(*operators.ClusterServiceVersion) (*operators.ClusterServiceVersion, error) + Update(*operators.ClusterServiceVersion) (*operators.ClusterServiceVersion, error) + UpdateStatus(*operators.ClusterServiceVersion) (*operators.ClusterServiceVersion, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*operators.ClusterServiceVersion, error) + List(opts v1.ListOptions) (*operators.ClusterServiceVersionList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.ClusterServiceVersion, err error) + ClusterServiceVersionExpansion +} + +// clusterServiceVersions implements ClusterServiceVersionInterface +type clusterServiceVersions struct { + client rest.Interface + ns string +} + +// newClusterServiceVersions returns a ClusterServiceVersions +func newClusterServiceVersions(c *OperatorsClient, namespace string) *clusterServiceVersions { + return &clusterServiceVersions{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the clusterServiceVersion, and returns the corresponding clusterServiceVersion object, and an error if there is any. +func (c *clusterServiceVersions) Get(name string, options v1.GetOptions) (result *operators.ClusterServiceVersion, err error) { + result = &operators.ClusterServiceVersion{} + err = c.client.Get(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ClusterServiceVersions that match those selectors. +func (c *clusterServiceVersions) List(opts v1.ListOptions) (result *operators.ClusterServiceVersionList, err error) { + result = &operators.ClusterServiceVersionList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("clusterserviceversions"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested clusterServiceVersions. +func (c *clusterServiceVersions) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("clusterserviceversions"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a clusterServiceVersion and creates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *clusterServiceVersions) Create(clusterServiceVersion *operators.ClusterServiceVersion) (result *operators.ClusterServiceVersion, err error) { + result = &operators.ClusterServiceVersion{} + err = c.client.Post(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Body(clusterServiceVersion). + Do(). + Into(result) + return +} + +// Update takes the representation of a clusterServiceVersion and updates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *clusterServiceVersions) Update(clusterServiceVersion *operators.ClusterServiceVersion) (result *operators.ClusterServiceVersion, err error) { + result = &operators.ClusterServiceVersion{} + err = c.client.Put(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(clusterServiceVersion.Name). + Body(clusterServiceVersion). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *clusterServiceVersions) UpdateStatus(clusterServiceVersion *operators.ClusterServiceVersion) (result *operators.ClusterServiceVersion, err error) { + result = &operators.ClusterServiceVersion{} + err = c.client.Put(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(clusterServiceVersion.Name). + SubResource("status"). + Body(clusterServiceVersion). + Do(). + Into(result) + return +} + +// Delete takes name of the clusterServiceVersion and deletes it. Returns an error if one occurs. +func (c *clusterServiceVersions) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *clusterServiceVersions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("clusterserviceversions"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched clusterServiceVersion. +func (c *clusterServiceVersions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.ClusterServiceVersion, err error) { + result = &operators.ClusterServiceVersion{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("clusterserviceversions"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/doc.go new file mode 100644 index 000000000..8be96d732 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package internalversion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/doc.go new file mode 100644 index 000000000..da6f0eb8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_catalogsource.go new file mode 100644 index 000000000..390ed7766 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_catalogsource.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeCatalogSources implements CatalogSourceInterface +type FakeCatalogSources struct { + Fake *FakeOperators + ns string +} + +var catalogsourcesResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "", Resource: "catalogsources"} + +var catalogsourcesKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "", Kind: "CatalogSource"} + +// Get takes name of the catalogSource, and returns the corresponding catalogSource object, and an error if there is any. +func (c *FakeCatalogSources) Get(name string, options v1.GetOptions) (result *operators.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(catalogsourcesResource, c.ns, name), &operators.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.CatalogSource), err +} + +// List takes label and field selectors, and returns the list of CatalogSources that match those selectors. +func (c *FakeCatalogSources) List(opts v1.ListOptions) (result *operators.CatalogSourceList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(catalogsourcesResource, catalogsourcesKind, c.ns, opts), &operators.CatalogSourceList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operators.CatalogSourceList{ListMeta: obj.(*operators.CatalogSourceList).ListMeta} + for _, item := range obj.(*operators.CatalogSourceList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested catalogSources. +func (c *FakeCatalogSources) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(catalogsourcesResource, c.ns, opts)) + +} + +// Create takes the representation of a catalogSource and creates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *FakeCatalogSources) Create(catalogSource *operators.CatalogSource) (result *operators.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(catalogsourcesResource, c.ns, catalogSource), &operators.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.CatalogSource), err +} + +// Update takes the representation of a catalogSource and updates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *FakeCatalogSources) Update(catalogSource *operators.CatalogSource) (result *operators.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(catalogsourcesResource, c.ns, catalogSource), &operators.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.CatalogSource), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeCatalogSources) UpdateStatus(catalogSource *operators.CatalogSource) (*operators.CatalogSource, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(catalogsourcesResource, "status", c.ns, catalogSource), &operators.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.CatalogSource), err +} + +// Delete takes name of the catalogSource and deletes it. Returns an error if one occurs. +func (c *FakeCatalogSources) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(catalogsourcesResource, c.ns, name), &operators.CatalogSource{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeCatalogSources) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(catalogsourcesResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operators.CatalogSourceList{}) + return err +} + +// Patch applies the patch and returns the patched catalogSource. +func (c *FakeCatalogSources) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(catalogsourcesResource, c.ns, name, data, subresources...), &operators.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.CatalogSource), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_clusterserviceversion.go new file mode 100644 index 000000000..c9be38526 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_clusterserviceversion.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeClusterServiceVersions implements ClusterServiceVersionInterface +type FakeClusterServiceVersions struct { + Fake *FakeOperators + ns string +} + +var clusterserviceversionsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "", Resource: "clusterserviceversions"} + +var clusterserviceversionsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "", Kind: "ClusterServiceVersion"} + +// Get takes name of the clusterServiceVersion, and returns the corresponding clusterServiceVersion object, and an error if there is any. +func (c *FakeClusterServiceVersions) Get(name string, options v1.GetOptions) (result *operators.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(clusterserviceversionsResource, c.ns, name), &operators.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.ClusterServiceVersion), err +} + +// List takes label and field selectors, and returns the list of ClusterServiceVersions that match those selectors. +func (c *FakeClusterServiceVersions) List(opts v1.ListOptions) (result *operators.ClusterServiceVersionList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(clusterserviceversionsResource, clusterserviceversionsKind, c.ns, opts), &operators.ClusterServiceVersionList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operators.ClusterServiceVersionList{ListMeta: obj.(*operators.ClusterServiceVersionList).ListMeta} + for _, item := range obj.(*operators.ClusterServiceVersionList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested clusterServiceVersions. +func (c *FakeClusterServiceVersions) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(clusterserviceversionsResource, c.ns, opts)) + +} + +// Create takes the representation of a clusterServiceVersion and creates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *FakeClusterServiceVersions) Create(clusterServiceVersion *operators.ClusterServiceVersion) (result *operators.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(clusterserviceversionsResource, c.ns, clusterServiceVersion), &operators.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.ClusterServiceVersion), err +} + +// Update takes the representation of a clusterServiceVersion and updates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *FakeClusterServiceVersions) Update(clusterServiceVersion *operators.ClusterServiceVersion) (result *operators.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(clusterserviceversionsResource, c.ns, clusterServiceVersion), &operators.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.ClusterServiceVersion), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeClusterServiceVersions) UpdateStatus(clusterServiceVersion *operators.ClusterServiceVersion) (*operators.ClusterServiceVersion, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(clusterserviceversionsResource, "status", c.ns, clusterServiceVersion), &operators.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.ClusterServiceVersion), err +} + +// Delete takes name of the clusterServiceVersion and deletes it. Returns an error if one occurs. +func (c *FakeClusterServiceVersions) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(clusterserviceversionsResource, c.ns, name), &operators.ClusterServiceVersion{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeClusterServiceVersions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(clusterserviceversionsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operators.ClusterServiceVersionList{}) + return err +} + +// Patch applies the patch and returns the patched clusterServiceVersion. +func (c *FakeClusterServiceVersions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(clusterserviceversionsResource, c.ns, name, data, subresources...), &operators.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.ClusterServiceVersion), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_installplan.go new file mode 100644 index 000000000..10ff0f578 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_installplan.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeInstallPlans implements InstallPlanInterface +type FakeInstallPlans struct { + Fake *FakeOperators + ns string +} + +var installplansResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "", Resource: "installplans"} + +var installplansKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "", Kind: "InstallPlan"} + +// Get takes name of the installPlan, and returns the corresponding installPlan object, and an error if there is any. +func (c *FakeInstallPlans) Get(name string, options v1.GetOptions) (result *operators.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(installplansResource, c.ns, name), &operators.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.InstallPlan), err +} + +// List takes label and field selectors, and returns the list of InstallPlans that match those selectors. +func (c *FakeInstallPlans) List(opts v1.ListOptions) (result *operators.InstallPlanList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(installplansResource, installplansKind, c.ns, opts), &operators.InstallPlanList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operators.InstallPlanList{ListMeta: obj.(*operators.InstallPlanList).ListMeta} + for _, item := range obj.(*operators.InstallPlanList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested installPlans. +func (c *FakeInstallPlans) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(installplansResource, c.ns, opts)) + +} + +// Create takes the representation of a installPlan and creates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *FakeInstallPlans) Create(installPlan *operators.InstallPlan) (result *operators.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(installplansResource, c.ns, installPlan), &operators.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.InstallPlan), err +} + +// Update takes the representation of a installPlan and updates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *FakeInstallPlans) Update(installPlan *operators.InstallPlan) (result *operators.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(installplansResource, c.ns, installPlan), &operators.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.InstallPlan), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeInstallPlans) UpdateStatus(installPlan *operators.InstallPlan) (*operators.InstallPlan, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(installplansResource, "status", c.ns, installPlan), &operators.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.InstallPlan), err +} + +// Delete takes name of the installPlan and deletes it. Returns an error if one occurs. +func (c *FakeInstallPlans) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(installplansResource, c.ns, name), &operators.InstallPlan{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeInstallPlans) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(installplansResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operators.InstallPlanList{}) + return err +} + +// Patch applies the patch and returns the patched installPlan. +func (c *FakeInstallPlans) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(installplansResource, c.ns, name, data, subresources...), &operators.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.InstallPlan), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operatorgroup.go new file mode 100644 index 000000000..df972690e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operatorgroup.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeOperatorGroups implements OperatorGroupInterface +type FakeOperatorGroups struct { + Fake *FakeOperators + ns string +} + +var operatorgroupsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "", Resource: "operatorgroups"} + +var operatorgroupsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "", Kind: "OperatorGroup"} + +// Get takes name of the operatorGroup, and returns the corresponding operatorGroup object, and an error if there is any. +func (c *FakeOperatorGroups) Get(name string, options v1.GetOptions) (result *operators.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(operatorgroupsResource, c.ns, name), &operators.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.OperatorGroup), err +} + +// List takes label and field selectors, and returns the list of OperatorGroups that match those selectors. +func (c *FakeOperatorGroups) List(opts v1.ListOptions) (result *operators.OperatorGroupList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(operatorgroupsResource, operatorgroupsKind, c.ns, opts), &operators.OperatorGroupList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operators.OperatorGroupList{ListMeta: obj.(*operators.OperatorGroupList).ListMeta} + for _, item := range obj.(*operators.OperatorGroupList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested operatorGroups. +func (c *FakeOperatorGroups) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(operatorgroupsResource, c.ns, opts)) + +} + +// Create takes the representation of a operatorGroup and creates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *FakeOperatorGroups) Create(operatorGroup *operators.OperatorGroup) (result *operators.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(operatorgroupsResource, c.ns, operatorGroup), &operators.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.OperatorGroup), err +} + +// Update takes the representation of a operatorGroup and updates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *FakeOperatorGroups) Update(operatorGroup *operators.OperatorGroup) (result *operators.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(operatorgroupsResource, c.ns, operatorGroup), &operators.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.OperatorGroup), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeOperatorGroups) UpdateStatus(operatorGroup *operators.OperatorGroup) (*operators.OperatorGroup, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(operatorgroupsResource, "status", c.ns, operatorGroup), &operators.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.OperatorGroup), err +} + +// Delete takes name of the operatorGroup and deletes it. Returns an error if one occurs. +func (c *FakeOperatorGroups) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(operatorgroupsResource, c.ns, name), &operators.OperatorGroup{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeOperatorGroups) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(operatorgroupsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operators.OperatorGroupList{}) + return err +} + +// Patch applies the patch and returns the patched operatorGroup. +func (c *FakeOperatorGroups) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(operatorgroupsResource, c.ns, name, data, subresources...), &operators.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.OperatorGroup), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operators_client.go new file mode 100644 index 000000000..33dfca75c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operators_client.go @@ -0,0 +1,56 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeOperators struct { + *testing.Fake +} + +func (c *FakeOperators) CatalogSources(namespace string) internalversion.CatalogSourceInterface { + return &FakeCatalogSources{c, namespace} +} + +func (c *FakeOperators) ClusterServiceVersions(namespace string) internalversion.ClusterServiceVersionInterface { + return &FakeClusterServiceVersions{c, namespace} +} + +func (c *FakeOperators) InstallPlans(namespace string) internalversion.InstallPlanInterface { + return &FakeInstallPlans{c, namespace} +} + +func (c *FakeOperators) OperatorGroups(namespace string) internalversion.OperatorGroupInterface { + return &FakeOperatorGroups{c, namespace} +} + +func (c *FakeOperators) Subscriptions(namespace string) internalversion.SubscriptionInterface { + return &FakeSubscriptions{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeOperators) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_subscription.go new file mode 100644 index 000000000..f64f8e492 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/fake/fake_subscription.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeSubscriptions implements SubscriptionInterface +type FakeSubscriptions struct { + Fake *FakeOperators + ns string +} + +var subscriptionsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "", Resource: "subscriptions"} + +var subscriptionsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "", Kind: "Subscription"} + +// Get takes name of the subscription, and returns the corresponding subscription object, and an error if there is any. +func (c *FakeSubscriptions) Get(name string, options v1.GetOptions) (result *operators.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(subscriptionsResource, c.ns, name), &operators.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.Subscription), err +} + +// List takes label and field selectors, and returns the list of Subscriptions that match those selectors. +func (c *FakeSubscriptions) List(opts v1.ListOptions) (result *operators.SubscriptionList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(subscriptionsResource, subscriptionsKind, c.ns, opts), &operators.SubscriptionList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operators.SubscriptionList{ListMeta: obj.(*operators.SubscriptionList).ListMeta} + for _, item := range obj.(*operators.SubscriptionList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested subscriptions. +func (c *FakeSubscriptions) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(subscriptionsResource, c.ns, opts)) + +} + +// Create takes the representation of a subscription and creates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *FakeSubscriptions) Create(subscription *operators.Subscription) (result *operators.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(subscriptionsResource, c.ns, subscription), &operators.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.Subscription), err +} + +// Update takes the representation of a subscription and updates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *FakeSubscriptions) Update(subscription *operators.Subscription) (result *operators.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(subscriptionsResource, c.ns, subscription), &operators.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.Subscription), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeSubscriptions) UpdateStatus(subscription *operators.Subscription) (*operators.Subscription, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(subscriptionsResource, "status", c.ns, subscription), &operators.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.Subscription), err +} + +// Delete takes name of the subscription and deletes it. Returns an error if one occurs. +func (c *FakeSubscriptions) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(subscriptionsResource, c.ns, name), &operators.Subscription{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeSubscriptions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(subscriptionsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operators.SubscriptionList{}) + return err +} + +// Patch applies the patch and returns the patched subscription. +func (c *FakeSubscriptions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(subscriptionsResource, c.ns, name, data, subresources...), &operators.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.Subscription), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/generated_expansion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/generated_expansion.go new file mode 100644 index 000000000..53a97af94 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/generated_expansion.go @@ -0,0 +1,29 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +type CatalogSourceExpansion interface{} + +type ClusterServiceVersionExpansion interface{} + +type InstallPlanExpansion interface{} + +type OperatorGroupExpansion interface{} + +type SubscriptionExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/installplan.go new file mode 100644 index 000000000..ee106eed4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/installplan.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// InstallPlansGetter has a method to return a InstallPlanInterface. +// A group's client should implement this interface. +type InstallPlansGetter interface { + InstallPlans(namespace string) InstallPlanInterface +} + +// InstallPlanInterface has methods to work with InstallPlan resources. +type InstallPlanInterface interface { + Create(*operators.InstallPlan) (*operators.InstallPlan, error) + Update(*operators.InstallPlan) (*operators.InstallPlan, error) + UpdateStatus(*operators.InstallPlan) (*operators.InstallPlan, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*operators.InstallPlan, error) + List(opts v1.ListOptions) (*operators.InstallPlanList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.InstallPlan, err error) + InstallPlanExpansion +} + +// installPlans implements InstallPlanInterface +type installPlans struct { + client rest.Interface + ns string +} + +// newInstallPlans returns a InstallPlans +func newInstallPlans(c *OperatorsClient, namespace string) *installPlans { + return &installPlans{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the installPlan, and returns the corresponding installPlan object, and an error if there is any. +func (c *installPlans) Get(name string, options v1.GetOptions) (result *operators.InstallPlan, err error) { + result = &operators.InstallPlan{} + err = c.client.Get(). + Namespace(c.ns). + Resource("installplans"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of InstallPlans that match those selectors. +func (c *installPlans) List(opts v1.ListOptions) (result *operators.InstallPlanList, err error) { + result = &operators.InstallPlanList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("installplans"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested installPlans. +func (c *installPlans) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("installplans"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a installPlan and creates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *installPlans) Create(installPlan *operators.InstallPlan) (result *operators.InstallPlan, err error) { + result = &operators.InstallPlan{} + err = c.client.Post(). + Namespace(c.ns). + Resource("installplans"). + Body(installPlan). + Do(). + Into(result) + return +} + +// Update takes the representation of a installPlan and updates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *installPlans) Update(installPlan *operators.InstallPlan) (result *operators.InstallPlan, err error) { + result = &operators.InstallPlan{} + err = c.client.Put(). + Namespace(c.ns). + Resource("installplans"). + Name(installPlan.Name). + Body(installPlan). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *installPlans) UpdateStatus(installPlan *operators.InstallPlan) (result *operators.InstallPlan, err error) { + result = &operators.InstallPlan{} + err = c.client.Put(). + Namespace(c.ns). + Resource("installplans"). + Name(installPlan.Name). + SubResource("status"). + Body(installPlan). + Do(). + Into(result) + return +} + +// Delete takes name of the installPlan and deletes it. Returns an error if one occurs. +func (c *installPlans) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("installplans"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *installPlans) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("installplans"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched installPlan. +func (c *installPlans) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.InstallPlan, err error) { + result = &operators.InstallPlan{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("installplans"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/operatorgroup.go new file mode 100644 index 000000000..b5ac235c2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/operatorgroup.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// OperatorGroupsGetter has a method to return a OperatorGroupInterface. +// A group's client should implement this interface. +type OperatorGroupsGetter interface { + OperatorGroups(namespace string) OperatorGroupInterface +} + +// OperatorGroupInterface has methods to work with OperatorGroup resources. +type OperatorGroupInterface interface { + Create(*operators.OperatorGroup) (*operators.OperatorGroup, error) + Update(*operators.OperatorGroup) (*operators.OperatorGroup, error) + UpdateStatus(*operators.OperatorGroup) (*operators.OperatorGroup, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*operators.OperatorGroup, error) + List(opts v1.ListOptions) (*operators.OperatorGroupList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.OperatorGroup, err error) + OperatorGroupExpansion +} + +// operatorGroups implements OperatorGroupInterface +type operatorGroups struct { + client rest.Interface + ns string +} + +// newOperatorGroups returns a OperatorGroups +func newOperatorGroups(c *OperatorsClient, namespace string) *operatorGroups { + return &operatorGroups{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the operatorGroup, and returns the corresponding operatorGroup object, and an error if there is any. +func (c *operatorGroups) Get(name string, options v1.GetOptions) (result *operators.OperatorGroup, err error) { + result = &operators.OperatorGroup{} + err = c.client.Get(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of OperatorGroups that match those selectors. +func (c *operatorGroups) List(opts v1.ListOptions) (result *operators.OperatorGroupList, err error) { + result = &operators.OperatorGroupList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("operatorgroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested operatorGroups. +func (c *operatorGroups) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("operatorgroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a operatorGroup and creates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *operatorGroups) Create(operatorGroup *operators.OperatorGroup) (result *operators.OperatorGroup, err error) { + result = &operators.OperatorGroup{} + err = c.client.Post(). + Namespace(c.ns). + Resource("operatorgroups"). + Body(operatorGroup). + Do(). + Into(result) + return +} + +// Update takes the representation of a operatorGroup and updates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *operatorGroups) Update(operatorGroup *operators.OperatorGroup) (result *operators.OperatorGroup, err error) { + result = &operators.OperatorGroup{} + err = c.client.Put(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(operatorGroup.Name). + Body(operatorGroup). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *operatorGroups) UpdateStatus(operatorGroup *operators.OperatorGroup) (result *operators.OperatorGroup, err error) { + result = &operators.OperatorGroup{} + err = c.client.Put(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(operatorGroup.Name). + SubResource("status"). + Body(operatorGroup). + Do(). + Into(result) + return +} + +// Delete takes name of the operatorGroup and deletes it. Returns an error if one occurs. +func (c *operatorGroups) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *operatorGroups) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("operatorgroups"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched operatorGroup. +func (c *operatorGroups) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.OperatorGroup, err error) { + result = &operators.OperatorGroup{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("operatorgroups"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/operators_client.go new file mode 100644 index 000000000..e23e9cd41 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/operators_client.go @@ -0,0 +1,116 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme" + rest "k8s.io/client-go/rest" +) + +type OperatorsInterface interface { + RESTClient() rest.Interface + CatalogSourcesGetter + ClusterServiceVersionsGetter + InstallPlansGetter + OperatorGroupsGetter + SubscriptionsGetter +} + +// OperatorsClient is used to interact with features provided by the operators.coreos.com group. +type OperatorsClient struct { + restClient rest.Interface +} + +func (c *OperatorsClient) CatalogSources(namespace string) CatalogSourceInterface { + return newCatalogSources(c, namespace) +} + +func (c *OperatorsClient) ClusterServiceVersions(namespace string) ClusterServiceVersionInterface { + return newClusterServiceVersions(c, namespace) +} + +func (c *OperatorsClient) InstallPlans(namespace string) InstallPlanInterface { + return newInstallPlans(c, namespace) +} + +func (c *OperatorsClient) OperatorGroups(namespace string) OperatorGroupInterface { + return newOperatorGroups(c, namespace) +} + +func (c *OperatorsClient) Subscriptions(namespace string) SubscriptionInterface { + return newSubscriptions(c, namespace) +} + +// NewForConfig creates a new OperatorsClient for the given config. +func NewForConfig(c *rest.Config) (*OperatorsClient, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &OperatorsClient{client}, nil +} + +// NewForConfigOrDie creates a new OperatorsClient for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *OperatorsClient { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new OperatorsClient for the given RESTClient. +func New(c rest.Interface) *OperatorsClient { + return &OperatorsClient{c} +} + +func setConfigDefaults(config *rest.Config) error { + config.APIPath = "/apis" + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + if config.GroupVersion == nil || config.GroupVersion.Group != scheme.Scheme.PrioritizedVersionsForGroup("operators.coreos.com")[0].Group { + gv := scheme.Scheme.PrioritizedVersionsForGroup("operators.coreos.com")[0] + config.GroupVersion = &gv + } + config.NegotiatedSerializer = scheme.Codecs + + if config.QPS == 0 { + config.QPS = 5 + } + if config.Burst == 0 { + config.Burst = 10 + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *OperatorsClient) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/subscription.go new file mode 100644 index 000000000..083247b83 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/typed/operators/internalversion/subscription.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// SubscriptionsGetter has a method to return a SubscriptionInterface. +// A group's client should implement this interface. +type SubscriptionsGetter interface { + Subscriptions(namespace string) SubscriptionInterface +} + +// SubscriptionInterface has methods to work with Subscription resources. +type SubscriptionInterface interface { + Create(*operators.Subscription) (*operators.Subscription, error) + Update(*operators.Subscription) (*operators.Subscription, error) + UpdateStatus(*operators.Subscription) (*operators.Subscription, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*operators.Subscription, error) + List(opts v1.ListOptions) (*operators.SubscriptionList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.Subscription, err error) + SubscriptionExpansion +} + +// subscriptions implements SubscriptionInterface +type subscriptions struct { + client rest.Interface + ns string +} + +// newSubscriptions returns a Subscriptions +func newSubscriptions(c *OperatorsClient, namespace string) *subscriptions { + return &subscriptions{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the subscription, and returns the corresponding subscription object, and an error if there is any. +func (c *subscriptions) Get(name string, options v1.GetOptions) (result *operators.Subscription, err error) { + result = &operators.Subscription{} + err = c.client.Get(). + Namespace(c.ns). + Resource("subscriptions"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Subscriptions that match those selectors. +func (c *subscriptions) List(opts v1.ListOptions) (result *operators.SubscriptionList, err error) { + result = &operators.SubscriptionList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("subscriptions"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested subscriptions. +func (c *subscriptions) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("subscriptions"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a subscription and creates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *subscriptions) Create(subscription *operators.Subscription) (result *operators.Subscription, err error) { + result = &operators.Subscription{} + err = c.client.Post(). + Namespace(c.ns). + Resource("subscriptions"). + Body(subscription). + Do(). + Into(result) + return +} + +// Update takes the representation of a subscription and updates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *subscriptions) Update(subscription *operators.Subscription) (result *operators.Subscription, err error) { + result = &operators.Subscription{} + err = c.client.Put(). + Namespace(c.ns). + Resource("subscriptions"). + Name(subscription.Name). + Body(subscription). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *subscriptions) UpdateStatus(subscription *operators.Subscription) (result *operators.Subscription, err error) { + result = &operators.Subscription{} + err = c.client.Put(). + Namespace(c.ns). + Resource("subscriptions"). + Name(subscription.Name). + SubResource("status"). + Body(subscription). + Do(). + Into(result) + return +} + +// Delete takes name of the subscription and deletes it. Returns an error if one occurs. +func (c *subscriptions) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("subscriptions"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *subscriptions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("subscriptions"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched subscription. +func (c *subscriptions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.Subscription, err error) { + result = &operators.Subscription{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("subscriptions"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/clientset.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/clientset.go new file mode 100644 index 000000000..011b18175 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/clientset.go @@ -0,0 +1,112 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1" + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + OperatorsV1alpha1() operatorsv1alpha1.OperatorsV1alpha1Interface + OperatorsV1() operatorsv1.OperatorsV1Interface + // Deprecated: please explicitly pick a version if possible. + Operators() operatorsv1.OperatorsV1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + operatorsV1alpha1 *operatorsv1alpha1.OperatorsV1alpha1Client + operatorsV1 *operatorsv1.OperatorsV1Client +} + +// OperatorsV1alpha1 retrieves the OperatorsV1alpha1Client +func (c *Clientset) OperatorsV1alpha1() operatorsv1alpha1.OperatorsV1alpha1Interface { + return c.operatorsV1alpha1 +} + +// OperatorsV1 retrieves the OperatorsV1Client +func (c *Clientset) OperatorsV1() operatorsv1.OperatorsV1Interface { + return c.operatorsV1 +} + +// Deprecated: Operators retrieves the default version of OperatorsClient. +// Please explicitly pick a version. +func (c *Clientset) Operators() operatorsv1.OperatorsV1Interface { + return c.operatorsV1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.operatorsV1alpha1, err = operatorsv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.operatorsV1, err = operatorsv1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.operatorsV1alpha1 = operatorsv1alpha1.NewForConfigOrDie(c) + cs.operatorsV1 = operatorsv1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.operatorsV1alpha1 = operatorsv1alpha1.New(c) + cs.operatorsV1 = operatorsv1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/doc.go new file mode 100644 index 000000000..b51d8e686 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/clientset_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 000000000..c188cb760 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1" + fakeoperatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake" + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1" + fakeoperatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +var _ clientset.Interface = &Clientset{} + +// OperatorsV1alpha1 retrieves the OperatorsV1alpha1Client +func (c *Clientset) OperatorsV1alpha1() operatorsv1alpha1.OperatorsV1alpha1Interface { + return &fakeoperatorsv1alpha1.FakeOperatorsV1alpha1{Fake: &c.Fake} +} + +// OperatorsV1 retrieves the OperatorsV1Client +func (c *Clientset) OperatorsV1() operatorsv1.OperatorsV1Interface { + return &fakeoperatorsv1.FakeOperatorsV1{Fake: &c.Fake} +} + +// Operators retrieves the OperatorsV1Client +func (c *Clientset) Operators() operatorsv1.OperatorsV1Interface { + return &fakeoperatorsv1.FakeOperatorsV1{Fake: &c.Fake} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/decorator.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/decorator.go new file mode 100644 index 000000000..1a9029574 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/decorator.go @@ -0,0 +1,85 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package fake + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/client-go/testing" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake" +) + +// ClientsetDecorator defines decorator methods for a Clientset. +type ClientsetDecorator interface { + // PrependReactor adds a reactor to the beginning of the chain. + PrependReactor(verb, resource string, reaction testing.ReactionFunc) +} + +// ReactionForwardingClientsetDecorator wraps a Clientset and "forwards" Action object mutations +// from all successful non-handling Reactors along the chain to the first handling Reactor. This is +// is a stopgap until we can upgrade to client-go v11.0, where the behavior is the default +// (see https://github.com/kubernetes/client-go/blob/6ee68ca5fd8355d024d02f9db0b3b667e8357a0f/testing/fake.go#L130). +type ReactionForwardingClientsetDecorator struct { + Clientset + ReactionChain []testing.Reactor // shadow embedded ReactionChain + actions []testing.Action // these may be castable to other types, but "Action" is the minimum +} + +// NewReactionForwardingClientsetDecorator returns the ReactionForwardingClientsetDecorator wrapped Clientset result +// of calling NewSimpleClientset with the given objects. +func NewReactionForwardingClientsetDecorator(objects []runtime.Object, options ...clientfake.Option) *ReactionForwardingClientsetDecorator { + decorator := &ReactionForwardingClientsetDecorator{ + Clientset: *NewSimpleClientset(objects...), + } + + // Swap out the embedded ReactionChain with a Reactor that reduces over the decorator's ReactionChain. + decorator.ReactionChain = decorator.Clientset.ReactionChain + decorator.Clientset.ReactionChain = []testing.Reactor{&testing.SimpleReactor{"*", "*", decorator.reduceReactions}} + + // Apply options + for _, option := range options { + option(decorator) + } + + return decorator +} + +// reduceReactions reduces over all reactions in the chain while "forwarding" Action object mutations +// from all successful non-handling Reactors along the chain to the first handling Reactor. +func (c *ReactionForwardingClientsetDecorator) reduceReactions(action testing.Action) (handled bool, ret runtime.Object, err error) { + // The embedded Client set is already locked, so there's no need to lock again + actionCopy := action.DeepCopy() + c.actions = append(c.actions, action.DeepCopy()) + for _, reactor := range c.ReactionChain { + if !reactor.Handles(actionCopy) { + continue + } + + handled, ret, err = reactor.React(actionCopy) + if !handled { + continue + } + + return + } + + return +} + +// PrependReactor adds a reactor to the beginning of the chain. +func (c *ReactionForwardingClientsetDecorator) PrependReactor(verb, resource string, reaction testing.ReactionFunc) { + c.ReactionChain = append([]testing.Reactor{&testing.SimpleReactor{verb, resource, reaction}}, c.ReactionChain...) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/doc.go new file mode 100644 index 000000000..ee22a9450 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/register.go new file mode 100644 index 000000000..a266a0771 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake/register.go @@ -0,0 +1,58 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) +var parameterCodec = runtime.NewParameterCodec(scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + operatorsv1alpha1.AddToScheme, + operatorsv1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme/doc.go new file mode 100644 index 000000000..25323d108 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme/register.go new file mode 100644 index 000000000..5201762e8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme/register.go @@ -0,0 +1,58 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + operatorsv1alpha1.AddToScheme, + operatorsv1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/doc.go new file mode 100644 index 000000000..00df41cd1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/doc.go new file mode 100644 index 000000000..da6f0eb8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/fake_operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/fake_operatorgroup.go new file mode 100644 index 000000000..66cbe80d4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/fake_operatorgroup.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeOperatorGroups implements OperatorGroupInterface +type FakeOperatorGroups struct { + Fake *FakeOperatorsV1 + ns string +} + +var operatorgroupsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "v1", Resource: "operatorgroups"} + +var operatorgroupsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "v1", Kind: "OperatorGroup"} + +// Get takes name of the operatorGroup, and returns the corresponding operatorGroup object, and an error if there is any. +func (c *FakeOperatorGroups) Get(name string, options v1.GetOptions) (result *operatorsv1.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(operatorgroupsResource, c.ns, name), &operatorsv1.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.OperatorGroup), err +} + +// List takes label and field selectors, and returns the list of OperatorGroups that match those selectors. +func (c *FakeOperatorGroups) List(opts v1.ListOptions) (result *operatorsv1.OperatorGroupList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(operatorgroupsResource, operatorgroupsKind, c.ns, opts), &operatorsv1.OperatorGroupList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operatorsv1.OperatorGroupList{ListMeta: obj.(*operatorsv1.OperatorGroupList).ListMeta} + for _, item := range obj.(*operatorsv1.OperatorGroupList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested operatorGroups. +func (c *FakeOperatorGroups) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(operatorgroupsResource, c.ns, opts)) + +} + +// Create takes the representation of a operatorGroup and creates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *FakeOperatorGroups) Create(operatorGroup *operatorsv1.OperatorGroup) (result *operatorsv1.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(operatorgroupsResource, c.ns, operatorGroup), &operatorsv1.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.OperatorGroup), err +} + +// Update takes the representation of a operatorGroup and updates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *FakeOperatorGroups) Update(operatorGroup *operatorsv1.OperatorGroup) (result *operatorsv1.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(operatorgroupsResource, c.ns, operatorGroup), &operatorsv1.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.OperatorGroup), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeOperatorGroups) UpdateStatus(operatorGroup *operatorsv1.OperatorGroup) (*operatorsv1.OperatorGroup, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(operatorgroupsResource, "status", c.ns, operatorGroup), &operatorsv1.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.OperatorGroup), err +} + +// Delete takes name of the operatorGroup and deletes it. Returns an error if one occurs. +func (c *FakeOperatorGroups) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(operatorgroupsResource, c.ns, name), &operatorsv1.OperatorGroup{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeOperatorGroups) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(operatorgroupsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operatorsv1.OperatorGroupList{}) + return err +} + +// Patch applies the patch and returns the patched operatorGroup. +func (c *FakeOperatorGroups) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operatorsv1.OperatorGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(operatorgroupsResource, c.ns, name, data, subresources...), &operatorsv1.OperatorGroup{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.OperatorGroup), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/fake_operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/fake_operators_client.go new file mode 100644 index 000000000..c17c772ba --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/fake/fake_operators_client.go @@ -0,0 +1,40 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeOperatorsV1 struct { + *testing.Fake +} + +func (c *FakeOperatorsV1) OperatorGroups(namespace string) v1.OperatorGroupInterface { + return &FakeOperatorGroups{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeOperatorsV1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/generated_expansion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/generated_expansion.go new file mode 100644 index 000000000..9140e192d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +type OperatorGroupExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/operatorgroup.go new file mode 100644 index 000000000..220d18e19 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/operatorgroup.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// OperatorGroupsGetter has a method to return a OperatorGroupInterface. +// A group's client should implement this interface. +type OperatorGroupsGetter interface { + OperatorGroups(namespace string) OperatorGroupInterface +} + +// OperatorGroupInterface has methods to work with OperatorGroup resources. +type OperatorGroupInterface interface { + Create(*v1.OperatorGroup) (*v1.OperatorGroup, error) + Update(*v1.OperatorGroup) (*v1.OperatorGroup, error) + UpdateStatus(*v1.OperatorGroup) (*v1.OperatorGroup, error) + Delete(name string, options *metav1.DeleteOptions) error + DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error + Get(name string, options metav1.GetOptions) (*v1.OperatorGroup, error) + List(opts metav1.ListOptions) (*v1.OperatorGroupList, error) + Watch(opts metav1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.OperatorGroup, err error) + OperatorGroupExpansion +} + +// operatorGroups implements OperatorGroupInterface +type operatorGroups struct { + client rest.Interface + ns string +} + +// newOperatorGroups returns a OperatorGroups +func newOperatorGroups(c *OperatorsV1Client, namespace string) *operatorGroups { + return &operatorGroups{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the operatorGroup, and returns the corresponding operatorGroup object, and an error if there is any. +func (c *operatorGroups) Get(name string, options metav1.GetOptions) (result *v1.OperatorGroup, err error) { + result = &v1.OperatorGroup{} + err = c.client.Get(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of OperatorGroups that match those selectors. +func (c *operatorGroups) List(opts metav1.ListOptions) (result *v1.OperatorGroupList, err error) { + result = &v1.OperatorGroupList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("operatorgroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested operatorGroups. +func (c *operatorGroups) Watch(opts metav1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("operatorgroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a operatorGroup and creates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *operatorGroups) Create(operatorGroup *v1.OperatorGroup) (result *v1.OperatorGroup, err error) { + result = &v1.OperatorGroup{} + err = c.client.Post(). + Namespace(c.ns). + Resource("operatorgroups"). + Body(operatorGroup). + Do(). + Into(result) + return +} + +// Update takes the representation of a operatorGroup and updates it. Returns the server's representation of the operatorGroup, and an error, if there is any. +func (c *operatorGroups) Update(operatorGroup *v1.OperatorGroup) (result *v1.OperatorGroup, err error) { + result = &v1.OperatorGroup{} + err = c.client.Put(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(operatorGroup.Name). + Body(operatorGroup). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *operatorGroups) UpdateStatus(operatorGroup *v1.OperatorGroup) (result *v1.OperatorGroup, err error) { + result = &v1.OperatorGroup{} + err = c.client.Put(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(operatorGroup.Name). + SubResource("status"). + Body(operatorGroup). + Do(). + Into(result) + return +} + +// Delete takes name of the operatorGroup and deletes it. Returns an error if one occurs. +func (c *operatorGroups) Delete(name string, options *metav1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("operatorgroups"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *operatorGroups) DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("operatorgroups"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched operatorGroup. +func (c *operatorGroups) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.OperatorGroup, err error) { + result = &v1.OperatorGroup{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("operatorgroups"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/operators_client.go new file mode 100644 index 000000000..4b7f10aca --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1/operators_client.go @@ -0,0 +1,90 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + rest "k8s.io/client-go/rest" +) + +type OperatorsV1Interface interface { + RESTClient() rest.Interface + OperatorGroupsGetter +} + +// OperatorsV1Client is used to interact with features provided by the operators.coreos.com group. +type OperatorsV1Client struct { + restClient rest.Interface +} + +func (c *OperatorsV1Client) OperatorGroups(namespace string) OperatorGroupInterface { + return newOperatorGroups(c, namespace) +} + +// NewForConfig creates a new OperatorsV1Client for the given config. +func NewForConfig(c *rest.Config) (*OperatorsV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &OperatorsV1Client{client}, nil +} + +// NewForConfigOrDie creates a new OperatorsV1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *OperatorsV1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new OperatorsV1Client for the given RESTClient. +func New(c rest.Interface) *OperatorsV1Client { + return &OperatorsV1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *OperatorsV1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/catalogsource.go new file mode 100644 index 000000000..4ccab676a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/catalogsource.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CatalogSourcesGetter has a method to return a CatalogSourceInterface. +// A group's client should implement this interface. +type CatalogSourcesGetter interface { + CatalogSources(namespace string) CatalogSourceInterface +} + +// CatalogSourceInterface has methods to work with CatalogSource resources. +type CatalogSourceInterface interface { + Create(*v1alpha1.CatalogSource) (*v1alpha1.CatalogSource, error) + Update(*v1alpha1.CatalogSource) (*v1alpha1.CatalogSource, error) + UpdateStatus(*v1alpha1.CatalogSource) (*v1alpha1.CatalogSource, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.CatalogSource, error) + List(opts v1.ListOptions) (*v1alpha1.CatalogSourceList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CatalogSource, err error) + CatalogSourceExpansion +} + +// catalogSources implements CatalogSourceInterface +type catalogSources struct { + client rest.Interface + ns string +} + +// newCatalogSources returns a CatalogSources +func newCatalogSources(c *OperatorsV1alpha1Client, namespace string) *catalogSources { + return &catalogSources{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the catalogSource, and returns the corresponding catalogSource object, and an error if there is any. +func (c *catalogSources) Get(name string, options v1.GetOptions) (result *v1alpha1.CatalogSource, err error) { + result = &v1alpha1.CatalogSource{} + err = c.client.Get(). + Namespace(c.ns). + Resource("catalogsources"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of CatalogSources that match those selectors. +func (c *catalogSources) List(opts v1.ListOptions) (result *v1alpha1.CatalogSourceList, err error) { + result = &v1alpha1.CatalogSourceList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("catalogsources"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested catalogSources. +func (c *catalogSources) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("catalogsources"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a catalogSource and creates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *catalogSources) Create(catalogSource *v1alpha1.CatalogSource) (result *v1alpha1.CatalogSource, err error) { + result = &v1alpha1.CatalogSource{} + err = c.client.Post(). + Namespace(c.ns). + Resource("catalogsources"). + Body(catalogSource). + Do(). + Into(result) + return +} + +// Update takes the representation of a catalogSource and updates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *catalogSources) Update(catalogSource *v1alpha1.CatalogSource) (result *v1alpha1.CatalogSource, err error) { + result = &v1alpha1.CatalogSource{} + err = c.client.Put(). + Namespace(c.ns). + Resource("catalogsources"). + Name(catalogSource.Name). + Body(catalogSource). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *catalogSources) UpdateStatus(catalogSource *v1alpha1.CatalogSource) (result *v1alpha1.CatalogSource, err error) { + result = &v1alpha1.CatalogSource{} + err = c.client.Put(). + Namespace(c.ns). + Resource("catalogsources"). + Name(catalogSource.Name). + SubResource("status"). + Body(catalogSource). + Do(). + Into(result) + return +} + +// Delete takes name of the catalogSource and deletes it. Returns an error if one occurs. +func (c *catalogSources) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("catalogsources"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *catalogSources) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("catalogsources"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched catalogSource. +func (c *catalogSources) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CatalogSource, err error) { + result = &v1alpha1.CatalogSource{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("catalogsources"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/clusterserviceversion.go new file mode 100644 index 000000000..a56a86a12 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/clusterserviceversion.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ClusterServiceVersionsGetter has a method to return a ClusterServiceVersionInterface. +// A group's client should implement this interface. +type ClusterServiceVersionsGetter interface { + ClusterServiceVersions(namespace string) ClusterServiceVersionInterface +} + +// ClusterServiceVersionInterface has methods to work with ClusterServiceVersion resources. +type ClusterServiceVersionInterface interface { + Create(*v1alpha1.ClusterServiceVersion) (*v1alpha1.ClusterServiceVersion, error) + Update(*v1alpha1.ClusterServiceVersion) (*v1alpha1.ClusterServiceVersion, error) + UpdateStatus(*v1alpha1.ClusterServiceVersion) (*v1alpha1.ClusterServiceVersion, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.ClusterServiceVersion, error) + List(opts v1.ListOptions) (*v1alpha1.ClusterServiceVersionList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterServiceVersion, err error) + ClusterServiceVersionExpansion +} + +// clusterServiceVersions implements ClusterServiceVersionInterface +type clusterServiceVersions struct { + client rest.Interface + ns string +} + +// newClusterServiceVersions returns a ClusterServiceVersions +func newClusterServiceVersions(c *OperatorsV1alpha1Client, namespace string) *clusterServiceVersions { + return &clusterServiceVersions{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the clusterServiceVersion, and returns the corresponding clusterServiceVersion object, and an error if there is any. +func (c *clusterServiceVersions) Get(name string, options v1.GetOptions) (result *v1alpha1.ClusterServiceVersion, err error) { + result = &v1alpha1.ClusterServiceVersion{} + err = c.client.Get(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ClusterServiceVersions that match those selectors. +func (c *clusterServiceVersions) List(opts v1.ListOptions) (result *v1alpha1.ClusterServiceVersionList, err error) { + result = &v1alpha1.ClusterServiceVersionList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("clusterserviceversions"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested clusterServiceVersions. +func (c *clusterServiceVersions) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("clusterserviceversions"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a clusterServiceVersion and creates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *clusterServiceVersions) Create(clusterServiceVersion *v1alpha1.ClusterServiceVersion) (result *v1alpha1.ClusterServiceVersion, err error) { + result = &v1alpha1.ClusterServiceVersion{} + err = c.client.Post(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Body(clusterServiceVersion). + Do(). + Into(result) + return +} + +// Update takes the representation of a clusterServiceVersion and updates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *clusterServiceVersions) Update(clusterServiceVersion *v1alpha1.ClusterServiceVersion) (result *v1alpha1.ClusterServiceVersion, err error) { + result = &v1alpha1.ClusterServiceVersion{} + err = c.client.Put(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(clusterServiceVersion.Name). + Body(clusterServiceVersion). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *clusterServiceVersions) UpdateStatus(clusterServiceVersion *v1alpha1.ClusterServiceVersion) (result *v1alpha1.ClusterServiceVersion, err error) { + result = &v1alpha1.ClusterServiceVersion{} + err = c.client.Put(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(clusterServiceVersion.Name). + SubResource("status"). + Body(clusterServiceVersion). + Do(). + Into(result) + return +} + +// Delete takes name of the clusterServiceVersion and deletes it. Returns an error if one occurs. +func (c *clusterServiceVersions) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("clusterserviceversions"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *clusterServiceVersions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("clusterserviceversions"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched clusterServiceVersion. +func (c *clusterServiceVersions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterServiceVersion, err error) { + result = &v1alpha1.ClusterServiceVersion{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("clusterserviceversions"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/doc.go new file mode 100644 index 000000000..06a90bb0e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/doc.go new file mode 100644 index 000000000..da6f0eb8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_catalogsource.go new file mode 100644 index 000000000..4e6ce7d6a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_catalogsource.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeCatalogSources implements CatalogSourceInterface +type FakeCatalogSources struct { + Fake *FakeOperatorsV1alpha1 + ns string +} + +var catalogsourcesResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "v1alpha1", Resource: "catalogsources"} + +var catalogsourcesKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "v1alpha1", Kind: "CatalogSource"} + +// Get takes name of the catalogSource, and returns the corresponding catalogSource object, and an error if there is any. +func (c *FakeCatalogSources) Get(name string, options v1.GetOptions) (result *v1alpha1.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(catalogsourcesResource, c.ns, name), &v1alpha1.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CatalogSource), err +} + +// List takes label and field selectors, and returns the list of CatalogSources that match those selectors. +func (c *FakeCatalogSources) List(opts v1.ListOptions) (result *v1alpha1.CatalogSourceList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(catalogsourcesResource, catalogsourcesKind, c.ns, opts), &v1alpha1.CatalogSourceList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.CatalogSourceList{ListMeta: obj.(*v1alpha1.CatalogSourceList).ListMeta} + for _, item := range obj.(*v1alpha1.CatalogSourceList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested catalogSources. +func (c *FakeCatalogSources) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(catalogsourcesResource, c.ns, opts)) + +} + +// Create takes the representation of a catalogSource and creates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *FakeCatalogSources) Create(catalogSource *v1alpha1.CatalogSource) (result *v1alpha1.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(catalogsourcesResource, c.ns, catalogSource), &v1alpha1.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CatalogSource), err +} + +// Update takes the representation of a catalogSource and updates it. Returns the server's representation of the catalogSource, and an error, if there is any. +func (c *FakeCatalogSources) Update(catalogSource *v1alpha1.CatalogSource) (result *v1alpha1.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(catalogsourcesResource, c.ns, catalogSource), &v1alpha1.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CatalogSource), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeCatalogSources) UpdateStatus(catalogSource *v1alpha1.CatalogSource) (*v1alpha1.CatalogSource, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(catalogsourcesResource, "status", c.ns, catalogSource), &v1alpha1.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CatalogSource), err +} + +// Delete takes name of the catalogSource and deletes it. Returns an error if one occurs. +func (c *FakeCatalogSources) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(catalogsourcesResource, c.ns, name), &v1alpha1.CatalogSource{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeCatalogSources) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(catalogsourcesResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.CatalogSourceList{}) + return err +} + +// Patch applies the patch and returns the patched catalogSource. +func (c *FakeCatalogSources) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CatalogSource, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(catalogsourcesResource, c.ns, name, data, subresources...), &v1alpha1.CatalogSource{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CatalogSource), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_clusterserviceversion.go new file mode 100644 index 000000000..167a36416 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_clusterserviceversion.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeClusterServiceVersions implements ClusterServiceVersionInterface +type FakeClusterServiceVersions struct { + Fake *FakeOperatorsV1alpha1 + ns string +} + +var clusterserviceversionsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "v1alpha1", Resource: "clusterserviceversions"} + +var clusterserviceversionsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "v1alpha1", Kind: "ClusterServiceVersion"} + +// Get takes name of the clusterServiceVersion, and returns the corresponding clusterServiceVersion object, and an error if there is any. +func (c *FakeClusterServiceVersions) Get(name string, options v1.GetOptions) (result *v1alpha1.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(clusterserviceversionsResource, c.ns, name), &v1alpha1.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterServiceVersion), err +} + +// List takes label and field selectors, and returns the list of ClusterServiceVersions that match those selectors. +func (c *FakeClusterServiceVersions) List(opts v1.ListOptions) (result *v1alpha1.ClusterServiceVersionList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(clusterserviceversionsResource, clusterserviceversionsKind, c.ns, opts), &v1alpha1.ClusterServiceVersionList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.ClusterServiceVersionList{ListMeta: obj.(*v1alpha1.ClusterServiceVersionList).ListMeta} + for _, item := range obj.(*v1alpha1.ClusterServiceVersionList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested clusterServiceVersions. +func (c *FakeClusterServiceVersions) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(clusterserviceversionsResource, c.ns, opts)) + +} + +// Create takes the representation of a clusterServiceVersion and creates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *FakeClusterServiceVersions) Create(clusterServiceVersion *v1alpha1.ClusterServiceVersion) (result *v1alpha1.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(clusterserviceversionsResource, c.ns, clusterServiceVersion), &v1alpha1.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterServiceVersion), err +} + +// Update takes the representation of a clusterServiceVersion and updates it. Returns the server's representation of the clusterServiceVersion, and an error, if there is any. +func (c *FakeClusterServiceVersions) Update(clusterServiceVersion *v1alpha1.ClusterServiceVersion) (result *v1alpha1.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(clusterserviceversionsResource, c.ns, clusterServiceVersion), &v1alpha1.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterServiceVersion), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeClusterServiceVersions) UpdateStatus(clusterServiceVersion *v1alpha1.ClusterServiceVersion) (*v1alpha1.ClusterServiceVersion, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(clusterserviceversionsResource, "status", c.ns, clusterServiceVersion), &v1alpha1.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterServiceVersion), err +} + +// Delete takes name of the clusterServiceVersion and deletes it. Returns an error if one occurs. +func (c *FakeClusterServiceVersions) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(clusterserviceversionsResource, c.ns, name), &v1alpha1.ClusterServiceVersion{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeClusterServiceVersions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(clusterserviceversionsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.ClusterServiceVersionList{}) + return err +} + +// Patch applies the patch and returns the patched clusterServiceVersion. +func (c *FakeClusterServiceVersions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ClusterServiceVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(clusterserviceversionsResource, c.ns, name, data, subresources...), &v1alpha1.ClusterServiceVersion{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterServiceVersion), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_installplan.go new file mode 100644 index 000000000..a54c1f66a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_installplan.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeInstallPlans implements InstallPlanInterface +type FakeInstallPlans struct { + Fake *FakeOperatorsV1alpha1 + ns string +} + +var installplansResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "v1alpha1", Resource: "installplans"} + +var installplansKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "v1alpha1", Kind: "InstallPlan"} + +// Get takes name of the installPlan, and returns the corresponding installPlan object, and an error if there is any. +func (c *FakeInstallPlans) Get(name string, options v1.GetOptions) (result *v1alpha1.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(installplansResource, c.ns, name), &v1alpha1.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.InstallPlan), err +} + +// List takes label and field selectors, and returns the list of InstallPlans that match those selectors. +func (c *FakeInstallPlans) List(opts v1.ListOptions) (result *v1alpha1.InstallPlanList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(installplansResource, installplansKind, c.ns, opts), &v1alpha1.InstallPlanList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.InstallPlanList{ListMeta: obj.(*v1alpha1.InstallPlanList).ListMeta} + for _, item := range obj.(*v1alpha1.InstallPlanList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested installPlans. +func (c *FakeInstallPlans) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(installplansResource, c.ns, opts)) + +} + +// Create takes the representation of a installPlan and creates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *FakeInstallPlans) Create(installPlan *v1alpha1.InstallPlan) (result *v1alpha1.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(installplansResource, c.ns, installPlan), &v1alpha1.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.InstallPlan), err +} + +// Update takes the representation of a installPlan and updates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *FakeInstallPlans) Update(installPlan *v1alpha1.InstallPlan) (result *v1alpha1.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(installplansResource, c.ns, installPlan), &v1alpha1.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.InstallPlan), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeInstallPlans) UpdateStatus(installPlan *v1alpha1.InstallPlan) (*v1alpha1.InstallPlan, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(installplansResource, "status", c.ns, installPlan), &v1alpha1.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.InstallPlan), err +} + +// Delete takes name of the installPlan and deletes it. Returns an error if one occurs. +func (c *FakeInstallPlans) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(installplansResource, c.ns, name), &v1alpha1.InstallPlan{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeInstallPlans) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(installplansResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.InstallPlanList{}) + return err +} + +// Patch applies the patch and returns the patched installPlan. +func (c *FakeInstallPlans) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.InstallPlan, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(installplansResource, c.ns, name, data, subresources...), &v1alpha1.InstallPlan{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.InstallPlan), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_operators_client.go new file mode 100644 index 000000000..c1c55e4c4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_operators_client.go @@ -0,0 +1,52 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeOperatorsV1alpha1 struct { + *testing.Fake +} + +func (c *FakeOperatorsV1alpha1) CatalogSources(namespace string) v1alpha1.CatalogSourceInterface { + return &FakeCatalogSources{c, namespace} +} + +func (c *FakeOperatorsV1alpha1) ClusterServiceVersions(namespace string) v1alpha1.ClusterServiceVersionInterface { + return &FakeClusterServiceVersions{c, namespace} +} + +func (c *FakeOperatorsV1alpha1) InstallPlans(namespace string) v1alpha1.InstallPlanInterface { + return &FakeInstallPlans{c, namespace} +} + +func (c *FakeOperatorsV1alpha1) Subscriptions(namespace string) v1alpha1.SubscriptionInterface { + return &FakeSubscriptions{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeOperatorsV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_subscription.go new file mode 100644 index 000000000..cca3fa2f9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/fake/fake_subscription.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeSubscriptions implements SubscriptionInterface +type FakeSubscriptions struct { + Fake *FakeOperatorsV1alpha1 + ns string +} + +var subscriptionsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "v1alpha1", Resource: "subscriptions"} + +var subscriptionsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "v1alpha1", Kind: "Subscription"} + +// Get takes name of the subscription, and returns the corresponding subscription object, and an error if there is any. +func (c *FakeSubscriptions) Get(name string, options v1.GetOptions) (result *v1alpha1.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(subscriptionsResource, c.ns, name), &v1alpha1.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Subscription), err +} + +// List takes label and field selectors, and returns the list of Subscriptions that match those selectors. +func (c *FakeSubscriptions) List(opts v1.ListOptions) (result *v1alpha1.SubscriptionList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(subscriptionsResource, subscriptionsKind, c.ns, opts), &v1alpha1.SubscriptionList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.SubscriptionList{ListMeta: obj.(*v1alpha1.SubscriptionList).ListMeta} + for _, item := range obj.(*v1alpha1.SubscriptionList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested subscriptions. +func (c *FakeSubscriptions) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(subscriptionsResource, c.ns, opts)) + +} + +// Create takes the representation of a subscription and creates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *FakeSubscriptions) Create(subscription *v1alpha1.Subscription) (result *v1alpha1.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(subscriptionsResource, c.ns, subscription), &v1alpha1.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Subscription), err +} + +// Update takes the representation of a subscription and updates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *FakeSubscriptions) Update(subscription *v1alpha1.Subscription) (result *v1alpha1.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(subscriptionsResource, c.ns, subscription), &v1alpha1.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Subscription), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeSubscriptions) UpdateStatus(subscription *v1alpha1.Subscription) (*v1alpha1.Subscription, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(subscriptionsResource, "status", c.ns, subscription), &v1alpha1.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Subscription), err +} + +// Delete takes name of the subscription and deletes it. Returns an error if one occurs. +func (c *FakeSubscriptions) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(subscriptionsResource, c.ns, name), &v1alpha1.Subscription{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeSubscriptions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(subscriptionsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.SubscriptionList{}) + return err +} + +// Patch applies the patch and returns the patched subscription. +func (c *FakeSubscriptions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Subscription, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(subscriptionsResource, c.ns, name, data, subresources...), &v1alpha1.Subscription{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Subscription), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/generated_expansion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/generated_expansion.go new file mode 100644 index 000000000..a5c22b6c0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/generated_expansion.go @@ -0,0 +1,27 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type CatalogSourceExpansion interface{} + +type ClusterServiceVersionExpansion interface{} + +type InstallPlanExpansion interface{} + +type SubscriptionExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/installplan.go new file mode 100644 index 000000000..1f7125e4c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/installplan.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// InstallPlansGetter has a method to return a InstallPlanInterface. +// A group's client should implement this interface. +type InstallPlansGetter interface { + InstallPlans(namespace string) InstallPlanInterface +} + +// InstallPlanInterface has methods to work with InstallPlan resources. +type InstallPlanInterface interface { + Create(*v1alpha1.InstallPlan) (*v1alpha1.InstallPlan, error) + Update(*v1alpha1.InstallPlan) (*v1alpha1.InstallPlan, error) + UpdateStatus(*v1alpha1.InstallPlan) (*v1alpha1.InstallPlan, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.InstallPlan, error) + List(opts v1.ListOptions) (*v1alpha1.InstallPlanList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.InstallPlan, err error) + InstallPlanExpansion +} + +// installPlans implements InstallPlanInterface +type installPlans struct { + client rest.Interface + ns string +} + +// newInstallPlans returns a InstallPlans +func newInstallPlans(c *OperatorsV1alpha1Client, namespace string) *installPlans { + return &installPlans{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the installPlan, and returns the corresponding installPlan object, and an error if there is any. +func (c *installPlans) Get(name string, options v1.GetOptions) (result *v1alpha1.InstallPlan, err error) { + result = &v1alpha1.InstallPlan{} + err = c.client.Get(). + Namespace(c.ns). + Resource("installplans"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of InstallPlans that match those selectors. +func (c *installPlans) List(opts v1.ListOptions) (result *v1alpha1.InstallPlanList, err error) { + result = &v1alpha1.InstallPlanList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("installplans"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested installPlans. +func (c *installPlans) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("installplans"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a installPlan and creates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *installPlans) Create(installPlan *v1alpha1.InstallPlan) (result *v1alpha1.InstallPlan, err error) { + result = &v1alpha1.InstallPlan{} + err = c.client.Post(). + Namespace(c.ns). + Resource("installplans"). + Body(installPlan). + Do(). + Into(result) + return +} + +// Update takes the representation of a installPlan and updates it. Returns the server's representation of the installPlan, and an error, if there is any. +func (c *installPlans) Update(installPlan *v1alpha1.InstallPlan) (result *v1alpha1.InstallPlan, err error) { + result = &v1alpha1.InstallPlan{} + err = c.client.Put(). + Namespace(c.ns). + Resource("installplans"). + Name(installPlan.Name). + Body(installPlan). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *installPlans) UpdateStatus(installPlan *v1alpha1.InstallPlan) (result *v1alpha1.InstallPlan, err error) { + result = &v1alpha1.InstallPlan{} + err = c.client.Put(). + Namespace(c.ns). + Resource("installplans"). + Name(installPlan.Name). + SubResource("status"). + Body(installPlan). + Do(). + Into(result) + return +} + +// Delete takes name of the installPlan and deletes it. Returns an error if one occurs. +func (c *installPlans) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("installplans"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *installPlans) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("installplans"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched installPlan. +func (c *installPlans) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.InstallPlan, err error) { + result = &v1alpha1.InstallPlan{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("installplans"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/operators_client.go new file mode 100644 index 000000000..a608557bb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/operators_client.go @@ -0,0 +1,105 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + rest "k8s.io/client-go/rest" +) + +type OperatorsV1alpha1Interface interface { + RESTClient() rest.Interface + CatalogSourcesGetter + ClusterServiceVersionsGetter + InstallPlansGetter + SubscriptionsGetter +} + +// OperatorsV1alpha1Client is used to interact with features provided by the operators.coreos.com group. +type OperatorsV1alpha1Client struct { + restClient rest.Interface +} + +func (c *OperatorsV1alpha1Client) CatalogSources(namespace string) CatalogSourceInterface { + return newCatalogSources(c, namespace) +} + +func (c *OperatorsV1alpha1Client) ClusterServiceVersions(namespace string) ClusterServiceVersionInterface { + return newClusterServiceVersions(c, namespace) +} + +func (c *OperatorsV1alpha1Client) InstallPlans(namespace string) InstallPlanInterface { + return newInstallPlans(c, namespace) +} + +func (c *OperatorsV1alpha1Client) Subscriptions(namespace string) SubscriptionInterface { + return newSubscriptions(c, namespace) +} + +// NewForConfig creates a new OperatorsV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*OperatorsV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &OperatorsV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new OperatorsV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *OperatorsV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new OperatorsV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *OperatorsV1alpha1Client { + return &OperatorsV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *OperatorsV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/subscription.go new file mode 100644 index 000000000..76adf6d79 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1/subscription.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// SubscriptionsGetter has a method to return a SubscriptionInterface. +// A group's client should implement this interface. +type SubscriptionsGetter interface { + Subscriptions(namespace string) SubscriptionInterface +} + +// SubscriptionInterface has methods to work with Subscription resources. +type SubscriptionInterface interface { + Create(*v1alpha1.Subscription) (*v1alpha1.Subscription, error) + Update(*v1alpha1.Subscription) (*v1alpha1.Subscription, error) + UpdateStatus(*v1alpha1.Subscription) (*v1alpha1.Subscription, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.Subscription, error) + List(opts v1.ListOptions) (*v1alpha1.SubscriptionList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Subscription, err error) + SubscriptionExpansion +} + +// subscriptions implements SubscriptionInterface +type subscriptions struct { + client rest.Interface + ns string +} + +// newSubscriptions returns a Subscriptions +func newSubscriptions(c *OperatorsV1alpha1Client, namespace string) *subscriptions { + return &subscriptions{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the subscription, and returns the corresponding subscription object, and an error if there is any. +func (c *subscriptions) Get(name string, options v1.GetOptions) (result *v1alpha1.Subscription, err error) { + result = &v1alpha1.Subscription{} + err = c.client.Get(). + Namespace(c.ns). + Resource("subscriptions"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Subscriptions that match those selectors. +func (c *subscriptions) List(opts v1.ListOptions) (result *v1alpha1.SubscriptionList, err error) { + result = &v1alpha1.SubscriptionList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("subscriptions"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested subscriptions. +func (c *subscriptions) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("subscriptions"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a subscription and creates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *subscriptions) Create(subscription *v1alpha1.Subscription) (result *v1alpha1.Subscription, err error) { + result = &v1alpha1.Subscription{} + err = c.client.Post(). + Namespace(c.ns). + Resource("subscriptions"). + Body(subscription). + Do(). + Into(result) + return +} + +// Update takes the representation of a subscription and updates it. Returns the server's representation of the subscription, and an error, if there is any. +func (c *subscriptions) Update(subscription *v1alpha1.Subscription) (result *v1alpha1.Subscription, err error) { + result = &v1alpha1.Subscription{} + err = c.client.Put(). + Namespace(c.ns). + Resource("subscriptions"). + Name(subscription.Name). + Body(subscription). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *subscriptions) UpdateStatus(subscription *v1alpha1.Subscription) (result *v1alpha1.Subscription, err error) { + result = &v1alpha1.Subscription{} + err = c.client.Put(). + Namespace(c.ns). + Resource("subscriptions"). + Name(subscription.Name). + SubResource("status"). + Body(subscription). + Do(). + Into(result) + return +} + +// Delete takes name of the subscription and deletes it. Returns an error if one occurs. +func (c *subscriptions) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("subscriptions"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *subscriptions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("subscriptions"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched subscription. +func (c *subscriptions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Subscription, err error) { + result = &v1alpha1.Subscription{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("subscriptions"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/factory.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/factory.go new file mode 100644 index 000000000..97552af36 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/factory.go @@ -0,0 +1,180 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Operators() operators.Interface +} + +func (f *sharedInformerFactory) Operators() operators.Interface { + return operators.New(f, f.namespace, f.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/generic.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/generic.go new file mode 100644 index 000000000..2491fee29 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/generic.go @@ -0,0 +1,73 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=operators.coreos.com, Version=v1 + case v1.SchemeGroupVersion.WithResource("operatorgroups"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().V1().OperatorGroups().Informer()}, nil + + // Group=operators.coreos.com, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("catalogsources"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().V1alpha1().CatalogSources().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("clusterserviceversions"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().V1alpha1().ClusterServiceVersions().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("installplans"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().V1alpha1().InstallPlans().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("subscriptions"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().V1alpha1().Subscriptions().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces/factory_interfaces.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 000000000..bab046d75 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,38 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/interface.go new file mode 100644 index 000000000..07907a18f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/interface.go @@ -0,0 +1,54 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package operators + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface + // V1 provides access to shared informers for resources in V1. + V1() v1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} + +// V1 returns a new v1.Interface. +func (g *group) V1() v1.Interface { + return v1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1/interface.go new file mode 100644 index 000000000..7ddd65c02 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // OperatorGroups returns a OperatorGroupInformer. + OperatorGroups() OperatorGroupInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// OperatorGroups returns a OperatorGroupInformer. +func (v *version) OperatorGroups() OperatorGroupInformer { + return &operatorGroupInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1/operatorgroup.go new file mode 100644 index 000000000..ea769041f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1/operatorgroup.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + time "time" + + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// OperatorGroupInformer provides access to a shared informer and lister for +// OperatorGroups. +type OperatorGroupInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1.OperatorGroupLister +} + +type operatorGroupInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewOperatorGroupInformer constructs a new informer for OperatorGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOperatorGroupInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredOperatorGroupInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredOperatorGroupInformer constructs a new informer for OperatorGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredOperatorGroupInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1().OperatorGroups(namespace).List(options) + }, + WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1().OperatorGroups(namespace).Watch(options) + }, + }, + &operatorsv1.OperatorGroup{}, + resyncPeriod, + indexers, + ) +} + +func (f *operatorGroupInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredOperatorGroupInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *operatorGroupInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operatorsv1.OperatorGroup{}, f.defaultInformer) +} + +func (f *operatorGroupInformer) Lister() v1.OperatorGroupLister { + return v1.NewOperatorGroupLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/catalogsource.go new file mode 100644 index 000000000..1fd065515 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/catalogsource.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// CatalogSourceInformer provides access to a shared informer and lister for +// CatalogSources. +type CatalogSourceInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.CatalogSourceLister +} + +type catalogSourceInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewCatalogSourceInformer constructs a new informer for CatalogSource type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCatalogSourceInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredCatalogSourceInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredCatalogSourceInformer constructs a new informer for CatalogSource type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredCatalogSourceInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().CatalogSources(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().CatalogSources(namespace).Watch(options) + }, + }, + &operatorsv1alpha1.CatalogSource{}, + resyncPeriod, + indexers, + ) +} + +func (f *catalogSourceInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredCatalogSourceInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *catalogSourceInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operatorsv1alpha1.CatalogSource{}, f.defaultInformer) +} + +func (f *catalogSourceInformer) Lister() v1alpha1.CatalogSourceLister { + return v1alpha1.NewCatalogSourceLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/clusterserviceversion.go new file mode 100644 index 000000000..66bed04fd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/clusterserviceversion.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ClusterServiceVersionInformer provides access to a shared informer and lister for +// ClusterServiceVersions. +type ClusterServiceVersionInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.ClusterServiceVersionLister +} + +type clusterServiceVersionInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewClusterServiceVersionInformer constructs a new informer for ClusterServiceVersion type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewClusterServiceVersionInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredClusterServiceVersionInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredClusterServiceVersionInformer constructs a new informer for ClusterServiceVersion type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredClusterServiceVersionInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().ClusterServiceVersions(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Watch(options) + }, + }, + &operatorsv1alpha1.ClusterServiceVersion{}, + resyncPeriod, + indexers, + ) +} + +func (f *clusterServiceVersionInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredClusterServiceVersionInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *clusterServiceVersionInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operatorsv1alpha1.ClusterServiceVersion{}, f.defaultInformer) +} + +func (f *clusterServiceVersionInformer) Lister() v1alpha1.ClusterServiceVersionLister { + return v1alpha1.NewClusterServiceVersionLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/installplan.go new file mode 100644 index 000000000..2a6f6c064 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/installplan.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// InstallPlanInformer provides access to a shared informer and lister for +// InstallPlans. +type InstallPlanInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.InstallPlanLister +} + +type installPlanInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewInstallPlanInformer constructs a new informer for InstallPlan type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewInstallPlanInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredInstallPlanInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredInstallPlanInformer constructs a new informer for InstallPlan type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredInstallPlanInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().InstallPlans(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().InstallPlans(namespace).Watch(options) + }, + }, + &operatorsv1alpha1.InstallPlan{}, + resyncPeriod, + indexers, + ) +} + +func (f *installPlanInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredInstallPlanInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *installPlanInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operatorsv1alpha1.InstallPlan{}, f.defaultInformer) +} + +func (f *installPlanInformer) Lister() v1alpha1.InstallPlanLister { + return v1alpha1.NewInstallPlanLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/interface.go new file mode 100644 index 000000000..02406e5fd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/interface.go @@ -0,0 +1,66 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // CatalogSources returns a CatalogSourceInformer. + CatalogSources() CatalogSourceInformer + // ClusterServiceVersions returns a ClusterServiceVersionInformer. + ClusterServiceVersions() ClusterServiceVersionInformer + // InstallPlans returns a InstallPlanInformer. + InstallPlans() InstallPlanInformer + // Subscriptions returns a SubscriptionInformer. + Subscriptions() SubscriptionInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// CatalogSources returns a CatalogSourceInformer. +func (v *version) CatalogSources() CatalogSourceInformer { + return &catalogSourceInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// ClusterServiceVersions returns a ClusterServiceVersionInformer. +func (v *version) ClusterServiceVersions() ClusterServiceVersionInformer { + return &clusterServiceVersionInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// InstallPlans returns a InstallPlanInformer. +func (v *version) InstallPlans() InstallPlanInformer { + return &installPlanInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// Subscriptions returns a SubscriptionInformer. +func (v *version) Subscriptions() SubscriptionInformer { + return &subscriptionInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/subscription.go new file mode 100644 index 000000000..c978fafb1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/operators/v1alpha1/subscription.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// SubscriptionInformer provides access to a shared informer and lister for +// Subscriptions. +type SubscriptionInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.SubscriptionLister +} + +type subscriptionInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewSubscriptionInformer constructs a new informer for Subscription type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewSubscriptionInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredSubscriptionInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredSubscriptionInformer constructs a new informer for Subscription type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredSubscriptionInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().Subscriptions(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1alpha1().Subscriptions(namespace).Watch(options) + }, + }, + &operatorsv1alpha1.Subscription{}, + resyncPeriod, + indexers, + ) +} + +func (f *subscriptionInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredSubscriptionInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *subscriptionInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operatorsv1alpha1.Subscription{}, f.defaultInformer) +} + +func (f *subscriptionInformer) Lister() v1alpha1.SubscriptionLister { + return v1alpha1.NewSubscriptionLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/factory.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/factory.go new file mode 100644 index 000000000..f9e13a396 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/factory.go @@ -0,0 +1,180 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + reflect "reflect" + sync "sync" + time "time" + + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client internalversion.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client internalversion.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client internalversion.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client internalversion.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Operators() operators.Interface +} + +func (f *sharedInformerFactory) Operators() operators.Interface { + return operators.New(f, f.namespace, f.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/generic.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/generic.go new file mode 100644 index 000000000..be474dfe4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/generic.go @@ -0,0 +1,70 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + "fmt" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=operators.coreos.com, Version=internalVersion + case operators.SchemeGroupVersion.WithResource("catalogsources"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().InternalVersion().CatalogSources().Informer()}, nil + case operators.SchemeGroupVersion.WithResource("clusterserviceversions"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().InternalVersion().ClusterServiceVersions().Informer()}, nil + case operators.SchemeGroupVersion.WithResource("installplans"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().InternalVersion().InstallPlans().Informer()}, nil + case operators.SchemeGroupVersion.WithResource("operatorgroups"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().InternalVersion().OperatorGroups().Informer()}, nil + case operators.SchemeGroupVersion.WithResource("subscriptions"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().InternalVersion().Subscriptions().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces/factory_interfaces.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces/factory_interfaces.go new file mode 100644 index 000000000..a0a06092b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces/factory_interfaces.go @@ -0,0 +1,38 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +type NewInformerFunc func(internalversion.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/interface.go new file mode 100644 index 000000000..f8d07b78b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/interface.go @@ -0,0 +1,46 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package operators + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // InternalVersion provides access to shared informers for resources in InternalVersion. + InternalVersion() internalversion.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// InternalVersion returns a new internalversion.Interface. +func (g *group) InternalVersion() internalversion.Interface { + return internalversion.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/catalogsource.go new file mode 100644 index 000000000..64a8102b3 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/catalogsource.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + clientsetinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// CatalogSourceInformer provides access to a shared informer and lister for +// CatalogSources. +type CatalogSourceInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.CatalogSourceLister +} + +type catalogSourceInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewCatalogSourceInformer constructs a new informer for CatalogSource type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCatalogSourceInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredCatalogSourceInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredCatalogSourceInformer constructs a new informer for CatalogSource type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredCatalogSourceInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().CatalogSources(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().CatalogSources(namespace).Watch(options) + }, + }, + &operators.CatalogSource{}, + resyncPeriod, + indexers, + ) +} + +func (f *catalogSourceInformer) defaultInformer(client clientsetinternalversion.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredCatalogSourceInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *catalogSourceInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operators.CatalogSource{}, f.defaultInformer) +} + +func (f *catalogSourceInformer) Lister() internalversion.CatalogSourceLister { + return internalversion.NewCatalogSourceLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/clusterserviceversion.go new file mode 100644 index 000000000..685f22df2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/clusterserviceversion.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + clientsetinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ClusterServiceVersionInformer provides access to a shared informer and lister for +// ClusterServiceVersions. +type ClusterServiceVersionInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.ClusterServiceVersionLister +} + +type clusterServiceVersionInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewClusterServiceVersionInformer constructs a new informer for ClusterServiceVersion type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewClusterServiceVersionInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredClusterServiceVersionInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredClusterServiceVersionInformer constructs a new informer for ClusterServiceVersion type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredClusterServiceVersionInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().ClusterServiceVersions(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().ClusterServiceVersions(namespace).Watch(options) + }, + }, + &operators.ClusterServiceVersion{}, + resyncPeriod, + indexers, + ) +} + +func (f *clusterServiceVersionInformer) defaultInformer(client clientsetinternalversion.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredClusterServiceVersionInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *clusterServiceVersionInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operators.ClusterServiceVersion{}, f.defaultInformer) +} + +func (f *clusterServiceVersionInformer) Lister() internalversion.ClusterServiceVersionLister { + return internalversion.NewClusterServiceVersionLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/installplan.go new file mode 100644 index 000000000..5ec8384b0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/installplan.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + clientsetinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// InstallPlanInformer provides access to a shared informer and lister for +// InstallPlans. +type InstallPlanInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.InstallPlanLister +} + +type installPlanInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewInstallPlanInformer constructs a new informer for InstallPlan type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewInstallPlanInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredInstallPlanInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredInstallPlanInformer constructs a new informer for InstallPlan type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredInstallPlanInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().InstallPlans(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().InstallPlans(namespace).Watch(options) + }, + }, + &operators.InstallPlan{}, + resyncPeriod, + indexers, + ) +} + +func (f *installPlanInformer) defaultInformer(client clientsetinternalversion.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredInstallPlanInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *installPlanInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operators.InstallPlan{}, f.defaultInformer) +} + +func (f *installPlanInformer) Lister() internalversion.InstallPlanLister { + return internalversion.NewInstallPlanLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/interface.go new file mode 100644 index 000000000..f7ecc6caf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/interface.go @@ -0,0 +1,73 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // CatalogSources returns a CatalogSourceInformer. + CatalogSources() CatalogSourceInformer + // ClusterServiceVersions returns a ClusterServiceVersionInformer. + ClusterServiceVersions() ClusterServiceVersionInformer + // InstallPlans returns a InstallPlanInformer. + InstallPlans() InstallPlanInformer + // OperatorGroups returns a OperatorGroupInformer. + OperatorGroups() OperatorGroupInformer + // Subscriptions returns a SubscriptionInformer. + Subscriptions() SubscriptionInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// CatalogSources returns a CatalogSourceInformer. +func (v *version) CatalogSources() CatalogSourceInformer { + return &catalogSourceInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// ClusterServiceVersions returns a ClusterServiceVersionInformer. +func (v *version) ClusterServiceVersions() ClusterServiceVersionInformer { + return &clusterServiceVersionInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// InstallPlans returns a InstallPlanInformer. +func (v *version) InstallPlans() InstallPlanInformer { + return &installPlanInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// OperatorGroups returns a OperatorGroupInformer. +func (v *version) OperatorGroups() OperatorGroupInformer { + return &operatorGroupInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// Subscriptions returns a SubscriptionInformer. +func (v *version) Subscriptions() SubscriptionInformer { + return &subscriptionInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/operatorgroup.go new file mode 100644 index 000000000..9e11c4d35 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/operatorgroup.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + clientsetinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// OperatorGroupInformer provides access to a shared informer and lister for +// OperatorGroups. +type OperatorGroupInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.OperatorGroupLister +} + +type operatorGroupInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewOperatorGroupInformer constructs a new informer for OperatorGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOperatorGroupInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredOperatorGroupInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredOperatorGroupInformer constructs a new informer for OperatorGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredOperatorGroupInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().OperatorGroups(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().OperatorGroups(namespace).Watch(options) + }, + }, + &operators.OperatorGroup{}, + resyncPeriod, + indexers, + ) +} + +func (f *operatorGroupInformer) defaultInformer(client clientsetinternalversion.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredOperatorGroupInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *operatorGroupInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operators.OperatorGroup{}, f.defaultInformer) +} + +func (f *operatorGroupInformer) Lister() internalversion.OperatorGroupLister { + return internalversion.NewOperatorGroupLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/subscription.go new file mode 100644 index 000000000..8f9d7c67f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/operators/internalversion/subscription.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + clientsetinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// SubscriptionInformer provides access to a shared informer and lister for +// Subscriptions. +type SubscriptionInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.SubscriptionLister +} + +type subscriptionInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewSubscriptionInformer constructs a new informer for Subscription type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewSubscriptionInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredSubscriptionInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredSubscriptionInformer constructs a new informer for Subscription type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredSubscriptionInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().Subscriptions(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().Subscriptions(namespace).Watch(options) + }, + }, + &operators.Subscription{}, + resyncPeriod, + indexers, + ) +} + +func (f *subscriptionInformer) defaultInformer(client clientsetinternalversion.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredSubscriptionInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *subscriptionInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operators.Subscription{}, f.defaultInformer) +} + +func (f *subscriptionInformer) Lister() internalversion.SubscriptionLister { + return internalversion.NewSubscriptionLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/catalogsource.go new file mode 100644 index 000000000..cb3569718 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/catalogsource.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// CatalogSourceLister helps list CatalogSources. +type CatalogSourceLister interface { + // List lists all CatalogSources in the indexer. + List(selector labels.Selector) (ret []*operators.CatalogSource, err error) + // CatalogSources returns an object that can list and get CatalogSources. + CatalogSources(namespace string) CatalogSourceNamespaceLister + CatalogSourceListerExpansion +} + +// catalogSourceLister implements the CatalogSourceLister interface. +type catalogSourceLister struct { + indexer cache.Indexer +} + +// NewCatalogSourceLister returns a new CatalogSourceLister. +func NewCatalogSourceLister(indexer cache.Indexer) CatalogSourceLister { + return &catalogSourceLister{indexer: indexer} +} + +// List lists all CatalogSources in the indexer. +func (s *catalogSourceLister) List(selector labels.Selector) (ret []*operators.CatalogSource, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*operators.CatalogSource)) + }) + return ret, err +} + +// CatalogSources returns an object that can list and get CatalogSources. +func (s *catalogSourceLister) CatalogSources(namespace string) CatalogSourceNamespaceLister { + return catalogSourceNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// CatalogSourceNamespaceLister helps list and get CatalogSources. +type CatalogSourceNamespaceLister interface { + // List lists all CatalogSources in the indexer for a given namespace. + List(selector labels.Selector) (ret []*operators.CatalogSource, err error) + // Get retrieves the CatalogSource from the indexer for a given namespace and name. + Get(name string) (*operators.CatalogSource, error) + CatalogSourceNamespaceListerExpansion +} + +// catalogSourceNamespaceLister implements the CatalogSourceNamespaceLister +// interface. +type catalogSourceNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all CatalogSources in the indexer for a given namespace. +func (s catalogSourceNamespaceLister) List(selector labels.Selector) (ret []*operators.CatalogSource, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*operators.CatalogSource)) + }) + return ret, err +} + +// Get retrieves the CatalogSource from the indexer for a given namespace and name. +func (s catalogSourceNamespaceLister) Get(name string) (*operators.CatalogSource, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(operators.Resource("catalogsource"), name) + } + return obj.(*operators.CatalogSource), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/clusterserviceversion.go new file mode 100644 index 000000000..f809db983 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/clusterserviceversion.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ClusterServiceVersionLister helps list ClusterServiceVersions. +type ClusterServiceVersionLister interface { + // List lists all ClusterServiceVersions in the indexer. + List(selector labels.Selector) (ret []*operators.ClusterServiceVersion, err error) + // ClusterServiceVersions returns an object that can list and get ClusterServiceVersions. + ClusterServiceVersions(namespace string) ClusterServiceVersionNamespaceLister + ClusterServiceVersionListerExpansion +} + +// clusterServiceVersionLister implements the ClusterServiceVersionLister interface. +type clusterServiceVersionLister struct { + indexer cache.Indexer +} + +// NewClusterServiceVersionLister returns a new ClusterServiceVersionLister. +func NewClusterServiceVersionLister(indexer cache.Indexer) ClusterServiceVersionLister { + return &clusterServiceVersionLister{indexer: indexer} +} + +// List lists all ClusterServiceVersions in the indexer. +func (s *clusterServiceVersionLister) List(selector labels.Selector) (ret []*operators.ClusterServiceVersion, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*operators.ClusterServiceVersion)) + }) + return ret, err +} + +// ClusterServiceVersions returns an object that can list and get ClusterServiceVersions. +func (s *clusterServiceVersionLister) ClusterServiceVersions(namespace string) ClusterServiceVersionNamespaceLister { + return clusterServiceVersionNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// ClusterServiceVersionNamespaceLister helps list and get ClusterServiceVersions. +type ClusterServiceVersionNamespaceLister interface { + // List lists all ClusterServiceVersions in the indexer for a given namespace. + List(selector labels.Selector) (ret []*operators.ClusterServiceVersion, err error) + // Get retrieves the ClusterServiceVersion from the indexer for a given namespace and name. + Get(name string) (*operators.ClusterServiceVersion, error) + ClusterServiceVersionNamespaceListerExpansion +} + +// clusterServiceVersionNamespaceLister implements the ClusterServiceVersionNamespaceLister +// interface. +type clusterServiceVersionNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all ClusterServiceVersions in the indexer for a given namespace. +func (s clusterServiceVersionNamespaceLister) List(selector labels.Selector) (ret []*operators.ClusterServiceVersion, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*operators.ClusterServiceVersion)) + }) + return ret, err +} + +// Get retrieves the ClusterServiceVersion from the indexer for a given namespace and name. +func (s clusterServiceVersionNamespaceLister) Get(name string) (*operators.ClusterServiceVersion, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(operators.Resource("clusterserviceversion"), name) + } + return obj.(*operators.ClusterServiceVersion), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/expansion_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/expansion_generated.go new file mode 100644 index 000000000..f14c90fcf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/expansion_generated.go @@ -0,0 +1,59 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +// CatalogSourceListerExpansion allows custom methods to be added to +// CatalogSourceLister. +type CatalogSourceListerExpansion interface{} + +// CatalogSourceNamespaceListerExpansion allows custom methods to be added to +// CatalogSourceNamespaceLister. +type CatalogSourceNamespaceListerExpansion interface{} + +// ClusterServiceVersionListerExpansion allows custom methods to be added to +// ClusterServiceVersionLister. +type ClusterServiceVersionListerExpansion interface{} + +// ClusterServiceVersionNamespaceListerExpansion allows custom methods to be added to +// ClusterServiceVersionNamespaceLister. +type ClusterServiceVersionNamespaceListerExpansion interface{} + +// InstallPlanListerExpansion allows custom methods to be added to +// InstallPlanLister. +type InstallPlanListerExpansion interface{} + +// InstallPlanNamespaceListerExpansion allows custom methods to be added to +// InstallPlanNamespaceLister. +type InstallPlanNamespaceListerExpansion interface{} + +// OperatorGroupListerExpansion allows custom methods to be added to +// OperatorGroupLister. +type OperatorGroupListerExpansion interface{} + +// OperatorGroupNamespaceListerExpansion allows custom methods to be added to +// OperatorGroupNamespaceLister. +type OperatorGroupNamespaceListerExpansion interface{} + +// SubscriptionListerExpansion allows custom methods to be added to +// SubscriptionLister. +type SubscriptionListerExpansion interface{} + +// SubscriptionNamespaceListerExpansion allows custom methods to be added to +// SubscriptionNamespaceLister. +type SubscriptionNamespaceListerExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/installplan.go new file mode 100644 index 000000000..5ec50992e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/installplan.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// InstallPlanLister helps list InstallPlans. +type InstallPlanLister interface { + // List lists all InstallPlans in the indexer. + List(selector labels.Selector) (ret []*operators.InstallPlan, err error) + // InstallPlans returns an object that can list and get InstallPlans. + InstallPlans(namespace string) InstallPlanNamespaceLister + InstallPlanListerExpansion +} + +// installPlanLister implements the InstallPlanLister interface. +type installPlanLister struct { + indexer cache.Indexer +} + +// NewInstallPlanLister returns a new InstallPlanLister. +func NewInstallPlanLister(indexer cache.Indexer) InstallPlanLister { + return &installPlanLister{indexer: indexer} +} + +// List lists all InstallPlans in the indexer. +func (s *installPlanLister) List(selector labels.Selector) (ret []*operators.InstallPlan, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*operators.InstallPlan)) + }) + return ret, err +} + +// InstallPlans returns an object that can list and get InstallPlans. +func (s *installPlanLister) InstallPlans(namespace string) InstallPlanNamespaceLister { + return installPlanNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// InstallPlanNamespaceLister helps list and get InstallPlans. +type InstallPlanNamespaceLister interface { + // List lists all InstallPlans in the indexer for a given namespace. + List(selector labels.Selector) (ret []*operators.InstallPlan, err error) + // Get retrieves the InstallPlan from the indexer for a given namespace and name. + Get(name string) (*operators.InstallPlan, error) + InstallPlanNamespaceListerExpansion +} + +// installPlanNamespaceLister implements the InstallPlanNamespaceLister +// interface. +type installPlanNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all InstallPlans in the indexer for a given namespace. +func (s installPlanNamespaceLister) List(selector labels.Selector) (ret []*operators.InstallPlan, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*operators.InstallPlan)) + }) + return ret, err +} + +// Get retrieves the InstallPlan from the indexer for a given namespace and name. +func (s installPlanNamespaceLister) Get(name string) (*operators.InstallPlan, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(operators.Resource("installplan"), name) + } + return obj.(*operators.InstallPlan), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/operatorgroup.go new file mode 100644 index 000000000..c5ae2390a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/operatorgroup.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OperatorGroupLister helps list OperatorGroups. +type OperatorGroupLister interface { + // List lists all OperatorGroups in the indexer. + List(selector labels.Selector) (ret []*operators.OperatorGroup, err error) + // OperatorGroups returns an object that can list and get OperatorGroups. + OperatorGroups(namespace string) OperatorGroupNamespaceLister + OperatorGroupListerExpansion +} + +// operatorGroupLister implements the OperatorGroupLister interface. +type operatorGroupLister struct { + indexer cache.Indexer +} + +// NewOperatorGroupLister returns a new OperatorGroupLister. +func NewOperatorGroupLister(indexer cache.Indexer) OperatorGroupLister { + return &operatorGroupLister{indexer: indexer} +} + +// List lists all OperatorGroups in the indexer. +func (s *operatorGroupLister) List(selector labels.Selector) (ret []*operators.OperatorGroup, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*operators.OperatorGroup)) + }) + return ret, err +} + +// OperatorGroups returns an object that can list and get OperatorGroups. +func (s *operatorGroupLister) OperatorGroups(namespace string) OperatorGroupNamespaceLister { + return operatorGroupNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OperatorGroupNamespaceLister helps list and get OperatorGroups. +type OperatorGroupNamespaceLister interface { + // List lists all OperatorGroups in the indexer for a given namespace. + List(selector labels.Selector) (ret []*operators.OperatorGroup, err error) + // Get retrieves the OperatorGroup from the indexer for a given namespace and name. + Get(name string) (*operators.OperatorGroup, error) + OperatorGroupNamespaceListerExpansion +} + +// operatorGroupNamespaceLister implements the OperatorGroupNamespaceLister +// interface. +type operatorGroupNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OperatorGroups in the indexer for a given namespace. +func (s operatorGroupNamespaceLister) List(selector labels.Selector) (ret []*operators.OperatorGroup, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*operators.OperatorGroup)) + }) + return ret, err +} + +// Get retrieves the OperatorGroup from the indexer for a given namespace and name. +func (s operatorGroupNamespaceLister) Get(name string) (*operators.OperatorGroup, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(operators.Resource("operatorgroup"), name) + } + return obj.(*operators.OperatorGroup), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/subscription.go new file mode 100644 index 000000000..c49acaf2c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/internalversion/subscription.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// SubscriptionLister helps list Subscriptions. +type SubscriptionLister interface { + // List lists all Subscriptions in the indexer. + List(selector labels.Selector) (ret []*operators.Subscription, err error) + // Subscriptions returns an object that can list and get Subscriptions. + Subscriptions(namespace string) SubscriptionNamespaceLister + SubscriptionListerExpansion +} + +// subscriptionLister implements the SubscriptionLister interface. +type subscriptionLister struct { + indexer cache.Indexer +} + +// NewSubscriptionLister returns a new SubscriptionLister. +func NewSubscriptionLister(indexer cache.Indexer) SubscriptionLister { + return &subscriptionLister{indexer: indexer} +} + +// List lists all Subscriptions in the indexer. +func (s *subscriptionLister) List(selector labels.Selector) (ret []*operators.Subscription, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*operators.Subscription)) + }) + return ret, err +} + +// Subscriptions returns an object that can list and get Subscriptions. +func (s *subscriptionLister) Subscriptions(namespace string) SubscriptionNamespaceLister { + return subscriptionNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// SubscriptionNamespaceLister helps list and get Subscriptions. +type SubscriptionNamespaceLister interface { + // List lists all Subscriptions in the indexer for a given namespace. + List(selector labels.Selector) (ret []*operators.Subscription, err error) + // Get retrieves the Subscription from the indexer for a given namespace and name. + Get(name string) (*operators.Subscription, error) + SubscriptionNamespaceListerExpansion +} + +// subscriptionNamespaceLister implements the SubscriptionNamespaceLister +// interface. +type subscriptionNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all Subscriptions in the indexer for a given namespace. +func (s subscriptionNamespaceLister) List(selector labels.Selector) (ret []*operators.Subscription, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*operators.Subscription)) + }) + return ret, err +} + +// Get retrieves the Subscription from the indexer for a given namespace and name. +func (s subscriptionNamespaceLister) Get(name string) (*operators.Subscription, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(operators.Resource("subscription"), name) + } + return obj.(*operators.Subscription), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1/expansion_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1/expansion_generated.go new file mode 100644 index 000000000..24e5c2d14 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +// OperatorGroupListerExpansion allows custom methods to be added to +// OperatorGroupLister. +type OperatorGroupListerExpansion interface{} + +// OperatorGroupNamespaceListerExpansion allows custom methods to be added to +// OperatorGroupNamespaceLister. +type OperatorGroupNamespaceListerExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1/operatorgroup.go new file mode 100644 index 000000000..f32f7ef2b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1/operatorgroup.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OperatorGroupLister helps list OperatorGroups. +type OperatorGroupLister interface { + // List lists all OperatorGroups in the indexer. + List(selector labels.Selector) (ret []*v1.OperatorGroup, err error) + // OperatorGroups returns an object that can list and get OperatorGroups. + OperatorGroups(namespace string) OperatorGroupNamespaceLister + OperatorGroupListerExpansion +} + +// operatorGroupLister implements the OperatorGroupLister interface. +type operatorGroupLister struct { + indexer cache.Indexer +} + +// NewOperatorGroupLister returns a new OperatorGroupLister. +func NewOperatorGroupLister(indexer cache.Indexer) OperatorGroupLister { + return &operatorGroupLister{indexer: indexer} +} + +// List lists all OperatorGroups in the indexer. +func (s *operatorGroupLister) List(selector labels.Selector) (ret []*v1.OperatorGroup, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1.OperatorGroup)) + }) + return ret, err +} + +// OperatorGroups returns an object that can list and get OperatorGroups. +func (s *operatorGroupLister) OperatorGroups(namespace string) OperatorGroupNamespaceLister { + return operatorGroupNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OperatorGroupNamespaceLister helps list and get OperatorGroups. +type OperatorGroupNamespaceLister interface { + // List lists all OperatorGroups in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1.OperatorGroup, err error) + // Get retrieves the OperatorGroup from the indexer for a given namespace and name. + Get(name string) (*v1.OperatorGroup, error) + OperatorGroupNamespaceListerExpansion +} + +// operatorGroupNamespaceLister implements the OperatorGroupNamespaceLister +// interface. +type operatorGroupNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OperatorGroups in the indexer for a given namespace. +func (s operatorGroupNamespaceLister) List(selector labels.Selector) (ret []*v1.OperatorGroup, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1.OperatorGroup)) + }) + return ret, err +} + +// Get retrieves the OperatorGroup from the indexer for a given namespace and name. +func (s operatorGroupNamespaceLister) Get(name string) (*v1.OperatorGroup, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1.Resource("operatorgroup"), name) + } + return obj.(*v1.OperatorGroup), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/catalogsource.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/catalogsource.go new file mode 100644 index 000000000..31ecf84c2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/catalogsource.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// CatalogSourceLister helps list CatalogSources. +type CatalogSourceLister interface { + // List lists all CatalogSources in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.CatalogSource, err error) + // CatalogSources returns an object that can list and get CatalogSources. + CatalogSources(namespace string) CatalogSourceNamespaceLister + CatalogSourceListerExpansion +} + +// catalogSourceLister implements the CatalogSourceLister interface. +type catalogSourceLister struct { + indexer cache.Indexer +} + +// NewCatalogSourceLister returns a new CatalogSourceLister. +func NewCatalogSourceLister(indexer cache.Indexer) CatalogSourceLister { + return &catalogSourceLister{indexer: indexer} +} + +// List lists all CatalogSources in the indexer. +func (s *catalogSourceLister) List(selector labels.Selector) (ret []*v1alpha1.CatalogSource, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.CatalogSource)) + }) + return ret, err +} + +// CatalogSources returns an object that can list and get CatalogSources. +func (s *catalogSourceLister) CatalogSources(namespace string) CatalogSourceNamespaceLister { + return catalogSourceNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// CatalogSourceNamespaceLister helps list and get CatalogSources. +type CatalogSourceNamespaceLister interface { + // List lists all CatalogSources in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.CatalogSource, err error) + // Get retrieves the CatalogSource from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.CatalogSource, error) + CatalogSourceNamespaceListerExpansion +} + +// catalogSourceNamespaceLister implements the CatalogSourceNamespaceLister +// interface. +type catalogSourceNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all CatalogSources in the indexer for a given namespace. +func (s catalogSourceNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CatalogSource, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.CatalogSource)) + }) + return ret, err +} + +// Get retrieves the CatalogSource from the indexer for a given namespace and name. +func (s catalogSourceNamespaceLister) Get(name string) (*v1alpha1.CatalogSource, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("catalogsource"), name) + } + return obj.(*v1alpha1.CatalogSource), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/clusterserviceversion.go new file mode 100644 index 000000000..2923d3d30 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/clusterserviceversion.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ClusterServiceVersionLister helps list ClusterServiceVersions. +type ClusterServiceVersionLister interface { + // List lists all ClusterServiceVersions in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.ClusterServiceVersion, err error) + // ClusterServiceVersions returns an object that can list and get ClusterServiceVersions. + ClusterServiceVersions(namespace string) ClusterServiceVersionNamespaceLister + ClusterServiceVersionListerExpansion +} + +// clusterServiceVersionLister implements the ClusterServiceVersionLister interface. +type clusterServiceVersionLister struct { + indexer cache.Indexer +} + +// NewClusterServiceVersionLister returns a new ClusterServiceVersionLister. +func NewClusterServiceVersionLister(indexer cache.Indexer) ClusterServiceVersionLister { + return &clusterServiceVersionLister{indexer: indexer} +} + +// List lists all ClusterServiceVersions in the indexer. +func (s *clusterServiceVersionLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterServiceVersion, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ClusterServiceVersion)) + }) + return ret, err +} + +// ClusterServiceVersions returns an object that can list and get ClusterServiceVersions. +func (s *clusterServiceVersionLister) ClusterServiceVersions(namespace string) ClusterServiceVersionNamespaceLister { + return clusterServiceVersionNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// ClusterServiceVersionNamespaceLister helps list and get ClusterServiceVersions. +type ClusterServiceVersionNamespaceLister interface { + // List lists all ClusterServiceVersions in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.ClusterServiceVersion, err error) + // Get retrieves the ClusterServiceVersion from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.ClusterServiceVersion, error) + ClusterServiceVersionNamespaceListerExpansion +} + +// clusterServiceVersionNamespaceLister implements the ClusterServiceVersionNamespaceLister +// interface. +type clusterServiceVersionNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all ClusterServiceVersions in the indexer for a given namespace. +func (s clusterServiceVersionNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterServiceVersion, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ClusterServiceVersion)) + }) + return ret, err +} + +// Get retrieves the ClusterServiceVersion from the indexer for a given namespace and name. +func (s clusterServiceVersionNamespaceLister) Get(name string) (*v1alpha1.ClusterServiceVersion, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("clusterserviceversion"), name) + } + return obj.(*v1alpha1.ClusterServiceVersion), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/expansion_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/expansion_generated.go new file mode 100644 index 000000000..ca5ce6009 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/expansion_generated.go @@ -0,0 +1,51 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// CatalogSourceListerExpansion allows custom methods to be added to +// CatalogSourceLister. +type CatalogSourceListerExpansion interface{} + +// CatalogSourceNamespaceListerExpansion allows custom methods to be added to +// CatalogSourceNamespaceLister. +type CatalogSourceNamespaceListerExpansion interface{} + +// ClusterServiceVersionListerExpansion allows custom methods to be added to +// ClusterServiceVersionLister. +type ClusterServiceVersionListerExpansion interface{} + +// ClusterServiceVersionNamespaceListerExpansion allows custom methods to be added to +// ClusterServiceVersionNamespaceLister. +type ClusterServiceVersionNamespaceListerExpansion interface{} + +// InstallPlanListerExpansion allows custom methods to be added to +// InstallPlanLister. +type InstallPlanListerExpansion interface{} + +// InstallPlanNamespaceListerExpansion allows custom methods to be added to +// InstallPlanNamespaceLister. +type InstallPlanNamespaceListerExpansion interface{} + +// SubscriptionListerExpansion allows custom methods to be added to +// SubscriptionLister. +type SubscriptionListerExpansion interface{} + +// SubscriptionNamespaceListerExpansion allows custom methods to be added to +// SubscriptionNamespaceLister. +type SubscriptionNamespaceListerExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/installplan.go new file mode 100644 index 000000000..f86250baa --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/installplan.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// InstallPlanLister helps list InstallPlans. +type InstallPlanLister interface { + // List lists all InstallPlans in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.InstallPlan, err error) + // InstallPlans returns an object that can list and get InstallPlans. + InstallPlans(namespace string) InstallPlanNamespaceLister + InstallPlanListerExpansion +} + +// installPlanLister implements the InstallPlanLister interface. +type installPlanLister struct { + indexer cache.Indexer +} + +// NewInstallPlanLister returns a new InstallPlanLister. +func NewInstallPlanLister(indexer cache.Indexer) InstallPlanLister { + return &installPlanLister{indexer: indexer} +} + +// List lists all InstallPlans in the indexer. +func (s *installPlanLister) List(selector labels.Selector) (ret []*v1alpha1.InstallPlan, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.InstallPlan)) + }) + return ret, err +} + +// InstallPlans returns an object that can list and get InstallPlans. +func (s *installPlanLister) InstallPlans(namespace string) InstallPlanNamespaceLister { + return installPlanNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// InstallPlanNamespaceLister helps list and get InstallPlans. +type InstallPlanNamespaceLister interface { + // List lists all InstallPlans in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.InstallPlan, err error) + // Get retrieves the InstallPlan from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.InstallPlan, error) + InstallPlanNamespaceListerExpansion +} + +// installPlanNamespaceLister implements the InstallPlanNamespaceLister +// interface. +type installPlanNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all InstallPlans in the indexer for a given namespace. +func (s installPlanNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.InstallPlan, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.InstallPlan)) + }) + return ret, err +} + +// Get retrieves the InstallPlan from the indexer for a given namespace and name. +func (s installPlanNamespaceLister) Get(name string) (*v1alpha1.InstallPlan, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("installplan"), name) + } + return obj.(*v1alpha1.InstallPlan), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/subscription.go new file mode 100644 index 000000000..a0cb7f258 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1/subscription.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// SubscriptionLister helps list Subscriptions. +type SubscriptionLister interface { + // List lists all Subscriptions in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.Subscription, err error) + // Subscriptions returns an object that can list and get Subscriptions. + Subscriptions(namespace string) SubscriptionNamespaceLister + SubscriptionListerExpansion +} + +// subscriptionLister implements the SubscriptionLister interface. +type subscriptionLister struct { + indexer cache.Indexer +} + +// NewSubscriptionLister returns a new SubscriptionLister. +func NewSubscriptionLister(indexer cache.Indexer) SubscriptionLister { + return &subscriptionLister{indexer: indexer} +} + +// List lists all Subscriptions in the indexer. +func (s *subscriptionLister) List(selector labels.Selector) (ret []*v1alpha1.Subscription, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Subscription)) + }) + return ret, err +} + +// Subscriptions returns an object that can list and get Subscriptions. +func (s *subscriptionLister) Subscriptions(namespace string) SubscriptionNamespaceLister { + return subscriptionNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// SubscriptionNamespaceLister helps list and get Subscriptions. +type SubscriptionNamespaceLister interface { + // List lists all Subscriptions in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.Subscription, err error) + // Get retrieves the Subscription from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.Subscription, error) + SubscriptionNamespaceListerExpansion +} + +// subscriptionNamespaceLister implements the SubscriptionNamespaceLister +// interface. +type subscriptionNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all Subscriptions in the indexer for a given namespace. +func (s subscriptionNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.Subscription, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Subscription)) + }) + return ret, err +} + +// Get retrieves the Subscription from the indexer for a given namespace and name. +func (s subscriptionNamespaceLister) Get(name string) (*v1alpha1.Subscription, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("subscription"), name) + } + return obj.(*v1alpha1.Subscription), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/util.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/util.go new file mode 100644 index 000000000..60bfa220d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/util.go @@ -0,0 +1,36 @@ +package client + +import ( + "net" + "os" + + log "github.com/sirupsen/logrus" + _ "k8s.io/client-go/plugin/pkg/client/auth/oidc" + "k8s.io/client-go/rest" + "k8s.io/client-go/tools/clientcmd" +) + +// getConfig returns a kubernetes config for configuring a client from a kubeconfig string +func getConfig(kubeconfig string) (*rest.Config, error) { + if len(kubeconfig) == 0 { + // Work around https://github.com/kubernetes/kubernetes/issues/40973 + // See https://github.com/coreos/etcd-operator/issues/731#issuecomment-283804819 + if len(os.Getenv("KUBERNETES_SERVICE_HOST")) == 0 { + addrs, err := net.LookupHost("kubernetes.default.svc") + if err != nil { + return nil, err + } + + os.Setenv("KUBERNETES_SERVICE_HOST", addrs[0]) + } + + if len(os.Getenv("KUBERNETES_SERVICE_PORT")) == 0 { + os.Setenv("KUBERNETES_SERVICE_PORT", "443") + } + + log.Infof("Using in-cluster kube client config") + return rest.InClusterConfig() + } + log.Infof("Loading kube client config from path %q", kubeconfig) + return clientcmd.BuildConfigFromFlags("", kubeconfig) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/deployment_install_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/deployment_install_client.go new file mode 100644 index 000000000..afaeb770b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/deployment_install_client.go @@ -0,0 +1,132 @@ +//go:generate counterfeiter deployment_install_client.go InstallStrategyDeploymentInterface +package wrappers + +import ( + "github.com/pkg/errors" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +var ErrNilObject = errors.New("Bad object supplied: ") + +type InstallStrategyDeploymentInterface interface { + CreateRole(role *rbacv1.Role) (*rbacv1.Role, error) + CreateRoleBinding(roleBinding *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) + EnsureServiceAccount(serviceAccount *corev1.ServiceAccount, owner ownerutil.Owner) (*corev1.ServiceAccount, error) + CreateDeployment(deployment *appsv1.Deployment) (*appsv1.Deployment, error) + CreateOrUpdateDeployment(deployment *appsv1.Deployment) (*appsv1.Deployment, error) + DeleteDeployment(name string) error + GetServiceAccountByName(serviceAccountName string) (*corev1.ServiceAccount, error) + FindAnyDeploymentsMatchingNames(depNames []string) ([]*appsv1.Deployment, error) + FindAnyDeploymentsMatchingLabels(label labels.Selector) ([]*appsv1.Deployment, error) +} + +type InstallStrategyDeploymentClientForNamespace struct { + opClient operatorclient.ClientInterface + opLister operatorlister.OperatorLister + Namespace string +} + +var _ InstallStrategyDeploymentInterface = &InstallStrategyDeploymentClientForNamespace{} + +func NewInstallStrategyDeploymentClient(opClient operatorclient.ClientInterface, opLister operatorlister.OperatorLister, namespace string) InstallStrategyDeploymentInterface { + return &InstallStrategyDeploymentClientForNamespace{ + opClient: opClient, + opLister: opLister, + Namespace: namespace, + } +} + +func (c *InstallStrategyDeploymentClientForNamespace) CreateRole(role *rbacv1.Role) (*rbacv1.Role, error) { + return c.opClient.KubernetesInterface().RbacV1().Roles(c.Namespace).Create(role) +} + +func (c *InstallStrategyDeploymentClientForNamespace) CreateRoleBinding(roleBinding *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) { + return c.opClient.KubernetesInterface().RbacV1().RoleBindings(c.Namespace).Create(roleBinding) +} + +func (c *InstallStrategyDeploymentClientForNamespace) EnsureServiceAccount(serviceAccount *corev1.ServiceAccount, owner ownerutil.Owner) (*corev1.ServiceAccount, error) { + if serviceAccount == nil { + return nil, ErrNilObject + } + + foundAccount, err := c.opLister.CoreV1().ServiceAccountLister().ServiceAccounts(c.Namespace).Get(serviceAccount.Name) + if err != nil && !apierrors.IsNotFound(err) { + return nil, errors.Wrap(err, "checking for existing serviceacccount failed") + } + + // create if not found + if err != nil && apierrors.IsNotFound(err) { + serviceAccount.SetNamespace(c.Namespace) + createdAccount, err := c.opClient.CreateServiceAccount(serviceAccount) + if err != nil && !apierrors.IsAlreadyExists(err) { + return nil, errors.Wrap(err, "creating serviceacccount failed") + } + if apierrors.IsAlreadyExists(err) { + return serviceAccount, nil + } + return createdAccount, nil + } + + // if found, ensure ownerreferences + if ownerutil.IsOwnedBy(foundAccount, owner) { + return foundAccount, nil + } + // set owner if missing + ownerutil.AddNonBlockingOwner(foundAccount, owner) + return c.opClient.UpdateServiceAccount(foundAccount) +} + +func (c *InstallStrategyDeploymentClientForNamespace) CreateDeployment(deployment *appsv1.Deployment) (*appsv1.Deployment, error) { + return c.opClient.CreateDeployment(deployment) +} + +func (c *InstallStrategyDeploymentClientForNamespace) DeleteDeployment(name string) error { + foregroundDelete := metav1.DeletePropagationForeground // cascading delete + immediate := int64(0) + immediateForegroundDelete := &metav1.DeleteOptions{GracePeriodSeconds: &immediate, PropagationPolicy: &foregroundDelete} + return c.opClient.DeleteDeployment(c.Namespace, name, immediateForegroundDelete) +} + +func (c *InstallStrategyDeploymentClientForNamespace) CreateOrUpdateDeployment(deployment *appsv1.Deployment) (*appsv1.Deployment, error) { + d, _, err := c.opClient.CreateOrRollingUpdateDeployment(deployment) + return d, err +} + +func (c *InstallStrategyDeploymentClientForNamespace) GetServiceAccountByName(serviceAccountName string) (*corev1.ServiceAccount, error) { + return c.opLister.CoreV1().ServiceAccountLister().ServiceAccounts(c.Namespace).Get(serviceAccountName) +} + +func (c *InstallStrategyDeploymentClientForNamespace) FindAnyDeploymentsMatchingNames(depNames []string) ([]*appsv1.Deployment, error) { + var deployments []*appsv1.Deployment + for _, depName := range depNames { + fetchedDep, err := c.opLister.AppsV1().DeploymentLister().Deployments(c.Namespace).Get(depName) + if err == nil { + deployments = append(deployments, fetchedDep) + } else { + // Any errors other than !exists are propagated up + if !apierrors.IsNotFound(err) { + return deployments, err + } + } + } + return deployments, nil +} + +func (c *InstallStrategyDeploymentClientForNamespace) FindAnyDeploymentsMatchingLabels(label labels.Selector) ([]*appsv1.Deployment, error) { + deployments, err := c.opLister.AppsV1().DeploymentLister().Deployments(c.Namespace).List(label) + // Any errors other than !exists are propagated up + if err != nil && !apierrors.IsNotFound(err) { + return nil, err + } + + return deployments, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/deployment_install_client_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/deployment_install_client_test.go new file mode 100644 index 000000000..05d7b3786 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/deployment_install_client_test.go @@ -0,0 +1,451 @@ +package wrappers + +import ( + "fmt" + "testing" + "time" + + "github.com/golang/mock/gomock" + "github.com/pkg/errors" + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/equality" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/diff" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + listerfakes "github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/client-go/listers" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/operatorclientmocks" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes" +) + +var ( + Controller = false + BlockOwnerDeletion = false + WakeupInterval = 5 * time.Second +) + +func ownerReferenceFromCSV(csv *v1alpha1.ClusterServiceVersion) metav1.OwnerReference { + return metav1.OwnerReference{ + APIVersion: v1alpha1.SchemeGroupVersion.String(), + Kind: v1alpha1.ClusterServiceVersionKind, + Name: csv.GetName(), + UID: csv.GetUID(), + Controller: &Controller, + BlockOwnerDeletion: &BlockOwnerDeletion, + } +} + +func TestEnsureServiceAccount(t *testing.T) { + testErr := errors.New("NaNaNaNaN") // used to ensure exact error returned + mockOwner := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "csv-owner", + Namespace: "test-namespace", + }, + } + type state struct { + namespace string + existingServiceAccount *corev1.ServiceAccount + getServiceAccountError error + createServiceAccountResult *corev1.ServiceAccount + createServiceAccountError error + updateServiceAccountResult *corev1.ServiceAccount + updateServiceAccountError error + } + type input struct { + serviceAccountName string + serviceAccount *corev1.ServiceAccount + serviceAccountToUpdate *corev1.ServiceAccount + } + type expect struct { + returnedServiceAccount *corev1.ServiceAccount + returnedError error + } + + tests := []struct { + name string + subname string + state state + input input + expect expect + }{ + { + name: "Bad ServiceAccount", + subname: "nil value", + expect: expect{ + returnedError: ErrNilObject, + }, + }, + { + name: "ServiceAccount already exists, owned by CSV", + subname: "returns existing SA when successfully fetched via Kubernetes API", + state: state{ + namespace: "test-namespace", + existingServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + getServiceAccountError: nil, + createServiceAccountError: nil, + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + }, + }, + }, + expect: expect{ + returnedServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + returnedError: nil, + }, + }, + { + name: "ServiceAccount already exists, not owned by CSV", + subname: "returns existing SA when successfully fetched via Kubernetes API", + state: state{ + namespace: "test-namespace", + existingServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Namespace: "test-namespace", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + }, + }, + updateServiceAccountResult: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + getServiceAccountError: nil, + createServiceAccountError: nil, + updateServiceAccountError: nil, + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + }, + }, + serviceAccountToUpdate: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Namespace: "test-namespace", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + }, + expect: expect{ + returnedServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + returnedError: nil, + }, + }, + { + name: "ServiceAccount already exists, not owned by CSV, update fails", + subname: "returns existing SA when successfully fetched via Kubernetes API", + state: state{ + namespace: "test-namespace", + existingServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Namespace: "test-namespace", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + }, + }, + updateServiceAccountResult: nil, + getServiceAccountError: nil, + createServiceAccountError: nil, + updateServiceAccountError: testErr, + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + }, + }, + serviceAccountToUpdate: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Namespace: "test-namespace", + Labels: map[string]string{ + "test": "existing-service-account-found", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + }, + expect: expect{ + returnedServiceAccount: nil, + returnedError: testErr, + }, + }, + { + name: "ServiceAccount already exists", + subname: "returns SA unmodified when fails to create it due to it already existing", + state: state{ + namespace: "test-namespace", + existingServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Namespace: "test-namespace", + Labels: map[string]string{ + "test": "existing-service-account-create-conflict", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + getServiceAccountError: nil, + createServiceAccountError: apierrors.NewAlreadyExists( + corev1.Resource("serviceaccounts"), "test-service-account"), + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + }, + }, + }, + expect: expect{ + returnedServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Namespace: "test-namespace", + Labels: map[string]string{ + "test": "existing-service-account-create-conflict", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + returnedError: nil, + }, + }, + { + name: "ServiceAccount doesn't already exist", + subname: "creates SA when no errors or existing SAs found", + state: state{ + namespace: "test-namespace", + createServiceAccountResult: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "successfully-created-serviceaccount", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + createServiceAccountError: nil, + getServiceAccountError: apierrors.NewNotFound(corev1.Resource("serviceaccounts"), "test-service-account"), + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + }, + }, + }, + expect: expect{ + returnedServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "successfully-created-serviceaccount", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + returnedError: nil, + }, + }, + { + name: "ServiceAccount doesn't already exist", + subname: "creates SA successfully after getting NotFound error trying to fetch it", + state: state{ + namespace: "test-namespace", + getServiceAccountError: apierrors.NewNotFound( + corev1.Resource("serviceaccounts"), "test-service-account"), + createServiceAccountResult: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "successfully-created-serviceaccount-notfound-error", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + createServiceAccountError: nil, + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + }, + }, + }, + expect: expect{ + returnedServiceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + Labels: map[string]string{ + "test": "successfully-created-serviceaccount-notfound-error", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + returnedError: nil, + }, + }, + { + name: "Unknown errors", + subname: "returns unknown errors received trying to fetch SA from the kubernetes API", + state: state{ + namespace: "test-namespace", + getServiceAccountError: testErr, + createServiceAccountError: nil, + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + }, + expect: expect{ + returnedError: testErr, + }, + }, + { + name: "Unknown errors", + subname: "returns unknown errors received trying to create SA", + state: state{ + namespace: "test-namespace", + getServiceAccountError: apierrors.NewNotFound( + corev1.Resource("serviceaccounts"), "test-service-account"), + createServiceAccountError: testErr, + }, + input: input{ + serviceAccountName: "test-service-account", + serviceAccount: &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-service-account", + OwnerReferences: []metav1.OwnerReference{ + ownerReferenceFromCSV(&mockOwner), + }, + }, + }, + }, + expect: expect{ + returnedError: testErr, + }, + }, + } + + for _, tt := range tests { + testName := fmt.Sprintf("%s: %s", tt.name, tt.subname) + t.Run(testName, func(t *testing.T) { + ctrl := gomock.NewController(t) + mockOpClient := operatorclientmocks.NewMockClientInterface(ctrl) + fakeLister := &operatorlisterfakes.FakeOperatorLister{} + fakeCoreV1Lister := &operatorlisterfakes.FakeCoreV1Lister{} + fakeServiceAccountLister := &listerfakes.FakeServiceAccountLister{} + fakeServiceAccountNamespacedLister := &listerfakes.FakeServiceAccountNamespaceLister{} + fakeServiceAccountNamespacedLister.GetReturns(tt.state.existingServiceAccount, tt.state.getServiceAccountError) + fakeServiceAccountLister.ServiceAccountsReturns(fakeServiceAccountNamespacedLister) + fakeCoreV1Lister.ServiceAccountListerReturns(fakeServiceAccountLister) + fakeLister.CoreV1Returns(fakeCoreV1Lister) + + client := NewInstallStrategyDeploymentClient(mockOpClient, fakeLister, tt.state.namespace) + + mockOpClient.EXPECT(). + CreateServiceAccount(tt.input.serviceAccount). + Return(tt.state.createServiceAccountResult, tt.state.createServiceAccountError). + AnyTimes() + + mockOpClient.EXPECT(). + UpdateServiceAccount(tt.input.serviceAccountToUpdate). + Return(tt.state.updateServiceAccountResult, tt.state.updateServiceAccountError). + AnyTimes() + + sa, err := client.EnsureServiceAccount(tt.input.serviceAccount, &mockOwner) + + require.True(t, equality.Semantic.DeepEqual(tt.expect.returnedServiceAccount, sa), + "Resources do not match : %s", + diff.ObjectDiff(tt.expect.returnedServiceAccount, sa)) + + require.EqualValues(t, tt.expect.returnedError, errors.Cause(err)) + + ctrl.Finish() + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/wrappersfakes/fake_install_strategy_deployment_interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/wrappersfakes/fake_install_strategy_deployment_interface.go new file mode 100644 index 000000000..f6b8ec458 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/wrappersfakes/fake_install_strategy_deployment_interface.go @@ -0,0 +1,746 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package wrappersfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" + v1 "k8s.io/api/apps/v1" + v1b "k8s.io/api/core/v1" + v1a "k8s.io/api/rbac/v1" + labels "k8s.io/apimachinery/pkg/labels" +) + +type FakeInstallStrategyDeploymentInterface struct { + CreateDeploymentStub func(*v1.Deployment) (*v1.Deployment, error) + createDeploymentMutex sync.RWMutex + createDeploymentArgsForCall []struct { + arg1 *v1.Deployment + } + createDeploymentReturns struct { + result1 *v1.Deployment + result2 error + } + createDeploymentReturnsOnCall map[int]struct { + result1 *v1.Deployment + result2 error + } + CreateOrUpdateDeploymentStub func(*v1.Deployment) (*v1.Deployment, error) + createOrUpdateDeploymentMutex sync.RWMutex + createOrUpdateDeploymentArgsForCall []struct { + arg1 *v1.Deployment + } + createOrUpdateDeploymentReturns struct { + result1 *v1.Deployment + result2 error + } + createOrUpdateDeploymentReturnsOnCall map[int]struct { + result1 *v1.Deployment + result2 error + } + CreateRoleStub func(*v1a.Role) (*v1a.Role, error) + createRoleMutex sync.RWMutex + createRoleArgsForCall []struct { + arg1 *v1a.Role + } + createRoleReturns struct { + result1 *v1a.Role + result2 error + } + createRoleReturnsOnCall map[int]struct { + result1 *v1a.Role + result2 error + } + CreateRoleBindingStub func(*v1a.RoleBinding) (*v1a.RoleBinding, error) + createRoleBindingMutex sync.RWMutex + createRoleBindingArgsForCall []struct { + arg1 *v1a.RoleBinding + } + createRoleBindingReturns struct { + result1 *v1a.RoleBinding + result2 error + } + createRoleBindingReturnsOnCall map[int]struct { + result1 *v1a.RoleBinding + result2 error + } + DeleteDeploymentStub func(string) error + deleteDeploymentMutex sync.RWMutex + deleteDeploymentArgsForCall []struct { + arg1 string + } + deleteDeploymentReturns struct { + result1 error + } + deleteDeploymentReturnsOnCall map[int]struct { + result1 error + } + EnsureServiceAccountStub func(*v1b.ServiceAccount, ownerutil.Owner) (*v1b.ServiceAccount, error) + ensureServiceAccountMutex sync.RWMutex + ensureServiceAccountArgsForCall []struct { + arg1 *v1b.ServiceAccount + arg2 ownerutil.Owner + } + ensureServiceAccountReturns struct { + result1 *v1b.ServiceAccount + result2 error + } + ensureServiceAccountReturnsOnCall map[int]struct { + result1 *v1b.ServiceAccount + result2 error + } + FindAnyDeploymentsMatchingLabelsStub func(labels.Selector) ([]*v1.Deployment, error) + findAnyDeploymentsMatchingLabelsMutex sync.RWMutex + findAnyDeploymentsMatchingLabelsArgsForCall []struct { + arg1 labels.Selector + } + findAnyDeploymentsMatchingLabelsReturns struct { + result1 []*v1.Deployment + result2 error + } + findAnyDeploymentsMatchingLabelsReturnsOnCall map[int]struct { + result1 []*v1.Deployment + result2 error + } + FindAnyDeploymentsMatchingNamesStub func([]string) ([]*v1.Deployment, error) + findAnyDeploymentsMatchingNamesMutex sync.RWMutex + findAnyDeploymentsMatchingNamesArgsForCall []struct { + arg1 []string + } + findAnyDeploymentsMatchingNamesReturns struct { + result1 []*v1.Deployment + result2 error + } + findAnyDeploymentsMatchingNamesReturnsOnCall map[int]struct { + result1 []*v1.Deployment + result2 error + } + GetServiceAccountByNameStub func(string) (*v1b.ServiceAccount, error) + getServiceAccountByNameMutex sync.RWMutex + getServiceAccountByNameArgsForCall []struct { + arg1 string + } + getServiceAccountByNameReturns struct { + result1 *v1b.ServiceAccount + result2 error + } + getServiceAccountByNameReturnsOnCall map[int]struct { + result1 *v1b.ServiceAccount + result2 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateDeployment(arg1 *v1.Deployment) (*v1.Deployment, error) { + fake.createDeploymentMutex.Lock() + ret, specificReturn := fake.createDeploymentReturnsOnCall[len(fake.createDeploymentArgsForCall)] + fake.createDeploymentArgsForCall = append(fake.createDeploymentArgsForCall, struct { + arg1 *v1.Deployment + }{arg1}) + fake.recordInvocation("CreateDeployment", []interface{}{arg1}) + fake.createDeploymentMutex.Unlock() + if fake.CreateDeploymentStub != nil { + return fake.CreateDeploymentStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.createDeploymentReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateDeploymentCallCount() int { + fake.createDeploymentMutex.RLock() + defer fake.createDeploymentMutex.RUnlock() + return len(fake.createDeploymentArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateDeploymentCalls(stub func(*v1.Deployment) (*v1.Deployment, error)) { + fake.createDeploymentMutex.Lock() + defer fake.createDeploymentMutex.Unlock() + fake.CreateDeploymentStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateDeploymentArgsForCall(i int) *v1.Deployment { + fake.createDeploymentMutex.RLock() + defer fake.createDeploymentMutex.RUnlock() + argsForCall := fake.createDeploymentArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateDeploymentReturns(result1 *v1.Deployment, result2 error) { + fake.createDeploymentMutex.Lock() + defer fake.createDeploymentMutex.Unlock() + fake.CreateDeploymentStub = nil + fake.createDeploymentReturns = struct { + result1 *v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateDeploymentReturnsOnCall(i int, result1 *v1.Deployment, result2 error) { + fake.createDeploymentMutex.Lock() + defer fake.createDeploymentMutex.Unlock() + fake.CreateDeploymentStub = nil + if fake.createDeploymentReturnsOnCall == nil { + fake.createDeploymentReturnsOnCall = make(map[int]struct { + result1 *v1.Deployment + result2 error + }) + } + fake.createDeploymentReturnsOnCall[i] = struct { + result1 *v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateOrUpdateDeployment(arg1 *v1.Deployment) (*v1.Deployment, error) { + fake.createOrUpdateDeploymentMutex.Lock() + ret, specificReturn := fake.createOrUpdateDeploymentReturnsOnCall[len(fake.createOrUpdateDeploymentArgsForCall)] + fake.createOrUpdateDeploymentArgsForCall = append(fake.createOrUpdateDeploymentArgsForCall, struct { + arg1 *v1.Deployment + }{arg1}) + fake.recordInvocation("CreateOrUpdateDeployment", []interface{}{arg1}) + fake.createOrUpdateDeploymentMutex.Unlock() + if fake.CreateOrUpdateDeploymentStub != nil { + return fake.CreateOrUpdateDeploymentStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.createOrUpdateDeploymentReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateOrUpdateDeploymentCallCount() int { + fake.createOrUpdateDeploymentMutex.RLock() + defer fake.createOrUpdateDeploymentMutex.RUnlock() + return len(fake.createOrUpdateDeploymentArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateOrUpdateDeploymentCalls(stub func(*v1.Deployment) (*v1.Deployment, error)) { + fake.createOrUpdateDeploymentMutex.Lock() + defer fake.createOrUpdateDeploymentMutex.Unlock() + fake.CreateOrUpdateDeploymentStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateOrUpdateDeploymentArgsForCall(i int) *v1.Deployment { + fake.createOrUpdateDeploymentMutex.RLock() + defer fake.createOrUpdateDeploymentMutex.RUnlock() + argsForCall := fake.createOrUpdateDeploymentArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateOrUpdateDeploymentReturns(result1 *v1.Deployment, result2 error) { + fake.createOrUpdateDeploymentMutex.Lock() + defer fake.createOrUpdateDeploymentMutex.Unlock() + fake.CreateOrUpdateDeploymentStub = nil + fake.createOrUpdateDeploymentReturns = struct { + result1 *v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateOrUpdateDeploymentReturnsOnCall(i int, result1 *v1.Deployment, result2 error) { + fake.createOrUpdateDeploymentMutex.Lock() + defer fake.createOrUpdateDeploymentMutex.Unlock() + fake.CreateOrUpdateDeploymentStub = nil + if fake.createOrUpdateDeploymentReturnsOnCall == nil { + fake.createOrUpdateDeploymentReturnsOnCall = make(map[int]struct { + result1 *v1.Deployment + result2 error + }) + } + fake.createOrUpdateDeploymentReturnsOnCall[i] = struct { + result1 *v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRole(arg1 *v1a.Role) (*v1a.Role, error) { + fake.createRoleMutex.Lock() + ret, specificReturn := fake.createRoleReturnsOnCall[len(fake.createRoleArgsForCall)] + fake.createRoleArgsForCall = append(fake.createRoleArgsForCall, struct { + arg1 *v1a.Role + }{arg1}) + fake.recordInvocation("CreateRole", []interface{}{arg1}) + fake.createRoleMutex.Unlock() + if fake.CreateRoleStub != nil { + return fake.CreateRoleStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.createRoleReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleCallCount() int { + fake.createRoleMutex.RLock() + defer fake.createRoleMutex.RUnlock() + return len(fake.createRoleArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleCalls(stub func(*v1a.Role) (*v1a.Role, error)) { + fake.createRoleMutex.Lock() + defer fake.createRoleMutex.Unlock() + fake.CreateRoleStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleArgsForCall(i int) *v1a.Role { + fake.createRoleMutex.RLock() + defer fake.createRoleMutex.RUnlock() + argsForCall := fake.createRoleArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleReturns(result1 *v1a.Role, result2 error) { + fake.createRoleMutex.Lock() + defer fake.createRoleMutex.Unlock() + fake.CreateRoleStub = nil + fake.createRoleReturns = struct { + result1 *v1a.Role + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleReturnsOnCall(i int, result1 *v1a.Role, result2 error) { + fake.createRoleMutex.Lock() + defer fake.createRoleMutex.Unlock() + fake.CreateRoleStub = nil + if fake.createRoleReturnsOnCall == nil { + fake.createRoleReturnsOnCall = make(map[int]struct { + result1 *v1a.Role + result2 error + }) + } + fake.createRoleReturnsOnCall[i] = struct { + result1 *v1a.Role + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleBinding(arg1 *v1a.RoleBinding) (*v1a.RoleBinding, error) { + fake.createRoleBindingMutex.Lock() + ret, specificReturn := fake.createRoleBindingReturnsOnCall[len(fake.createRoleBindingArgsForCall)] + fake.createRoleBindingArgsForCall = append(fake.createRoleBindingArgsForCall, struct { + arg1 *v1a.RoleBinding + }{arg1}) + fake.recordInvocation("CreateRoleBinding", []interface{}{arg1}) + fake.createRoleBindingMutex.Unlock() + if fake.CreateRoleBindingStub != nil { + return fake.CreateRoleBindingStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.createRoleBindingReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleBindingCallCount() int { + fake.createRoleBindingMutex.RLock() + defer fake.createRoleBindingMutex.RUnlock() + return len(fake.createRoleBindingArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleBindingCalls(stub func(*v1a.RoleBinding) (*v1a.RoleBinding, error)) { + fake.createRoleBindingMutex.Lock() + defer fake.createRoleBindingMutex.Unlock() + fake.CreateRoleBindingStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleBindingArgsForCall(i int) *v1a.RoleBinding { + fake.createRoleBindingMutex.RLock() + defer fake.createRoleBindingMutex.RUnlock() + argsForCall := fake.createRoleBindingArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleBindingReturns(result1 *v1a.RoleBinding, result2 error) { + fake.createRoleBindingMutex.Lock() + defer fake.createRoleBindingMutex.Unlock() + fake.CreateRoleBindingStub = nil + fake.createRoleBindingReturns = struct { + result1 *v1a.RoleBinding + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) CreateRoleBindingReturnsOnCall(i int, result1 *v1a.RoleBinding, result2 error) { + fake.createRoleBindingMutex.Lock() + defer fake.createRoleBindingMutex.Unlock() + fake.CreateRoleBindingStub = nil + if fake.createRoleBindingReturnsOnCall == nil { + fake.createRoleBindingReturnsOnCall = make(map[int]struct { + result1 *v1a.RoleBinding + result2 error + }) + } + fake.createRoleBindingReturnsOnCall[i] = struct { + result1 *v1a.RoleBinding + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) DeleteDeployment(arg1 string) error { + fake.deleteDeploymentMutex.Lock() + ret, specificReturn := fake.deleteDeploymentReturnsOnCall[len(fake.deleteDeploymentArgsForCall)] + fake.deleteDeploymentArgsForCall = append(fake.deleteDeploymentArgsForCall, struct { + arg1 string + }{arg1}) + fake.recordInvocation("DeleteDeployment", []interface{}{arg1}) + fake.deleteDeploymentMutex.Unlock() + if fake.DeleteDeploymentStub != nil { + return fake.DeleteDeploymentStub(arg1) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.deleteDeploymentReturns + return fakeReturns.result1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) DeleteDeploymentCallCount() int { + fake.deleteDeploymentMutex.RLock() + defer fake.deleteDeploymentMutex.RUnlock() + return len(fake.deleteDeploymentArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) DeleteDeploymentCalls(stub func(string) error) { + fake.deleteDeploymentMutex.Lock() + defer fake.deleteDeploymentMutex.Unlock() + fake.DeleteDeploymentStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) DeleteDeploymentArgsForCall(i int) string { + fake.deleteDeploymentMutex.RLock() + defer fake.deleteDeploymentMutex.RUnlock() + argsForCall := fake.deleteDeploymentArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) DeleteDeploymentReturns(result1 error) { + fake.deleteDeploymentMutex.Lock() + defer fake.deleteDeploymentMutex.Unlock() + fake.DeleteDeploymentStub = nil + fake.deleteDeploymentReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeInstallStrategyDeploymentInterface) DeleteDeploymentReturnsOnCall(i int, result1 error) { + fake.deleteDeploymentMutex.Lock() + defer fake.deleteDeploymentMutex.Unlock() + fake.DeleteDeploymentStub = nil + if fake.deleteDeploymentReturnsOnCall == nil { + fake.deleteDeploymentReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.deleteDeploymentReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeInstallStrategyDeploymentInterface) EnsureServiceAccount(arg1 *v1b.ServiceAccount, arg2 ownerutil.Owner) (*v1b.ServiceAccount, error) { + fake.ensureServiceAccountMutex.Lock() + ret, specificReturn := fake.ensureServiceAccountReturnsOnCall[len(fake.ensureServiceAccountArgsForCall)] + fake.ensureServiceAccountArgsForCall = append(fake.ensureServiceAccountArgsForCall, struct { + arg1 *v1b.ServiceAccount + arg2 ownerutil.Owner + }{arg1, arg2}) + fake.recordInvocation("EnsureServiceAccount", []interface{}{arg1, arg2}) + fake.ensureServiceAccountMutex.Unlock() + if fake.EnsureServiceAccountStub != nil { + return fake.EnsureServiceAccountStub(arg1, arg2) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.ensureServiceAccountReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) EnsureServiceAccountCallCount() int { + fake.ensureServiceAccountMutex.RLock() + defer fake.ensureServiceAccountMutex.RUnlock() + return len(fake.ensureServiceAccountArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) EnsureServiceAccountCalls(stub func(*v1b.ServiceAccount, ownerutil.Owner) (*v1b.ServiceAccount, error)) { + fake.ensureServiceAccountMutex.Lock() + defer fake.ensureServiceAccountMutex.Unlock() + fake.EnsureServiceAccountStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) EnsureServiceAccountArgsForCall(i int) (*v1b.ServiceAccount, ownerutil.Owner) { + fake.ensureServiceAccountMutex.RLock() + defer fake.ensureServiceAccountMutex.RUnlock() + argsForCall := fake.ensureServiceAccountArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) EnsureServiceAccountReturns(result1 *v1b.ServiceAccount, result2 error) { + fake.ensureServiceAccountMutex.Lock() + defer fake.ensureServiceAccountMutex.Unlock() + fake.EnsureServiceAccountStub = nil + fake.ensureServiceAccountReturns = struct { + result1 *v1b.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) EnsureServiceAccountReturnsOnCall(i int, result1 *v1b.ServiceAccount, result2 error) { + fake.ensureServiceAccountMutex.Lock() + defer fake.ensureServiceAccountMutex.Unlock() + fake.EnsureServiceAccountStub = nil + if fake.ensureServiceAccountReturnsOnCall == nil { + fake.ensureServiceAccountReturnsOnCall = make(map[int]struct { + result1 *v1b.ServiceAccount + result2 error + }) + } + fake.ensureServiceAccountReturnsOnCall[i] = struct { + result1 *v1b.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingLabels(arg1 labels.Selector) ([]*v1.Deployment, error) { + fake.findAnyDeploymentsMatchingLabelsMutex.Lock() + ret, specificReturn := fake.findAnyDeploymentsMatchingLabelsReturnsOnCall[len(fake.findAnyDeploymentsMatchingLabelsArgsForCall)] + fake.findAnyDeploymentsMatchingLabelsArgsForCall = append(fake.findAnyDeploymentsMatchingLabelsArgsForCall, struct { + arg1 labels.Selector + }{arg1}) + fake.recordInvocation("FindAnyDeploymentsMatchingLabels", []interface{}{arg1}) + fake.findAnyDeploymentsMatchingLabelsMutex.Unlock() + if fake.FindAnyDeploymentsMatchingLabelsStub != nil { + return fake.FindAnyDeploymentsMatchingLabelsStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.findAnyDeploymentsMatchingLabelsReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingLabelsCallCount() int { + fake.findAnyDeploymentsMatchingLabelsMutex.RLock() + defer fake.findAnyDeploymentsMatchingLabelsMutex.RUnlock() + return len(fake.findAnyDeploymentsMatchingLabelsArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingLabelsCalls(stub func(labels.Selector) ([]*v1.Deployment, error)) { + fake.findAnyDeploymentsMatchingLabelsMutex.Lock() + defer fake.findAnyDeploymentsMatchingLabelsMutex.Unlock() + fake.FindAnyDeploymentsMatchingLabelsStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingLabelsArgsForCall(i int) labels.Selector { + fake.findAnyDeploymentsMatchingLabelsMutex.RLock() + defer fake.findAnyDeploymentsMatchingLabelsMutex.RUnlock() + argsForCall := fake.findAnyDeploymentsMatchingLabelsArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingLabelsReturns(result1 []*v1.Deployment, result2 error) { + fake.findAnyDeploymentsMatchingLabelsMutex.Lock() + defer fake.findAnyDeploymentsMatchingLabelsMutex.Unlock() + fake.FindAnyDeploymentsMatchingLabelsStub = nil + fake.findAnyDeploymentsMatchingLabelsReturns = struct { + result1 []*v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingLabelsReturnsOnCall(i int, result1 []*v1.Deployment, result2 error) { + fake.findAnyDeploymentsMatchingLabelsMutex.Lock() + defer fake.findAnyDeploymentsMatchingLabelsMutex.Unlock() + fake.FindAnyDeploymentsMatchingLabelsStub = nil + if fake.findAnyDeploymentsMatchingLabelsReturnsOnCall == nil { + fake.findAnyDeploymentsMatchingLabelsReturnsOnCall = make(map[int]struct { + result1 []*v1.Deployment + result2 error + }) + } + fake.findAnyDeploymentsMatchingLabelsReturnsOnCall[i] = struct { + result1 []*v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingNames(arg1 []string) ([]*v1.Deployment, error) { + var arg1Copy []string + if arg1 != nil { + arg1Copy = make([]string, len(arg1)) + copy(arg1Copy, arg1) + } + fake.findAnyDeploymentsMatchingNamesMutex.Lock() + ret, specificReturn := fake.findAnyDeploymentsMatchingNamesReturnsOnCall[len(fake.findAnyDeploymentsMatchingNamesArgsForCall)] + fake.findAnyDeploymentsMatchingNamesArgsForCall = append(fake.findAnyDeploymentsMatchingNamesArgsForCall, struct { + arg1 []string + }{arg1Copy}) + fake.recordInvocation("FindAnyDeploymentsMatchingNames", []interface{}{arg1Copy}) + fake.findAnyDeploymentsMatchingNamesMutex.Unlock() + if fake.FindAnyDeploymentsMatchingNamesStub != nil { + return fake.FindAnyDeploymentsMatchingNamesStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.findAnyDeploymentsMatchingNamesReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingNamesCallCount() int { + fake.findAnyDeploymentsMatchingNamesMutex.RLock() + defer fake.findAnyDeploymentsMatchingNamesMutex.RUnlock() + return len(fake.findAnyDeploymentsMatchingNamesArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingNamesCalls(stub func([]string) ([]*v1.Deployment, error)) { + fake.findAnyDeploymentsMatchingNamesMutex.Lock() + defer fake.findAnyDeploymentsMatchingNamesMutex.Unlock() + fake.FindAnyDeploymentsMatchingNamesStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingNamesArgsForCall(i int) []string { + fake.findAnyDeploymentsMatchingNamesMutex.RLock() + defer fake.findAnyDeploymentsMatchingNamesMutex.RUnlock() + argsForCall := fake.findAnyDeploymentsMatchingNamesArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingNamesReturns(result1 []*v1.Deployment, result2 error) { + fake.findAnyDeploymentsMatchingNamesMutex.Lock() + defer fake.findAnyDeploymentsMatchingNamesMutex.Unlock() + fake.FindAnyDeploymentsMatchingNamesStub = nil + fake.findAnyDeploymentsMatchingNamesReturns = struct { + result1 []*v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) FindAnyDeploymentsMatchingNamesReturnsOnCall(i int, result1 []*v1.Deployment, result2 error) { + fake.findAnyDeploymentsMatchingNamesMutex.Lock() + defer fake.findAnyDeploymentsMatchingNamesMutex.Unlock() + fake.FindAnyDeploymentsMatchingNamesStub = nil + if fake.findAnyDeploymentsMatchingNamesReturnsOnCall == nil { + fake.findAnyDeploymentsMatchingNamesReturnsOnCall = make(map[int]struct { + result1 []*v1.Deployment + result2 error + }) + } + fake.findAnyDeploymentsMatchingNamesReturnsOnCall[i] = struct { + result1 []*v1.Deployment + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) GetServiceAccountByName(arg1 string) (*v1b.ServiceAccount, error) { + fake.getServiceAccountByNameMutex.Lock() + ret, specificReturn := fake.getServiceAccountByNameReturnsOnCall[len(fake.getServiceAccountByNameArgsForCall)] + fake.getServiceAccountByNameArgsForCall = append(fake.getServiceAccountByNameArgsForCall, struct { + arg1 string + }{arg1}) + fake.recordInvocation("GetServiceAccountByName", []interface{}{arg1}) + fake.getServiceAccountByNameMutex.Unlock() + if fake.GetServiceAccountByNameStub != nil { + return fake.GetServiceAccountByNameStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getServiceAccountByNameReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInstallStrategyDeploymentInterface) GetServiceAccountByNameCallCount() int { + fake.getServiceAccountByNameMutex.RLock() + defer fake.getServiceAccountByNameMutex.RUnlock() + return len(fake.getServiceAccountByNameArgsForCall) +} + +func (fake *FakeInstallStrategyDeploymentInterface) GetServiceAccountByNameCalls(stub func(string) (*v1b.ServiceAccount, error)) { + fake.getServiceAccountByNameMutex.Lock() + defer fake.getServiceAccountByNameMutex.Unlock() + fake.GetServiceAccountByNameStub = stub +} + +func (fake *FakeInstallStrategyDeploymentInterface) GetServiceAccountByNameArgsForCall(i int) string { + fake.getServiceAccountByNameMutex.RLock() + defer fake.getServiceAccountByNameMutex.RUnlock() + argsForCall := fake.getServiceAccountByNameArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeInstallStrategyDeploymentInterface) GetServiceAccountByNameReturns(result1 *v1b.ServiceAccount, result2 error) { + fake.getServiceAccountByNameMutex.Lock() + defer fake.getServiceAccountByNameMutex.Unlock() + fake.GetServiceAccountByNameStub = nil + fake.getServiceAccountByNameReturns = struct { + result1 *v1b.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) GetServiceAccountByNameReturnsOnCall(i int, result1 *v1b.ServiceAccount, result2 error) { + fake.getServiceAccountByNameMutex.Lock() + defer fake.getServiceAccountByNameMutex.Unlock() + fake.GetServiceAccountByNameStub = nil + if fake.getServiceAccountByNameReturnsOnCall == nil { + fake.getServiceAccountByNameReturnsOnCall = make(map[int]struct { + result1 *v1b.ServiceAccount + result2 error + }) + } + fake.getServiceAccountByNameReturnsOnCall[i] = struct { + result1 *v1b.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeInstallStrategyDeploymentInterface) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.createDeploymentMutex.RLock() + defer fake.createDeploymentMutex.RUnlock() + fake.createOrUpdateDeploymentMutex.RLock() + defer fake.createOrUpdateDeploymentMutex.RUnlock() + fake.createRoleMutex.RLock() + defer fake.createRoleMutex.RUnlock() + fake.createRoleBindingMutex.RLock() + defer fake.createRoleBindingMutex.RUnlock() + fake.deleteDeploymentMutex.RLock() + defer fake.deleteDeploymentMutex.RUnlock() + fake.ensureServiceAccountMutex.RLock() + defer fake.ensureServiceAccountMutex.RUnlock() + fake.findAnyDeploymentsMatchingLabelsMutex.RLock() + defer fake.findAnyDeploymentsMatchingLabelsMutex.RUnlock() + fake.findAnyDeploymentsMatchingNamesMutex.RLock() + defer fake.findAnyDeploymentsMatchingNamesMutex.RUnlock() + fake.getServiceAccountByNameMutex.RLock() + defer fake.getServiceAccountByNameMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeInstallStrategyDeploymentInterface) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ wrappers.InstallStrategyDeploymentInterface = new(FakeInstallStrategyDeploymentInterface) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/certs/certs.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/certs/certs.go new file mode 100644 index 000000000..3e59e0284 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/certs/certs.go @@ -0,0 +1,193 @@ +package certs + +import ( + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "crypto/sha256" + "crypto/x509" + "crypto/x509/pkix" + "encoding/hex" + "encoding/pem" + "fmt" + "math" + "math/big" + "time" +) + +// KeyPair stores an x509 certificate and its ECDSA private key +type KeyPair struct { + Cert *x509.Certificate + Priv *ecdsa.PrivateKey +} + +// ToPEM returns the PEM encoded cert pair +func (kp *KeyPair) ToPEM() (certPEM []byte, privPEM []byte, err error) { + // PEM encode private key + privDER, err := x509.MarshalECPrivateKey(kp.Priv) + if err != nil { + return + } + privBlock := &pem.Block{ + Type: "EC PRIVATE KEY", + Bytes: privDER, + } + privPEM = pem.EncodeToMemory(privBlock) + + // PEM encode cert + certBlock := &pem.Block{ + Type: "CERTIFICATE", + Bytes: kp.Cert.Raw, + } + certPEM = pem.EncodeToMemory(certBlock) + + return +} + +// GenerateCA generates a self-signed CA cert/key pair that expires in expiresIn days +func GenerateCA(notAfter time.Time, organization string) (*KeyPair, error) { + notBefore := time.Now() + if notAfter.Before(notBefore) { + return nil, fmt.Errorf("invalid notAfter: %s before %s", notAfter.String(), notBefore.String()) + } + + serial, err := rand.Int(rand.Reader, new(big.Int).SetInt64(math.MaxInt64)) + if err != nil { + return nil, err + } + + caDetails := &x509.Certificate{ + SerialNumber: serial, + Subject: pkix.Name{ + Organization: []string{organization}, + }, + NotBefore: notBefore, + NotAfter: notAfter, + IsCA: true, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, + KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, + BasicConstraintsValid: true, + } + + privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + return nil, err + } + + publicKey := &privateKey.PublicKey + certRaw, err := x509.CreateCertificate(rand.Reader, caDetails, caDetails, publicKey, privateKey) + if err != nil { + return nil, err + } + + cert, err := x509.ParseCertificate(certRaw) + if err != nil { + return nil, err + } + + ca := &KeyPair{ + Cert: cert, + Priv: privateKey, + } + + return ca, nil +} + +// CreateSignedServingPair creates a serving cert/key pair signed by the given ca +func CreateSignedServingPair(notAfter time.Time, organization string, ca *KeyPair, hosts []string) (*KeyPair, error) { + notBefore := time.Now() + if notAfter.Before(notBefore) { + return nil, fmt.Errorf("invalid notAfter: %s before %s", notAfter.String(), notBefore.String()) + } + + serial, err := rand.Int(rand.Reader, new(big.Int).SetInt64(math.MaxInt64)) + if err != nil { + return nil, err + } + + certDetails := &x509.Certificate{ + SerialNumber: serial, + Subject: pkix.Name{ + Organization: []string{organization}, + }, + NotBefore: notBefore, + NotAfter: notAfter, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, + KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, + BasicConstraintsValid: true, + DNSNames: hosts, + } + + privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + return nil, err + } + + publicKey := &privateKey.PublicKey + certRaw, err := x509.CreateCertificate(rand.Reader, certDetails, ca.Cert, publicKey, ca.Priv) + if err != nil { + return nil, err + } + + cert, err := x509.ParseCertificate(certRaw) + if err != nil { + return nil, err + } + + servingCert := &KeyPair{ + Cert: cert, + Priv: privateKey, + } + + return servingCert, nil +} + +// PEMToCert converts the PEM block of the given byte array to an x509 certificate +func PEMToCert(certPEM []byte) (*x509.Certificate, error) { + block, _ := pem.Decode(certPEM) + if block == nil { + return nil, fmt.Errorf("cert PEM empty") + } + + cert, err := x509.ParseCertificate(block.Bytes) + if err != nil { + return nil, err + } + + return cert, nil +} + +// VerifyCert checks that the given cert is signed and trusted by the given CA +func VerifyCert(ca, cert *x509.Certificate, host string) error { + roots := x509.NewCertPool() + roots.AddCert(ca) + + opts := x509.VerifyOptions{ + DNSName: host, + Roots: roots, + } + + if _, err := cert.Verify(opts); err != nil { + return err + } + + return nil +} + +// Active checks if the given cert is within its valid time window +func Active(cert *x509.Certificate) bool { + now := time.Now() + active := now.After(cert.NotBefore) && now.Before(cert.NotAfter) + return active +} + +// PEMHash returns a hash of the given PEM encoded cert +type PEMHash func(certPEM []byte) (hash string) + +// PEMSHA256 returns the hex encoded SHA 256 hash of the given PEM encoded cert +func PEMSHA256(certPEM []byte) (hash string) { + hasher := sha256.New() + hasher.Write(certPEM) + hash = hex.EncodeToString(hasher.Sum(nil)) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors/errors.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors/errors.go new file mode 100644 index 000000000..e94b7b7e7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors/errors.go @@ -0,0 +1,59 @@ +package errors + +import "fmt" + +// MultipleExistingCRDOwnersError is an error that denotes multiple owners of a CRD exist +// simultaneously in the same namespace +type MultipleExistingCRDOwnersError struct { + CSVNames []string + CRDName string + Namespace string +} + +type UnadoptableError struct { + resourceNamespace string + resourceName string +} + +func (err UnadoptableError) Error() string { + if err.resourceNamespace == "" { + return fmt.Sprintf("%s is unadoptable", err.resourceName) + } + return fmt.Sprintf("%s/%s is unadoptable", err.resourceNamespace, err.resourceName) +} + +func NewUnadoptableError(resourceNamespace, resourceName string) UnadoptableError { + return UnadoptableError{resourceNamespace, resourceName} +} + +func (m MultipleExistingCRDOwnersError) Error() string { + return fmt.Sprintf("Existing CSVs %v in namespace %s all claim to own CRD %s", m.CSVNames, m.Namespace, m.CRDName) +} + +func NewMultipleExistingCRDOwnersError(csvNames []string, crdName string, namespace string) MultipleExistingCRDOwnersError { + return MultipleExistingCRDOwnersError{ + CSVNames: csvNames, + CRDName: crdName, + Namespace: namespace, + } +} + +func IsMultipleExistingCRDOwnersError(err error) bool { + switch err.(type) { + case MultipleExistingCRDOwnersError: + return true + } + + return false +} + +// GroupVersionKindNotFoundError occurs when we can't find an API via discovery +type GroupVersionKindNotFoundError struct { + Group string + Version string + Kind string +} + +func (g GroupVersionKindNotFoundError) Error() string { + return fmt.Sprintf("Unable to find GVK in discovery: %s %s %s", g.Group, g.Version, g.Kind) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/attributes_util.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/attributes_util.go new file mode 100644 index 000000000..9b5810dc5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/attributes_util.go @@ -0,0 +1,79 @@ +package install + +import ( + log "github.com/sirupsen/logrus" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiserver/pkg/authentication/serviceaccount" + "k8s.io/apiserver/pkg/authentication/user" + "k8s.io/apiserver/pkg/authorization/authorizer" +) + +// toAttributesSet converts the given user, namespace, and PolicyRule into a set of Attributes expected. This is useful for checking +// if a composed set of Roles/RoleBindings satisfies a PolicyRule. +func toAttributesSet(user user.Info, namespace string, rule rbacv1.PolicyRule) []authorizer.Attributes { + set := map[authorizer.AttributesRecord]struct{}{} + + // add empty string for empty groups, resources, resource names, and non resource urls + groups := rule.APIGroups + if len(groups) == 0 { + groups = make([]string, 1) + } + resources := rule.Resources + if len(resources) == 0 { + resources = make([]string, 1) + } + names := rule.ResourceNames + if len(names) == 0 { + names = make([]string, 1) + } + nonResourceURLs := rule.NonResourceURLs + if len(nonResourceURLs) == 0 { + nonResourceURLs = make([]string, 1) + } + + for _, verb := range rule.Verbs { + for _, group := range groups { + for _, resource := range resources { + for _, name := range names { + for _, nonResourceURL := range nonResourceURLs { + set[attributesRecord(user, namespace, verb, group, resource, name, nonResourceURL)] = struct{}{} + } + } + } + } + } + + attributes := make([]authorizer.Attributes, len(set)) + i := 0 + for attribute := range set { + attributes[i] = attribute + i++ + } + log.Debugf("attributes set %+v", attributes) + + return attributes +} + +// attribute creates a new AttributesRecord with the given info. Currently RBAC authz only looks at user, verb, apiGroup, resource, and name. +func attributesRecord(user user.Info, namespace, verb, apiGroup, resource, name, path string) authorizer.AttributesRecord { + resourceRequest := path == "" + return authorizer.AttributesRecord{ + User: user, + Verb: verb, + Namespace: namespace, + APIGroup: apiGroup, + Resource: resource, + Name: name, + ResourceRequest: resourceRequest, + Path: path, + } +} + +func toDefaultInfo(sa *corev1.ServiceAccount) *user.DefaultInfo { + // TODO(Nick): add Group if necessary + return &user.DefaultInfo{ + Name: serviceaccount.MakeUsername(sa.GetNamespace(), sa.GetName()), + UID: string(sa.GetUID()), + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/attributes_util_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/attributes_util_test.go new file mode 100644 index 000000000..0c7fb264a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/attributes_util_test.go @@ -0,0 +1,144 @@ +package install + +import ( + "fmt" + "testing" + + "github.com/stretchr/testify/require" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiserver/pkg/authentication/user" + "k8s.io/apiserver/pkg/authorization/authorizer" +) + +func TestToAttributeSet(t *testing.T) { + user := &user.DefaultInfo{ + Name: "Jim", + } + namespace := "local" + + tests := []struct { + description string + rule rbacv1.PolicyRule + expectedAttributes map[authorizer.AttributesRecord]struct{} + }{ + { + description: "SimpleRule", + rule: rbacv1.PolicyRule{ + Verbs: []string{"*"}, + APIGroups: []string{"*"}, + Resources: []string{"*"}, + }, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{ + attributesRecord(user, namespace, "*", "*", "*", "", ""): {}, + }, + }, + { + description: "SimpleNonResourceRule", + rule: rbacv1.PolicyRule{ + Verbs: []string{"*"}, + NonResourceURLs: []string{"/api"}, + }, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{ + attributesRecord(user, namespace, "*", "", "", "", "/api"): {}, + }, + }, + { + description: "SeparateVerbs", + rule: rbacv1.PolicyRule{ + Verbs: []string{"create", "delete"}, + APIGroups: []string{"*"}, + Resources: []string{"*"}, + }, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{ + attributesRecord(user, namespace, "create", "*", "*", "", ""): {}, + attributesRecord(user, namespace, "delete", "*", "*", "", ""): {}, + }, + }, + { + description: "MultipleResources", + rule: rbacv1.PolicyRule{ + Verbs: []string{"get", "update"}, + Resources: []string{"donuts", "coffee"}, + }, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{ + attributesRecord(user, namespace, "get", "", "donuts", "", ""): {}, + attributesRecord(user, namespace, "update", "", "donuts", "", ""): {}, + attributesRecord(user, namespace, "get", "", "coffee", "", ""): {}, + attributesRecord(user, namespace, "update", "", "coffee", "", ""): {}, + }, + }, + { + description: "MultipleNonResourceURLs", + rule: rbacv1.PolicyRule{ + Verbs: []string{"*"}, + NonResourceURLs: []string{"/capybaras", "/caviidaes"}, + }, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{ + attributesRecord(user, namespace, "*", "", "", "", "/capybaras"): {}, + attributesRecord(user, namespace, "*", "", "", "", "/caviidaes"): {}, + }, + }, + { + description: "MultipleResourcesWithResourceName", + rule: rbacv1.PolicyRule{ + Verbs: []string{"get", "update"}, + Resources: []string{"donuts", "coffee"}, + ResourceNames: []string{"nyc"}, + }, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{ + attributesRecord(user, namespace, "get", "", "donuts", "nyc", ""): {}, + attributesRecord(user, namespace, "update", "", "donuts", "nyc", ""): {}, + attributesRecord(user, namespace, "get", "", "coffee", "nyc", ""): {}, + attributesRecord(user, namespace, "update", "", "coffee", "nyc", ""): {}, + }, + }, + { + description: "MultipleResourcesWithMultipleAPIGroups", + rule: rbacv1.PolicyRule{ + Verbs: []string{"get", "update"}, + Resources: []string{"donuts", "coffee"}, + APIGroups: []string{"apps.coreos.com", "apps.redhat.com"}, + ResourceNames: []string{"nyc"}, + }, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{ + attributesRecord(user, namespace, "get", "apps.coreos.com", "donuts", "nyc", ""): {}, + attributesRecord(user, namespace, "update", "apps.coreos.com", "donuts", "nyc", ""): {}, + attributesRecord(user, namespace, "get", "apps.coreos.com", "coffee", "nyc", ""): {}, + attributesRecord(user, namespace, "update", "apps.coreos.com", "coffee", "nyc", ""): {}, + attributesRecord(user, namespace, "get", "apps.redhat.com", "donuts", "nyc", ""): {}, + attributesRecord(user, namespace, "update", "apps.redhat.com", "donuts", "nyc", ""): {}, + attributesRecord(user, namespace, "get", "apps.redhat.com", "coffee", "nyc", ""): {}, + attributesRecord(user, namespace, "update", "apps.redhat.com", "coffee", "nyc", ""): {}, + }, + }, + { + description: "NoVerbs", + rule: rbacv1.PolicyRule{}, + expectedAttributes: map[authorizer.AttributesRecord]struct{}{}, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + attributesSet := toAttributesSet(user, namespace, tt.rule) + + require.Equal(t, len(tt.expectedAttributes), len(attributesSet)) + + for _, attributes := range attributesSet { + // type assert as AttributesRecord + a, ok := attributes.(authorizer.AttributesRecord) + require.True(t, ok, "type assertion for attributes failed") + + // make sure we're expecting the attribute + _, exists := tt.expectedAttributes[a] + require.True(t, exists, fmt.Sprintf("found unexpected attributes %v", attributes)) + + // ensure each expected attribute only appears once + delete(tt.expectedAttributes, a) + } + + // check that all expected have been found + require.Zero(t, len(tt.expectedAttributes), fmt.Sprintf("%d expected attributes not found", len(tt.expectedAttributes))) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/deployment.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/deployment.go new file mode 100644 index 000000000..fc419bacb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/deployment.go @@ -0,0 +1,220 @@ +package install + +import ( + "fmt" + + log "github.com/sirupsen/logrus" + appsv1 "k8s.io/api/apps/v1" + rbac "k8s.io/api/rbac/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +const ( + InstallStrategyNameDeployment = "deployment" +) + +// StrategyDeploymentPermissions describe the rbac rules and service account needed by the install strategy +type StrategyDeploymentPermissions struct { + ServiceAccountName string `json:"serviceAccountName"` + Rules []rbac.PolicyRule `json:"rules"` +} + +// StrategyDeploymentSpec contains the name and spec for the deployment ALM should create +type StrategyDeploymentSpec struct { + Name string `json:"name"` + Spec appsv1.DeploymentSpec `json:"spec"` +} + +// StrategyDetailsDeployment represents the parsed details of a Deployment +// InstallStrategy. +type StrategyDetailsDeployment struct { + DeploymentSpecs []StrategyDeploymentSpec `json:"deployments"` + Permissions []StrategyDeploymentPermissions `json:"permissions,omitempty"` + ClusterPermissions []StrategyDeploymentPermissions `json:"clusterPermissions,omitempty"` +} + +type StrategyDeploymentInstaller struct { + strategyClient wrappers.InstallStrategyDeploymentInterface + owner ownerutil.Owner + previousStrategy Strategy + templateAnnotations map[string]string +} + +func (d *StrategyDetailsDeployment) GetStrategyName() string { + return InstallStrategyNameDeployment +} + +var _ Strategy = &StrategyDetailsDeployment{} +var _ StrategyInstaller = &StrategyDeploymentInstaller{} + +func NewStrategyDeploymentInstaller(strategyClient wrappers.InstallStrategyDeploymentInterface, templateAnnotations map[string]string, owner ownerutil.Owner, previousStrategy Strategy) StrategyInstaller { + return &StrategyDeploymentInstaller{ + strategyClient: strategyClient, + owner: owner, + previousStrategy: previousStrategy, + templateAnnotations: templateAnnotations, + } +} + +func (i *StrategyDeploymentInstaller) installDeployments(deps []StrategyDeploymentSpec) error { + for _, d := range deps { + dep := &appsv1.Deployment{Spec: d.Spec} + dep.SetName(d.Name) + dep.SetNamespace(i.owner.GetNamespace()) + + // Merge annotations (to avoid losing info from pod template) + annotations := map[string]string{} + for k, v := range i.templateAnnotations { + annotations[k] = v + } + for k, v := range dep.Spec.Template.GetAnnotations() { + annotations[k] = v + } + dep.Spec.Template.SetAnnotations(annotations) + + ownerutil.AddNonBlockingOwner(dep, i.owner) + if err := ownerutil.AddOwnerLabels(dep, i.owner); err != nil { + return err + } + if _, err := i.strategyClient.CreateOrUpdateDeployment(dep); err != nil { + return err + } + } + + return nil +} + +func (i *StrategyDeploymentInstaller) cleanupPrevious(current *StrategyDetailsDeployment, previous *StrategyDetailsDeployment) error { + previousDeploymentsMap := map[string]struct{}{} + for _, d := range previous.DeploymentSpecs { + previousDeploymentsMap[d.Name] = struct{}{} + } + for _, d := range current.DeploymentSpecs { + delete(previousDeploymentsMap, d.Name) + } + log.Debugf("preparing to cleanup: %s", previousDeploymentsMap) + // delete deployments in old strategy but not new + var err error = nil + for name := range previousDeploymentsMap { + err = i.strategyClient.DeleteDeployment(name) + } + return err +} + +func (i *StrategyDeploymentInstaller) Install(s Strategy) error { + strategy, ok := s.(*StrategyDetailsDeployment) + if !ok { + return fmt.Errorf("attempted to install %s strategy with deployment installer", strategy.GetStrategyName()) + } + + if err := i.installDeployments(strategy.DeploymentSpecs); err != nil { + return err + } + + // Clean up orphaned deployments + return i.cleanupOrphanedDeployments(strategy.DeploymentSpecs) +} + +// CheckInstalled can return nil (installed), or errors +// Errors can indicate: some component missing (keep installing), unable to query (check again later), or unrecoverable (failed in a way we know we can't recover from) +func (i *StrategyDeploymentInstaller) CheckInstalled(s Strategy) (installed bool, err error) { + strategy, ok := s.(*StrategyDetailsDeployment) + if !ok { + return false, StrategyError{Reason: StrategyErrReasonInvalidStrategy, Message: fmt.Sprintf("attempted to check %s strategy with deployment installer", strategy.GetStrategyName())} + } + + // Check deployments + if err := i.checkForDeployments(strategy.DeploymentSpecs); err != nil { + return false, err + } + return true, nil +} + +func (i *StrategyDeploymentInstaller) checkForDeployments(deploymentSpecs []StrategyDeploymentSpec) error { + var depNames []string + for _, dep := range deploymentSpecs { + depNames = append(depNames, dep.Name) + } + + // Check the owner is a CSV + csv, ok := i.owner.(*v1alpha1.ClusterServiceVersion) + if !ok { + return StrategyError{Reason: StrategyErrReasonComponentMissing, Message: fmt.Sprintf("owner %s is not a CSV", i.owner.GetName())} + } + + existingDeployments, err := i.strategyClient.FindAnyDeploymentsMatchingLabels(ownerutil.CSVOwnerSelector(csv)) + if err != nil { + return StrategyError{Reason: StrategyErrReasonComponentMissing, Message: fmt.Sprintf("error querying existing deployments for CSV %s: %s", csv.GetName(), err)} + } + + // compare deployments to see if any need to be created/updated + existingMap := map[string]*appsv1.Deployment{} + for _, d := range existingDeployments { + existingMap[d.GetName()] = d + } + for _, spec := range deploymentSpecs { + dep, exists := existingMap[spec.Name] + if !exists { + log.Debugf("missing deployment with name=%s", spec.Name) + return StrategyError{Reason: StrategyErrReasonComponentMissing, Message: fmt.Sprintf("missing deployment with name=%s", spec.Name)} + } + reason, ready, err := DeploymentStatus(dep) + if err != nil { + log.Debugf("deployment %s not ready before timeout: %s", dep.Name, err.Error()) + return StrategyError{Reason: StrategyErrReasonTimeout, Message: fmt.Sprintf("deployment %s not ready before timeout: %s", dep.Name, err.Error())} + } + if !ready { + return StrategyError{Reason: StrategyErrReasonWaiting, Message: fmt.Sprintf("waiting for deployment %s to become ready: %s", dep.Name, reason)} + } + + // check annotations + if len(i.templateAnnotations) > 0 && dep.Spec.Template.Annotations == nil { + return StrategyError{Reason: StrategyErrReasonAnnotationsMissing, Message: fmt.Sprintf("no annotations found on deployment")} + } + for key, value := range i.templateAnnotations { + if dep.Spec.Template.Annotations[key] != value { + return StrategyError{Reason: StrategyErrReasonAnnotationsMissing, Message: fmt.Sprintf("annotations on deployment don't match. couldn't find %s: %s", key, value)} + } + } + } + return nil +} + +// Clean up orphaned deployments after reinstalling deployments process +func (i *StrategyDeploymentInstaller) cleanupOrphanedDeployments(deploymentSpecs []StrategyDeploymentSpec) error { + // Map of deployments + depNames := map[string]string{} + for _, dep := range deploymentSpecs { + depNames[dep.Name] = dep.Name + } + + // Check the owner is a CSV + csv, ok := i.owner.(*v1alpha1.ClusterServiceVersion) + if !ok { + return fmt.Errorf("owner %s is not a CSV", i.owner.GetName()) + } + + // Get existing deployments in CSV's namespace and owned by CSV + existingDeployments, err := i.strategyClient.FindAnyDeploymentsMatchingLabels(ownerutil.CSVOwnerSelector(csv)) + if err != nil { + return err + } + + // compare existing deployments to deployments in CSV's spec to see if any need to be deleted + for _, d := range existingDeployments { + if _, exists := depNames[d.GetName()]; !exists { + if ownerutil.IsOwnedBy(d, i.owner) { + log.Infof("found an orphaned deployment %s in namespace %s", d.GetName(), i.owner.GetNamespace()) + if err := i.strategyClient.DeleteDeployment(d.GetName()); err != nil { + log.Warnf("error cleaning up deployment %s", d.GetName()) + return err + } + } + } + } + + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/deployment_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/deployment_test.go new file mode 100644 index 000000000..89503cbf7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/deployment_test.go @@ -0,0 +1,509 @@ +package install + +import ( + "fmt" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + clientfakes "github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers/wrappersfakes" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +func testDeployment(name, namespace string, mockOwner ownerutil.Owner) appsv1.Deployment { + testDeploymentLabels := map[string]string{"olm.owner": mockOwner.GetName(), "olm.owner.namespace": mockOwner.GetNamespace(), "olm.owner.kind": "ClusterServiceVersion"} + + deployment := appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: v1alpha1.SchemeGroupVersion.String(), + Kind: v1alpha1.ClusterServiceVersionKind, + Name: mockOwner.GetName(), + UID: mockOwner.GetUID(), + Controller: &ownerutil.NotController, + BlockOwnerDeletion: &ownerutil.DontBlockOwnerDeletion, + }, + }, + Labels: testDeploymentLabels, + }, + } + return deployment +} + +func testServiceAccount(name string, mockOwner ownerutil.Owner) *corev1.ServiceAccount { + serviceAccount := &corev1.ServiceAccount{} + serviceAccount.SetName(name) + serviceAccount.SetOwnerReferences([]metav1.OwnerReference{ + { + APIVersion: v1alpha1.SchemeGroupVersion.String(), + Kind: v1alpha1.ClusterServiceVersionKind, + Name: mockOwner.GetName(), + UID: mockOwner.GetUID(), + Controller: &ownerutil.NotController, + BlockOwnerDeletion: &ownerutil.DontBlockOwnerDeletion, + }, + }) + return serviceAccount +} + +func strategy(n int, namespace string, mockOwner ownerutil.Owner) *StrategyDetailsDeployment { + var deploymentSpecs = []StrategyDeploymentSpec{} + var permissions = []StrategyDeploymentPermissions{} + for i := 1; i <= n; i++ { + dep := testDeployment(fmt.Sprintf("olm-dep-%d", i), namespace, mockOwner) + spec := StrategyDeploymentSpec{Name: dep.GetName(), Spec: dep.Spec} + deploymentSpecs = append(deploymentSpecs, spec) + serviceAccount := testServiceAccount(fmt.Sprintf("olm-sa-%d", i), mockOwner) + permissions = append(permissions, StrategyDeploymentPermissions{ + ServiceAccountName: serviceAccount.Name, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"list", "delete"}, + APIGroups: []string{""}, + Resources: []string{"pods"}, + }, + }, + }) + } + return &StrategyDetailsDeployment{ + DeploymentSpecs: deploymentSpecs, + Permissions: permissions, + } +} + +func TestInstallStrategyDeploymentInstallDeployments(t *testing.T) { + var ( + mockOwner = v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterserviceversion-owner", + Namespace: "olm-test-deployment", + }, + } + mockOwnerRefs = []metav1.OwnerReference{{ + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: mockOwner.GetName(), + UID: mockOwner.UID, + Controller: &ownerutil.NotController, + BlockOwnerDeletion: &ownerutil.DontBlockOwnerDeletion, + }} + ) + + type inputs struct { + strategyDeploymentSpecs []StrategyDeploymentSpec + } + type setup struct { + existingDeployments []*appsv1.Deployment + } + type createOrUpdateMock struct { + expectedDeployment appsv1.Deployment + returnError error + } + tests := []struct { + description string + inputs inputs + setup setup + createOrUpdateMocks []createOrUpdateMock + output error + }{ + { + description: "updates/creates correctly", + inputs: inputs{ + strategyDeploymentSpecs: []StrategyDeploymentSpec{ + { + Name: "test-deployment-1", + Spec: appsv1.DeploymentSpec{}, + }, + { + Name: "test-deployment-2", + Spec: appsv1.DeploymentSpec{}, + }, + { + Name: "test-deployment-3", + Spec: appsv1.DeploymentSpec{}, + }, + }, + }, + setup: setup{ + existingDeployments: []*appsv1.Deployment{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "test-deployment-1", + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "test-deployment-3", + }, + Spec: appsv1.DeploymentSpec{ + Paused: false, // arbitrary spec difference + }, + }, + }, + }, + createOrUpdateMocks: []createOrUpdateMock{ + { + expectedDeployment: appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-deployment-1", + Namespace: mockOwner.GetNamespace(), + OwnerReferences: mockOwnerRefs, + Labels: map[string]string{ + "olm.owner": mockOwner.GetName(), + "olm.owner.namespace": mockOwner.GetNamespace(), + }, + }, + Spec: appsv1.DeploymentSpec{ + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{}, + }, + }, + }, + }, + returnError: nil, + }, + { + expectedDeployment: appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-deployment-2", + Namespace: mockOwner.GetNamespace(), + OwnerReferences: mockOwnerRefs, + Labels: map[string]string{ + "olm.owner": mockOwner.GetName(), + "olm.owner.namespace": mockOwner.GetNamespace(), + }, + }, + Spec: appsv1.DeploymentSpec{ + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{}, + }, + }, + }, + }, + returnError: nil, + }, + { + expectedDeployment: appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-deployment-3", + Namespace: mockOwner.GetNamespace(), + OwnerReferences: mockOwnerRefs, + Labels: map[string]string{ + "olm.owner": mockOwner.GetName(), + "olm.owner.namespace": mockOwner.GetNamespace(), + }, + }, + Spec: appsv1.DeploymentSpec{ + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{}, + }, + }, + }, + }, + returnError: nil, + }, + }, + output: nil, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + fakeClient := new(clientfakes.FakeInstallStrategyDeploymentInterface) + + for i, m := range tt.createOrUpdateMocks { + fakeClient.CreateDeploymentReturns(nil, m.returnError) + defer func(i int, expectedDeployment appsv1.Deployment) { + dep := fakeClient.CreateOrUpdateDeploymentArgsForCall(i) + expectedDeployment.Spec.Template.Annotations = map[string]string{} + require.Equal(t, expectedDeployment.OwnerReferences, dep.OwnerReferences) + }(i, m.expectedDeployment) + } + + installer := &StrategyDeploymentInstaller{ + strategyClient: fakeClient, + owner: &mockOwner, + } + result := installer.installDeployments(tt.inputs.strategyDeploymentSpecs) + assert.Equal(t, tt.output, result) + }) + } +} + +type BadStrategy struct{} + +func (b *BadStrategy) GetStrategyName() string { + return "bad" +} + +func TestNewStrategyDeploymentInstaller(t *testing.T) { + mockOwner := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterserviceversion-owner", + Namespace: "ns", + }, + } + fakeClient := new(clientfakes.FakeInstallStrategyDeploymentInterface) + strategy := NewStrategyDeploymentInstaller(fakeClient, map[string]string{"test": "annotation"}, &mockOwner, nil) + require.Implements(t, (*StrategyInstaller)(nil), strategy) + require.Error(t, strategy.Install(&BadStrategy{})) + installed, err := strategy.CheckInstalled(&BadStrategy{}) + require.False(t, installed) + require.Error(t, err) +} + +func TestInstallStrategyDeploymentCheckInstallErrors(t *testing.T) { + namespace := "olm-test-deployment" + + mockOwner := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterserviceversion-owner", + Namespace: namespace, + }, + } + + mockOwnerLabel := ownerutil.CSVOwnerSelector(&mockOwner) + + tests := []struct { + createDeploymentErr error + description string + }{ + { + createDeploymentErr: fmt.Errorf("error creating deployment"), + description: "ErrorCreatingDeployment", + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + fakeClient := new(clientfakes.FakeInstallStrategyDeploymentInterface) + strategy := strategy(1, namespace, &mockOwner) + installer := NewStrategyDeploymentInstaller(fakeClient, map[string]string{"test": "annotation"}, &mockOwner, nil) + + dep := testDeployment("olm-dep-1", namespace, &mockOwner) + dep.Spec.Template.SetAnnotations(map[string]string{"test": "annotation"}) + fakeClient.FindAnyDeploymentsMatchingLabelsReturns( + []*appsv1.Deployment{ + &dep, + }, nil, + ) + defer func() { + require.Equal(t, mockOwnerLabel, fakeClient.FindAnyDeploymentsMatchingLabelsArgsForCall(0)) + }() + + installed, err := installer.CheckInstalled(strategy) + require.NoError(t, err) + require.True(t, installed) + + deployment := testDeployment("olm-dep-1", namespace, &mockOwner) + deployment.Spec.Template.SetAnnotations(map[string]string{"test": "annotation"}) + fakeClient.CreateOrUpdateDeploymentReturns(&deployment, tt.createDeploymentErr) + defer func() { + require.Equal(t, &deployment, fakeClient.CreateOrUpdateDeploymentArgsForCall(0)) + }() + + if tt.createDeploymentErr != nil { + err := installer.Install(strategy) + require.Error(t, err) + return + } + }) + } +} + +func TestInstallStrategyDeploymentCleanupDeployments(t *testing.T) { + var ( + mockOwner = v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterserviceversion-owner", + Namespace: "olm-test-deployment", + }, + } + mockOwnerRefs = []metav1.OwnerReference{{ + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: mockOwner.GetName(), + UID: mockOwner.UID, + Controller: &ownerutil.NotController, + BlockOwnerDeletion: &ownerutil.DontBlockOwnerDeletion, + }} + ) + + type inputs struct { + strategyDeploymentSpecs []StrategyDeploymentSpec + } + type setup struct { + existingDeployments []*appsv1.Deployment + returnError error + } + type cleanupMock struct { + deletedDeploymentName string + returnError error + } + tests := []struct { + description string + inputs inputs + setup setup + cleanupMock cleanupMock + output error + }{ + { + description: "cleanup successfully", + inputs: inputs{ + strategyDeploymentSpecs: []StrategyDeploymentSpec{ + { + Name: "test-deployment-1", + Spec: appsv1.DeploymentSpec{}, + }, + }, + }, + setup: setup{ + existingDeployments: []*appsv1.Deployment{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "test-deployment-2", + Namespace: mockOwner.GetNamespace(), + OwnerReferences: mockOwnerRefs, + Labels: map[string]string{ + "olm.owner": mockOwner.GetName(), + "olm.owner.namespace": mockOwner.GetNamespace(), + }, + }, + }, + }, + returnError: nil, + }, + cleanupMock: cleanupMock{ + deletedDeploymentName: "test-deployment-2", + returnError: nil, + }, + output: nil, + }, + { + description: "cleanup unsuccessfully as no orphaned deployments found", + inputs: inputs{ + strategyDeploymentSpecs: []StrategyDeploymentSpec{ + { + Name: "test-deployment-1", + Spec: appsv1.DeploymentSpec{}, + }, + }, + }, + setup: setup{ + existingDeployments: []*appsv1.Deployment{}, + returnError: fmt.Errorf("error getting deployments"), + }, + cleanupMock: cleanupMock{ + deletedDeploymentName: "", + returnError: nil, + }, + output: fmt.Errorf("error getting deployments"), + }, + { + description: "cleanup unsuccessfully as unable to look up orphaned deployments", + inputs: inputs{ + strategyDeploymentSpecs: []StrategyDeploymentSpec{ + { + Name: "test-deployment-1", + Spec: appsv1.DeploymentSpec{}, + }, + }, + }, + setup: setup{ + existingDeployments: []*appsv1.Deployment{}, + returnError: fmt.Errorf("error unable to look up orphaned deployments"), + }, + cleanupMock: cleanupMock{ + deletedDeploymentName: "", + returnError: nil, + }, + output: fmt.Errorf("error unable to look up orphaned deployments"), + }, + { + description: "cleanup unsuccessfully as unable to delete deployments", + inputs: inputs{ + strategyDeploymentSpecs: []StrategyDeploymentSpec{ + { + Name: "test-deployment-1", + Spec: appsv1.DeploymentSpec{}, + }, + }, + }, + setup: setup{ + existingDeployments: []*appsv1.Deployment{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "test-deployment-2", + Namespace: mockOwner.GetNamespace(), + OwnerReferences: mockOwnerRefs, + Labels: map[string]string{ + "olm.owner": mockOwner.GetName(), + "olm.owner.namespace": mockOwner.GetNamespace(), + }, + }, + }, + }, + returnError: nil, + }, + cleanupMock: cleanupMock{ + deletedDeploymentName: "", + returnError: fmt.Errorf("error unable to delete deployments"), + }, + output: fmt.Errorf("error unable to delete deployments"), + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + fakeClient := new(clientfakes.FakeInstallStrategyDeploymentInterface) + installer := &StrategyDeploymentInstaller{ + strategyClient: fakeClient, + owner: &mockOwner, + } + + fakeClient.FindAnyDeploymentsMatchingLabelsReturns( + tt.setup.existingDeployments, tt.setup.returnError, + ) + + fakeClient.DeleteDeploymentReturns(tt.cleanupMock.returnError) + + if tt.setup.returnError == nil && tt.cleanupMock.returnError == nil { + defer func() { + deletedDep := fakeClient.DeleteDeploymentArgsForCall(0) + require.Equal(t, tt.cleanupMock.deletedDeploymentName, deletedDep) + }() + } + + result := installer.cleanupOrphanedDeployments(tt.inputs.strategyDeploymentSpecs) + assert.Equal(t, tt.output, result) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/errors.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/errors.go new file mode 100644 index 000000000..47a0ae441 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/errors.go @@ -0,0 +1,50 @@ +package install + +import "fmt" + +const ( + StrategyErrReasonComponentMissing = "ComponentMissing" + StrategyErrReasonAnnotationsMissing = "AnnotationsMissing" + StrategyErrReasonWaiting = "Waiting" + StrategyErrReasonInvalidStrategy = "InvalidStrategy" + StrategyErrReasonTimeout = "Timeout" + StrategyErrReasonUnknown = "Unknown" +) + +// unrecoverableErrors are the set of errors that mean we can't recover an install strategy +var unrecoverableErrors = map[string]struct{}{ + StrategyErrReasonInvalidStrategy: {}, + StrategyErrReasonTimeout: {}, +} + +// StrategyError is used to represent error types for install strategies +type StrategyError struct { + Reason string + Message string +} + +var _ error = StrategyError{} + +// Error implements the Error interface. +func (e StrategyError) Error() string { + return fmt.Sprintf("%s: %s", e.Reason, e.Message) +} + +// IsErrorUnrecoverable reports if a given strategy error is one of the predefined unrecoverable types +func IsErrorUnrecoverable(err error) bool { + if err == nil { + return false + } + _, ok := unrecoverableErrors[reasonForError(err)] + return ok +} + +func reasonForError(err error) string { + switch t := err.(type) { + case StrategyError: + return t.Reason + case *StrategyError: + return t.Reason + } + return StrategyErrReasonUnknown +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/resolver.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/resolver.go new file mode 100644 index 000000000..fcbac9ac1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/resolver.go @@ -0,0 +1,67 @@ +//go:generate counterfeiter -o ../../fakes/fake_strategy.go resolver.go Strategy +//go:generate counterfeiter -o ../../fakes/fake_strategy_installer.go resolver.go StrategyInstaller +//go:generate counterfeiter -o ../../fakes/fake_strategy_resolver.go resolver.go StrategyResolverInterface +package install + +import ( + "encoding/json" + "fmt" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/wrappers" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +type Strategy interface { + GetStrategyName() string +} + +type StrategyInstaller interface { + Install(strategy Strategy) error + CheckInstalled(strategy Strategy) (bool, error) +} + +type StrategyResolverInterface interface { + UnmarshalStrategy(s v1alpha1.NamedInstallStrategy) (strategy Strategy, err error) + InstallerForStrategy(strategyName string, opClient operatorclient.ClientInterface, opLister operatorlister.OperatorLister, owner ownerutil.Owner, annotations map[string]string, previousStrategy Strategy) StrategyInstaller +} + +type StrategyResolver struct{} + +func (r *StrategyResolver) UnmarshalStrategy(s v1alpha1.NamedInstallStrategy) (strategy Strategy, err error) { + switch s.StrategyName { + case InstallStrategyNameDeployment: + strategy = &StrategyDetailsDeployment{} + if err := json.Unmarshal(s.StrategySpecRaw, strategy); err != nil { + return nil, err + } + return + } + err = fmt.Errorf("unrecognized install strategy") + return +} + +func (r *StrategyResolver) InstallerForStrategy(strategyName string, opClient operatorclient.ClientInterface, opLister operatorlister.OperatorLister, owner ownerutil.Owner, annotations map[string]string, previousStrategy Strategy) StrategyInstaller { + switch strategyName { + case InstallStrategyNameDeployment: + strategyClient := wrappers.NewInstallStrategyDeploymentClient(opClient, opLister, owner.GetNamespace()) + return NewStrategyDeploymentInstaller(strategyClient, annotations, owner, previousStrategy) + } + + // Insurance against these functions being called incorrectly (unmarshal strategy will return a valid strategy name) + return &NullStrategyInstaller{} +} + +type NullStrategyInstaller struct{} + +var _ StrategyInstaller = &NullStrategyInstaller{} + +func (i *NullStrategyInstaller) Install(s Strategy) error { + return fmt.Errorf("null InstallStrategy used") +} + +func (i *NullStrategyInstaller) CheckInstalled(s Strategy) (bool, error) { + return true, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/rule_checker.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/rule_checker.go new file mode 100644 index 000000000..19517f262 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/rule_checker.go @@ -0,0 +1,154 @@ +package install + +import ( + "fmt" + + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apiserver/pkg/authorization/authorizer" + crbacv1 "k8s.io/client-go/listers/rbac/v1" + rbacauthorizer "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +// RuleChecker is used to verify whether PolicyRules are satisfied by existing Roles or ClusterRoles +type RuleChecker interface { + // RuleSatisfied determines whether a PolicyRule is satisfied for a ServiceAccount + // by existing Roles and ClusterRoles + RuleSatisfied(sa *corev1.ServiceAccount, namespace string, rule rbacv1.PolicyRule) (bool, error) +} + +// CSVRuleChecker determines whether a PolicyRule is satisfied for a ServiceAccount +// by existing Roles and ClusterRoles +type CSVRuleChecker struct { + roleLister crbacv1.RoleLister + roleBindingLister crbacv1.RoleBindingLister + clusterRoleLister crbacv1.ClusterRoleLister + clusterRoleBindingLister crbacv1.ClusterRoleBindingLister + csv *v1alpha1.ClusterServiceVersion +} + +// NewCSVRuleChecker returns a pointer to a new CSVRuleChecker +func NewCSVRuleChecker(roleLister crbacv1.RoleLister, roleBindingLister crbacv1.RoleBindingLister, clusterRoleLister crbacv1.ClusterRoleLister, clusterRoleBindingLister crbacv1.ClusterRoleBindingLister, csv *v1alpha1.ClusterServiceVersion) *CSVRuleChecker { + return &CSVRuleChecker{ + roleLister: roleLister, + roleBindingLister: roleBindingLister, + clusterRoleLister: clusterRoleLister, + clusterRoleBindingLister: clusterRoleBindingLister, + csv: csv.DeepCopy(), + } +} + +// RuleSatisfied returns true if a ServiceAccount is authorized to perform all actions described by a PolicyRule in a namespace +func (c *CSVRuleChecker) RuleSatisfied(sa *corev1.ServiceAccount, namespace string, rule rbacv1.PolicyRule) (bool, error) { + // check if the rule is valid + err := ruleValid(rule) + if err != nil { + return false, fmt.Errorf("rule invalid: %s", err.Error()) + } + + // get attributes set for the given Role and ServiceAccount + user := toDefaultInfo(sa) + attributesSet := toAttributesSet(user, namespace, rule) + + // create a new RBACAuthorizer + rbacAuthorizer := rbacauthorizer.New(c, c, c, c) + + // ensure all attributes are authorized + for _, attributes := range attributesSet { + decision, _, err := rbacAuthorizer.Authorize(attributes) + if err != nil { + return false, err + } + + if decision == authorizer.DecisionDeny || decision == authorizer.DecisionNoOpinion { + return false, nil + } + + } + + return true, nil +} + +func (c *CSVRuleChecker) GetRole(namespace, name string) (*rbacv1.Role, error) { + // get the Role + role, err := c.roleLister.Roles(namespace).Get(name) + if err != nil { + return nil, err + } + + // check if the Role has an OwnerConflict with the client's CSV + if role != nil && ownerutil.HasOwnerConflict(c.csv, role.GetOwnerReferences()) { + return &rbacv1.Role{}, nil + } + + return role, nil +} + +func (c *CSVRuleChecker) ListRoleBindings(namespace string) ([]*rbacv1.RoleBinding, error) { + // get all RoleBindings + rbList, err := c.roleBindingLister.RoleBindings(namespace).List(labels.Everything()) + if err != nil { + return nil, err + } + + // filter based on OwnerReferences + var filtered []*rbacv1.RoleBinding + for _, rb := range rbList { + if !ownerutil.HasOwnerConflict(c.csv, rb.GetOwnerReferences()) { + filtered = append(filtered, rb) + } + } + + return filtered, nil +} + +func (c *CSVRuleChecker) GetClusterRole(name string) (*rbacv1.ClusterRole, error) { + // get the ClusterRole + clusterRole, err := c.clusterRoleLister.Get(name) + if err != nil { + return nil, err + } + + // check if the ClusterRole has an OwnerConflict with the client's CSV + if clusterRole != nil && ownerutil.HasOwnerConflict(c.csv, clusterRole.GetOwnerReferences()) { + return &rbacv1.ClusterRole{}, nil + } + + return clusterRole, nil +} + +func (c *CSVRuleChecker) ListClusterRoleBindings() ([]*rbacv1.ClusterRoleBinding, error) { + // get all RoleBindings + crbList, err := c.clusterRoleBindingLister.List(labels.Everything()) + if err != nil { + return nil, err + } + + // filter based on OwnerReferences + var filtered []*rbacv1.ClusterRoleBinding + for _, crb := range crbList { + if !ownerutil.HasOwnerConflict(c.csv, crb.GetOwnerReferences()) { + filtered = append(filtered, crb) + } + } + + return filtered, nil +} + +// ruleValid returns an error if the given PolicyRule is not valid (resource and nonresource attributes defined) +func ruleValid(rule rbacv1.PolicyRule) error { + if len(rule.Verbs) == 0 { + return fmt.Errorf("policy rule must have at least one verb") + } + + resourceCount := len(rule.APIGroups) + len(rule.Resources) + len(rule.ResourceNames) + if resourceCount > 0 && len(rule.NonResourceURLs) > 0 { + return fmt.Errorf("rule cannot apply to both regular resources and non-resource URLs") + } + + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/rule_checker_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/rule_checker_test.go new file mode 100644 index 000000000..0c2486f42 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/rule_checker_test.go @@ -0,0 +1,630 @@ +package install + +import ( + "testing" + "time" + + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + apiextensionsfake "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/informers" + k8sfake "k8s.io/client-go/kubernetes/fake" + "k8s.io/client-go/tools/cache" + apiregistrationfake "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/fake" + + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" +) + +func TestRuleSatisfied(t *testing.T) { + + csv := &v1alpha1.ClusterServiceVersion{} + csv.SetName("barista-operator") + csv.SetUID(types.UID("barista-operator")) + + sa := &corev1.ServiceAccount{} + sa.SetNamespace("coffee-shop") + sa.SetName("barista-operator") + sa.SetUID(types.UID("barista-operator")) + + tests := []struct { + description string + namespace string + rule rbacv1.PolicyRule + existingRoles []*rbacv1.Role + existingRoleBindings []*rbacv1.RoleBinding + existingClusterRoles []*rbacv1.ClusterRole + existingClusterRoleBindings []*rbacv1.ClusterRoleBinding + expectedError string + satisfied bool + }{ + { + description: "NotSatisfied", + namespace: "coffee-shop", + rule: rbacv1.PolicyRule{ + APIGroups: []string{ + "", + }, + Verbs: []string{ + "*", + }, + Resources: []string{ + "donuts", + }, + }, + satisfied: false, + }, + { + description: "SatisfiedBySingleRole", + namespace: "coffee-shop", + rule: rbacv1.PolicyRule{ + APIGroups: []string{ + "", + }, + Verbs: []string{ + "*", + }, + Resources: []string{ + "donuts", + }, + }, + existingRoles: []*rbacv1.Role{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "*", + }, + Resources: []string{ + "donuts", + }, + }, + }, + }, + }, + existingRoleBindings: []*rbacv1.RoleBinding{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "coffee", + }, + }, + }, + satisfied: true, + }, + { + description: "NotSatisfiedByRoleOwnerConflict", + namespace: "coffee-shop", + rule: rbacv1.PolicyRule{ + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + existingRoles: []*rbacv1.Role{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: csv.GetName(), + UID: csv.GetUID(), + }, + { + APIVersion: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "big-donut", + UID: types.UID("big-donut"), + }, + }, + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + }, + Resources: []string{ + "donuts", + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "napkin", + Namespace: "coffee-shop", + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "big-donut", + UID: types.UID("big-donut"), + }, + }, + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + }, + }, + }, + existingRoleBindings: []*rbacv1.RoleBinding{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "coffee", + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "napkin", + Namespace: "coffee-shop", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "napkin", + }, + }, + }, + satisfied: false, + }, + { + description: "SatisfiedByRoleWithConcurrentOwners", + namespace: "coffee-shop", + rule: rbacv1.PolicyRule{ + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + existingRoles: []*rbacv1.Role{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: csv.GetName(), + UID: csv.GetUID(), + }, + { + APIVersion: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "big-donut", + UID: types.UID("big-donut"), + }, + }, + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + }, + }, + }, + existingRoleBindings: []*rbacv1.RoleBinding{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: "", + Kind: "ServiceAccount", + Name: "mixologist", + UID: types.UID("mixologist"), + }, + }, + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "coffee", + }, + }, + }, + satisfied: true, + }, + { + description: "SatisfiedByMutlipleRoles", + namespace: "coffee-shop", + rule: rbacv1.PolicyRule{ + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + existingRoles: []*rbacv1.Role{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + }, + Resources: []string{ + "donuts", + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "napkin", + Namespace: "coffee-shop", + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + }, + }, + }, + existingRoleBindings: []*rbacv1.RoleBinding{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + Namespace: "coffee-shop", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: "coffee-shop", + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "coffee", + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "napkin", + Namespace: "coffee-shop", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "napkin", + }, + }, + }, + satisfied: true, + }, + { + description: "RuleSatisfiedByClusterRole", + namespace: metav1.NamespaceAll, + rule: rbacv1.PolicyRule{ + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + existingClusterRoles: []*rbacv1.ClusterRole{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "*", + }, + Resources: []string{ + "*", + }, + }, + }, + }, + }, + existingClusterRoleBindings: []*rbacv1.ClusterRoleBinding{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: "coffee", + }, + }, + }, + satisfied: true, + }, + { + description: "RuleNotSatisfiedByClusterRole", + namespace: metav1.NamespaceAll, + rule: rbacv1.PolicyRule{ + APIGroups: []string{ + "", + }, + Verbs: []string{ + "create", + "update", + "delete", + }, + Resources: []string{ + "donuts", + }, + }, + existingClusterRoles: []*rbacv1.ClusterRole{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{ + "", + }, + Verbs: []string{ + "delete", + }, + Resources: []string{ + "*", + }, + }, + }, + }, + }, + existingClusterRoleBindings: []*rbacv1.ClusterRoleBinding{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "coffee", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: "coffee", + }, + }, + }, + satisfied: false, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + // create existing objects + k8sObjs := Objs(tt.existingRoles, + tt.existingRoleBindings, + tt.existingClusterRoles, + tt.existingClusterRoleBindings, + ) + + // create the fake CSVRuleChecker + stopCh := make(chan struct{}) + defer func() { close(stopCh) }() + + t.Logf("calling NewFakeCSVRuleChecker...") + ruleChecker, err := NewFakeCSVRuleChecker(k8sObjs, csv, tt.namespace, stopCh) + require.NoError(t, err) + t.Logf("NewFakeCSVRuleChecker returned") + time.Sleep(1 * time.Second) + + t.Logf("checking if rules are satisfied...") + // check if the rule is satisfied + satisfied, err := ruleChecker.RuleSatisfied(sa, tt.namespace, tt.rule) + if tt.expectedError != "" { + require.Error(t, err, "an error was expected") + require.Equal(t, tt.expectedError, err.Error, "error did not match expected error") + } + + t.Logf("after checking if satisfied") + require.Equal(t, tt.satisfied, satisfied) + }) + } +} + +func NewFakeCSVRuleChecker(k8sObjs []runtime.Object, csv *v1alpha1.ClusterServiceVersion, namespace string, stopCh <-chan struct{}) (*CSVRuleChecker, error) { + // create client fakes + opClientFake := operatorclient.NewClient(k8sfake.NewSimpleClientset(k8sObjs...), apiextensionsfake.NewSimpleClientset(), apiregistrationfake.NewSimpleClientset()) + + // create test namespace + if namespace != metav1.NamespaceAll { + _, err := opClientFake.KubernetesInterface().CoreV1().Namespaces().Create(&corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: namespace}}) + if err != nil { + return nil, err + } + } + + informerFactory := informers.NewSharedInformerFactory(opClientFake.KubernetesInterface(), 1*time.Second) + roleInformer := informerFactory.Rbac().V1().Roles() + roleBindingInformer := informerFactory.Rbac().V1().RoleBindings() + clusterRoleInformer := informerFactory.Rbac().V1().ClusterRoles() + clusterRoleBindingInformer := informerFactory.Rbac().V1().ClusterRoleBindings() + + // kick off informers + for _, informer := range []cache.SharedIndexInformer{roleInformer.Informer(), roleBindingInformer.Informer(), clusterRoleInformer.Informer(), clusterRoleBindingInformer.Informer()} { + go informer.Run(stopCh) + + synced := func() (bool, error) { + return informer.HasSynced(), nil + } + + // wait until the informer has synced to continue + wait.PollUntil(500*time.Millisecond, synced, stopCh) + } + + ruleChecker := NewCSVRuleChecker(roleInformer.Lister(), roleBindingInformer.Lister(), clusterRoleInformer.Lister(), clusterRoleBindingInformer.Lister(), csv) + + return ruleChecker, nil + +} + +func Objs(roles []*rbacv1.Role, roleBindings []*rbacv1.RoleBinding, clusterRoles []*rbacv1.ClusterRole, clusterRoleBindings []*rbacv1.ClusterRoleBinding) []runtime.Object { + k8sObjs := make([]runtime.Object, 0, len(roles)+len(roleBindings)+len(clusterRoles)+len(clusterRoleBindings)) + for _, role := range roles { + k8sObjs = append(k8sObjs, role) + } + + for _, roleBinding := range roleBindings { + k8sObjs = append(k8sObjs, roleBinding) + } + + for _, clusterRole := range clusterRoles { + k8sObjs = append(k8sObjs, clusterRole) + } + + for _, clusterRoleBinding := range clusterRoleBindings { + k8sObjs = append(k8sObjs, clusterRoleBinding) + } + + return k8sObjs +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/status_viewer.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/status_viewer.go new file mode 100644 index 000000000..67a857ef8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/status_viewer.go @@ -0,0 +1,47 @@ +package install + +// See kubernetes/pkg/kubectl/rollout_status.go + +import ( + "fmt" + + appsv1 "k8s.io/api/apps/v1" +) + +const TimedOutReason = "ProgressDeadlineExceeded" + +// Status returns a message describing deployment status, and a bool value indicating if the status is considered done. +func DeploymentStatus(deployment *appsv1.Deployment) (string, bool, error) { + if deployment.Generation <= deployment.Status.ObservedGeneration { + // check if deployment has timed out + cond := getDeploymentCondition(deployment.Status, appsv1.DeploymentProgressing) + if cond != nil && cond.Reason == TimedOutReason { + return "", false, fmt.Errorf("deployment %q exceeded its progress deadline", deployment.Name) + } + // not all replicas are up yet + if deployment.Spec.Replicas != nil && deployment.Status.UpdatedReplicas < *deployment.Spec.Replicas { + return fmt.Sprintf("Waiting for rollout to finish: %d out of %d new replicas have been updated...\n", deployment.Status.UpdatedReplicas, *deployment.Spec.Replicas), false, nil + } + // waiting for old replicas to be cleaned up + if deployment.Status.Replicas > deployment.Status.UpdatedReplicas { + return fmt.Sprintf("Waiting for rollout to finish: %d old replicas are pending termination...\n", deployment.Status.Replicas-deployment.Status.UpdatedReplicas), false, nil + } + // waiting for new replicas to report as available + if deployment.Status.AvailableReplicas < deployment.Status.UpdatedReplicas { + return fmt.Sprintf("Waiting for rollout to finish: %d of %d updated replicas are available...\n", deployment.Status.AvailableReplicas, deployment.Status.UpdatedReplicas), false, nil + } + // deployment is finished + return fmt.Sprintf("deployment %q successfully rolled out\n", deployment.Name), true, nil + } + return fmt.Sprintf("Waiting for deployment spec update to be observed...\n"), false, nil +} + +func getDeploymentCondition(status appsv1.DeploymentStatus, condType appsv1.DeploymentConditionType) *appsv1.DeploymentCondition { + for i := range status.Conditions { + c := status.Conditions[i] + if c.Type == condType { + return &c + } + } + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/status_viewer_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/status_viewer_test.go new file mode 100644 index 000000000..8fcfee725 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install/status_viewer_test.go @@ -0,0 +1,119 @@ +package install + +import ( + "testing" + + apps "k8s.io/api/apps/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func TestDeploymentStatusViewerStatus(t *testing.T) { + tests := []struct { + generation int64 + specReplicas int32 + status apps.DeploymentStatus + msg string + done bool + }{ + { + generation: 0, + specReplicas: 1, + status: apps.DeploymentStatus{ + ObservedGeneration: 1, + Replicas: 1, + UpdatedReplicas: 0, + AvailableReplicas: 1, + UnavailableReplicas: 0, + }, + + msg: "Waiting for rollout to finish: 0 out of 1 new replicas have been updated...\n", + done: false, + }, + { + generation: 1, + specReplicas: 1, + status: apps.DeploymentStatus{ + ObservedGeneration: 1, + Replicas: 2, + UpdatedReplicas: 1, + AvailableReplicas: 2, + UnavailableReplicas: 0, + }, + + msg: "Waiting for rollout to finish: 1 old replicas are pending termination...\n", + done: false, + }, + { + generation: 1, + specReplicas: 2, + status: apps.DeploymentStatus{ + ObservedGeneration: 1, + Replicas: 2, + UpdatedReplicas: 2, + AvailableReplicas: 1, + UnavailableReplicas: 1, + }, + + msg: "Waiting for rollout to finish: 1 of 2 updated replicas are available...\n", + done: false, + }, + { + generation: 1, + specReplicas: 2, + status: apps.DeploymentStatus{ + ObservedGeneration: 1, + Replicas: 2, + UpdatedReplicas: 2, + AvailableReplicas: 2, + UnavailableReplicas: 0, + }, + + msg: "deployment \"foo\" successfully rolled out\n", + done: true, + }, + { + generation: 2, + specReplicas: 2, + status: apps.DeploymentStatus{ + ObservedGeneration: 1, + Replicas: 2, + UpdatedReplicas: 2, + AvailableReplicas: 2, + UnavailableReplicas: 0, + }, + + msg: "Waiting for deployment spec update to be observed...\n", + done: false, + }, + } + + for _, test := range tests { + d := &apps.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "bar", + Name: "foo", + UID: "8764ae47-9092-11e4-8393-42010af018ff", + Generation: test.generation, + }, + Spec: apps.DeploymentSpec{ + Replicas: &test.specReplicas, + }, + Status: test.status, + } + msg, done, err := DeploymentStatus(d) + if err != nil { + t.Fatalf("DeploymentStatusViewer.Status(): %v", err) + } + if done != test.done || msg != test.msg { + t.Errorf("DeploymentStatusViewer.Status() for deployment with generation %d, %d replicas specified, and status %+v returned %q, %t, want %q, %t", + test.generation, + test.specReplicas, + test.status, + msg, + done, + test.msg, + test.done, + ) + } + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/operator.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/operator.go new file mode 100644 index 000000000..43b4d7602 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/operator.go @@ -0,0 +1,1462 @@ +package catalog + +import ( + "context" + "encoding/json" + "errors" + "fmt" + "reflect" + "sync" + "time" + + registryclient "github.com/operator-framework/operator-registry/pkg/client" + errorwrap "github.com/pkg/errors" + "github.com/sirupsen/logrus" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + v1beta1ext "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + extinf "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + utilclock "k8s.io/apimachinery/pkg/util/clock" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/client-go/informers" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/reference" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions" + olmerrors "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + index "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer" + "github.com/operator-framework/operator-lifecycle-manager/pkg/metrics" +) + +const ( + crdKind = "CustomResourceDefinition" + secretKind = "Secret" + clusterRoleKind = "ClusterRole" + clusterRoleBindingKind = "ClusterRoleBinding" + serviceAccountKind = "ServiceAccount" + serviceKind = "Service" + roleKind = "Role" + roleBindingKind = "RoleBinding" + generatedByKey = "olm.generated-by" +) + +// Operator represents a Kubernetes operator that executes InstallPlans by +// resolving dependencies in a catalog. +type Operator struct { + queueinformer.Operator + + logger *logrus.Logger + clock utilclock.Clock + opClient operatorclient.ClientInterface + client versioned.Interface + lister operatorlister.OperatorLister + catsrcQueueSet *queueinformer.ResourceQueueSet + subQueueSet *queueinformer.ResourceQueueSet + ipQueueSet *queueinformer.ResourceQueueSet + nsResolveQueue workqueue.RateLimitingInterface + namespace string + sources map[resolver.CatalogKey]resolver.SourceRef + sourcesLock sync.RWMutex + sourcesLastUpdate metav1.Time + resolver resolver.Resolver + reconciler reconciler.RegistryReconcilerFactory + csvProvidedAPIsIndexer map[string]cache.Indexer +} + +// NewOperator creates a new Catalog Operator. +func NewOperator(ctx context.Context, kubeconfigPath string, clock utilclock.Clock, logger *logrus.Logger, resyncPeriod time.Duration, configmapRegistryImage, operatorNamespace string, watchedNamespaces ...string) (*Operator, error) { + // Default to watching all namespaces. + if len(watchedNamespaces) == 0 { + watchedNamespaces = []string{metav1.NamespaceAll} + } + + // Create a new client for OLM types (CRs) + crClient, err := client.NewClient(kubeconfigPath) + if err != nil { + return nil, err + } + + // Create a new queueinformer-based operator. + opClient := operatorclient.NewClientFromConfig(kubeconfigPath, logger) + queueOperator, err := queueinformer.NewOperator(opClient.KubernetesInterface().Discovery(), queueinformer.WithOperatorLogger(logger)) + if err != nil { + return nil, err + } + + // Create an OperatorLister + lister := operatorlister.NewLister() + + // Allocate the new instance of an Operator. + op := &Operator{ + Operator: queueOperator, + logger: logger, + clock: clock, + opClient: opClient, + client: crClient, + lister: lister, + namespace: operatorNamespace, + sources: make(map[resolver.CatalogKey]resolver.SourceRef), + resolver: resolver.NewOperatorsV1alpha1Resolver(lister), + catsrcQueueSet: queueinformer.NewEmptyResourceQueueSet(), + subQueueSet: queueinformer.NewEmptyResourceQueueSet(), + csvProvidedAPIsIndexer: map[string]cache.Indexer{}, + } + op.reconciler = reconciler.NewRegistryReconcilerFactory(lister, opClient, configmapRegistryImage, op.now) + + // Set up syncing for namespace-scoped resources + for _, namespace := range watchedNamespaces { + // Wire OLM CR informers + crInformerFactory := externalversions.NewSharedInformerFactoryWithOptions(op.client, resyncPeriod, externalversions.WithNamespace(namespace)) + + // Wire CSVs + csvInformer := crInformerFactory.Operators().V1alpha1().ClusterServiceVersions() + op.lister.OperatorsV1alpha1().RegisterClusterServiceVersionLister(namespace, csvInformer.Lister()) + op.RegisterInformer(csvInformer.Informer()) + + csvInformer.Informer().AddIndexers(cache.Indexers{index.ProvidedAPIsIndexFuncKey: index.ProvidedAPIsIndexFunc}) + csvIndexer := csvInformer.Informer().GetIndexer() + op.csvProvidedAPIsIndexer[namespace] = csvIndexer + + // TODO: Add namespace resolve sync + + // Wire InstallPlans + ipInformer := crInformerFactory.Operators().V1alpha1().InstallPlans() + op.lister.OperatorsV1alpha1().RegisterInstallPlanLister(namespace, ipInformer.Lister()) + ipQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithMetricsProvider(metrics.NewMetricsInstallPlan(op.client)), + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(ipInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncInstallPlans).ToSyncer()), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(ipQueueInformer) + + // Wire CatalogSources + catsrcInformer := crInformerFactory.Operators().V1alpha1().CatalogSources() + op.lister.OperatorsV1alpha1().RegisterCatalogSourceLister(namespace, catsrcInformer.Lister()) + catsrcQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), fmt.Sprintf("%s/catsrcs", namespace)) + op.catsrcQueueSet.Set(namespace, catsrcQueue) + catsrcQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithMetricsProvider(metrics.NewMetricsCatalogSource(op.client)), + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(catsrcQueue), + queueinformer.WithInformer(catsrcInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncCatalogSources).ToSyncerWithDelete(op.handleCatSrcDeletion)), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(catsrcQueueInformer) + + // Wire Subscriptions + subInformer := crInformerFactory.Operators().V1alpha1().Subscriptions() + op.lister.OperatorsV1alpha1().RegisterSubscriptionLister(namespace, subInformer.Lister()) + subQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), fmt.Sprintf("%s/subs", namespace)) + op.subQueueSet.Set(namespace, subQueue) + subSyncer, err := subscription.NewSyncer( + ctx, + subscription.WithLogger(op.logger), + subscription.WithClient(op.client), + subscription.WithOperatorLister(op.lister), + subscription.WithSubscriptionInformer(subInformer.Informer()), + subscription.WithCatalogInformer(catsrcInformer.Informer()), + subscription.WithInstallPlanInformer(ipInformer.Informer()), + subscription.WithSubscriptionQueue(subQueue), + subscription.WithAppendedReconcilers(subscription.ReconcilerFromLegacySyncHandler(op.syncSubscriptions, nil)), + subscription.WithRegistryReconcilerFactory(op.reconciler), + subscription.WithGlobalCatalogNamespace(op.namespace), + ) + if err != nil { + return nil, err + } + subQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithMetricsProvider(metrics.NewMetricsSubscription(op.client)), + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(subQueue), + queueinformer.WithInformer(subInformer.Informer()), + queueinformer.WithSyncer(subSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(subQueueInformer) + + // Wire k8s informers + k8sInformerFactory := informers.NewSharedInformerFactoryWithOptions(op.opClient.KubernetesInterface(), resyncPeriod, informers.WithNamespace(namespace)) + informers := []cache.SharedIndexInformer{} + + // Wire Roles + roleInformer := k8sInformerFactory.Rbac().V1().Roles() + op.lister.RbacV1().RegisterRoleLister(namespace, roleInformer.Lister()) + informers = append(informers, roleInformer.Informer()) + + // Wire RoleBindings + roleBindingInformer := k8sInformerFactory.Rbac().V1().RoleBindings() + op.lister.RbacV1().RegisterRoleBindingLister(namespace, roleBindingInformer.Lister()) + informers = append(informers, roleBindingInformer.Informer()) + + // Wire ServiceAccounts + serviceAccountInformer := k8sInformerFactory.Core().V1().ServiceAccounts() + op.lister.CoreV1().RegisterServiceAccountLister(namespace, serviceAccountInformer.Lister()) + informers = append(informers, serviceAccountInformer.Informer()) + + // Wire Services + serviceInformer := k8sInformerFactory.Core().V1().Services() + op.lister.CoreV1().RegisterServiceLister(namespace, serviceInformer.Lister()) + informers = append(informers, serviceInformer.Informer()) + + // Wire Pods + podInformer := k8sInformerFactory.Core().V1().Pods() + op.lister.CoreV1().RegisterPodLister(namespace, podInformer.Lister()) + informers = append(informers, podInformer.Informer()) + + // Wire ConfigMaps + configMapInformer := k8sInformerFactory.Core().V1().ConfigMaps() + op.lister.CoreV1().RegisterConfigMapLister(namespace, configMapInformer.Lister()) + informers = append(informers, configMapInformer.Informer()) + + // Generate and register QueueInformers for k8s resources + k8sSyncer := queueinformer.LegacySyncHandler(op.syncObject).ToSyncerWithDelete(op.handleDeletion) + for _, informer := range informers { + queueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(informer), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + + if err := op.RegisterQueueInformer(queueInformer); err != nil { + return nil, err + } + } + + } + + // Register CustomResourceDefinition QueueInformer + crdInformer := extinf.NewSharedInformerFactory(op.opClient.ApiextensionsV1beta1Interface(), resyncPeriod).Apiextensions().V1beta1().CustomResourceDefinitions() + op.lister.APIExtensionsV1beta1().RegisterCustomResourceDefinitionLister(crdInformer.Lister()) + crdQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(crdInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncObject).ToSyncerWithDelete(op.handleDeletion)), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(crdQueueInformer) + + // Namespace sync for resolving subscriptions + namespaceInformer := informers.NewSharedInformerFactory(op.opClient.KubernetesInterface(), resyncPeriod).Core().V1().Namespaces() + op.lister.CoreV1().RegisterNamespaceLister(namespaceInformer.Lister()) + op.nsResolveQueue = workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "resolver") + namespaceQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(op.nsResolveQueue), + queueinformer.WithInformer(namespaceInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncResolvingNamespace).ToSyncer()), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(namespaceQueueInformer) + + return op, nil +} + +func (o *Operator) now() metav1.Time { + return metav1.NewTime(o.clock.Now().UTC()) +} + +func (o *Operator) requeueOwners(obj metav1.Object) { + namespace := obj.GetNamespace() + logger := o.logger.WithFields(logrus.Fields{ + "name": obj.GetName(), + "namespace": namespace, + }) + + for _, owner := range obj.GetOwnerReferences() { + var queueSet *queueinformer.ResourceQueueSet + switch kind := owner.Kind; kind { + case v1alpha1.CatalogSourceKind: + if err := o.catsrcQueueSet.Requeue(namespace, owner.Name); err != nil { + logger.Warn(err.Error()) + } + queueSet = o.catsrcQueueSet + case v1alpha1.SubscriptionKind: + if err := o.catsrcQueueSet.Requeue(namespace, owner.Name); err != nil { + logger.Warn(err.Error()) + } + queueSet = o.subQueueSet + default: + logger.WithField("kind", kind).Trace("untracked owner kind") + } + + if queueSet != nil { + logger.WithField("ref", owner).Trace("requeuing owner") + queueSet.Requeue(namespace, owner.Name) + } + } +} + +func (o *Operator) syncObject(obj interface{}) (syncError error) { + // Assert as metav1.Object + metaObj, ok := obj.(metav1.Object) + if !ok { + syncError = errors.New("casting to metav1 object failed") + o.logger.Warn(syncError.Error()) + return + } + + o.requeueOwners(metaObj) + + return +} + +func (o *Operator) handleDeletion(obj interface{}) { + metaObj, ok := obj.(metav1.Object) + if !ok { + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("couldn't get object from tombstone %#v", obj)) + return + } + + metaObj, ok = tombstone.Obj.(metav1.Object) + if !ok { + utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not a metav1 object %#v", obj)) + return + } + } + + o.logger.WithFields(logrus.Fields{ + "name": metaObj.GetName(), + "namespace": metaObj.GetNamespace(), + }).Debug("handling object deletion") + + o.requeueOwners(metaObj) + + return +} + +func (o *Operator) handleCatSrcDeletion(obj interface{}) { + catsrc, ok := obj.(metav1.Object) + if !ok { + if !ok { + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("Couldn't get object from tombstone %#v", obj)) + return + } + + catsrc, ok = tombstone.Obj.(metav1.Object) + if !ok { + utilruntime.HandleError(fmt.Errorf("Tombstone contained object that is not a Namespace %#v", obj)) + return + } + } + } + sourceKey := resolver.CatalogKey{Name: catsrc.GetName(), Namespace: catsrc.GetNamespace()} + func() { + o.sourcesLock.Lock() + defer o.sourcesLock.Unlock() + if s, ok := o.sources[sourceKey]; ok { + if err := s.Client.Close(); err != nil { + o.logger.WithError(err).Warn("error closing client") + } + } + delete(o.sources, sourceKey) + }() + o.logger.WithField("source", sourceKey).Info("removed client for deleted catalogsource") +} + +func (o *Operator) syncCatalogSources(obj interface{}) (syncError error) { + catsrc, ok := obj.(*v1alpha1.CatalogSource) + if !ok { + o.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting CatalogSource failed") + } + + logger := o.logger.WithFields(logrus.Fields{ + "source": catsrc.GetName(), + "id": queueinformer.NewLoopID(), + }) + logger.Debug("syncing catsrc") + out := catsrc.DeepCopy() + sourceKey := resolver.CatalogKey{Name: catsrc.GetName(), Namespace: catsrc.GetNamespace()} + + if catsrc.Spec.SourceType == v1alpha1.SourceTypeInternal || catsrc.Spec.SourceType == v1alpha1.SourceTypeConfigmap { + logger.Debug("checking catsrc configmap state") + + // Get the catalog source's config map + configMap, err := o.lister.CoreV1().ConfigMapLister().ConfigMaps(catsrc.GetNamespace()).Get(catsrc.Spec.ConfigMap) + if err != nil { + return fmt.Errorf("failed to get catalog config map %s: %s", catsrc.Spec.ConfigMap, err) + } + + if wasOwned := ownerutil.EnsureOwner(configMap, catsrc); !wasOwned { + configMap, err = o.opClient.KubernetesInterface().CoreV1().ConfigMaps(configMap.GetNamespace()).Update(configMap) + if err != nil { + return fmt.Errorf("unable to write owner onto catalog source configmap") + } + logger.Debug("adopted configmap") + } + + if catsrc.Status.ConfigMapResource == nil || catsrc.Status.ConfigMapResource.UID != configMap.GetUID() || catsrc.Status.ConfigMapResource.ResourceVersion != configMap.GetResourceVersion() { + logger.Debug("updating catsrc configmap state") + // configmap ref nonexistent or updated, write out the new configmap ref to status and exit + out.Status.ConfigMapResource = &v1alpha1.ConfigMapResourceReference{ + Name: configMap.GetName(), + Namespace: configMap.GetNamespace(), + UID: configMap.GetUID(), + ResourceVersion: configMap.GetResourceVersion(), + } + + out.Status.LastSync = o.now() + if _, err := o.client.OperatorsV1alpha1().CatalogSources(out.GetNamespace()).UpdateStatus(out); err != nil { + return err + } + + return nil + } + } + + srcReconciler := o.reconciler.ReconcilerForSource(catsrc) + if srcReconciler == nil { + // TODO: Add failure status on catalogsource and remove from sources + return fmt.Errorf("no reconciler for source type %s", catsrc.Spec.SourceType) + } + + healthy, err := srcReconciler.CheckRegistryServer(catsrc) + if err != nil { + return err + } + logger.Debugf("check registry server healthy: %t", healthy) + + // If registry pod hasn't been created or hasn't been updated since the last configmap update, recreate it + if !healthy || catsrc.Status.RegistryServiceStatus == nil { + return func() error { + o.sourcesLock.Lock() + defer o.sourcesLock.Unlock() + + logger.Debug("ensuring registry server") + if err := srcReconciler.EnsureRegistryServer(out); err != nil { + logger.WithError(err).Warn("couldn't ensure registry server") + return err + } + logger.Debug("ensured registry server") + + if s, ok := o.sources[sourceKey]; ok { + if err := s.Client.Close(); err != nil { + logger.WithError(err).Debug("error closing client connection") + } + } + delete(o.sources, sourceKey) + o.sourcesLastUpdate = out.Status.LastSync + + logger.Debug("updating catsrc status") + if _, err := o.client.OperatorsV1alpha1().CatalogSources(out.GetNamespace()).UpdateStatus(out); err != nil { + return err + } + logger.Debug("registry server recreated") + + return nil + }() + } + logger.Debug("registry state good") + + // update operator's view of sources + sourcesUpdated := false + func() { + o.sourcesLock.Lock() + defer o.sourcesLock.Unlock() + address := catsrc.Address() + currentSource, ok := o.sources[sourceKey] + logger = logger.WithField("currentSource", sourceKey) + + connect := false + + // this connection is out of date, close and reconnect + if ok && (currentSource.Address != address || catsrc.Status.LastSync.After(currentSource.LastConnect.Time)) { + logger.Info("rebuilding connection to registry") + if currentSource.Client != nil { + if err := currentSource.Client.Close(); err != nil { + logger.WithError(err).Warn("couldn't close outdated connection to registry") + return + } + } + delete(o.sources, sourceKey) + o.sourcesLastUpdate = o.now() + + connect = true + } else if !ok { + // have never made a connection, so need to build a new one + connect = true + } + + logger := logger.WithField("address", address) + if connect { + logger.Info("building connection to registry") + c, err := registryclient.NewClient(address) + if err != nil { + logger.WithError(err).Warn("couldn't connect to registry") + } + sourceRef := resolver.SourceRef{ + Address: address, + Client: c, + LastConnect: o.now(), + LastHealthy: metav1.Time{}, // haven't detected healthy yet + } + o.sources[sourceKey] = sourceRef + currentSource = sourceRef + sourcesUpdated = true + o.sourcesLastUpdate = sourceRef.LastConnect + } + + if currentSource.LastHealthy.IsZero() { + logger.Info("client hasn't yet become healthy, attempt a health check") + healthy, err := currentSource.Client.HealthCheck(context.TODO(), 2*time.Second) + if err != nil || !healthy { + if registryclient.IsErrorUnrecoverable(err) { + logger.Debug("state didn't change, trigger reconnect. this may happen when cached dns is wrong.") + if err := currentSource.Client.Close(); err != nil { + logger.WithError(err).Warn("couldn't close outdated connection to registry") + return + } + delete(o.sources, sourceKey) + o.sourcesLastUpdate = o.now() + } + if err := o.catsrcQueueSet.Requeue(sourceKey.Namespace, sourceKey.Name); err != nil { + logger.WithError(err).Debug("error requeuing") + } + return + } + + logger.Debug("client has become healthy!") + currentSource.LastHealthy = currentSource.LastConnect + o.sourcesLastUpdate = currentSource.LastHealthy + o.sources[sourceKey] = currentSource + sourcesUpdated = true + } + }() + + if !sourcesUpdated { + return nil + } + + // record that we've done work here onto the status + out.Status.LastSync = o.now() + if _, err := o.client.OperatorsV1alpha1().CatalogSources(out.GetNamespace()).UpdateStatus(out); err != nil { + return err + } + + // Trigger a resolve, will pick up any subscriptions that depend on the catalog + o.nsResolveQueue.Add(out.GetNamespace()) + + return nil +} + +func (o *Operator) syncResolvingNamespace(obj interface{}) error { + ns, ok := obj.(*corev1.Namespace) + if !ok { + o.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting Namespace failed") + } + namespace := ns.GetName() + + logger := o.logger.WithFields(logrus.Fields{ + "namespace": namespace, + "id": queueinformer.NewLoopID(), + }) + + // get the set of sources that should be used for resolution and best-effort get their connections working + resolverSources := o.ensureResolverSources(logger, namespace) + logger.Debugf("resolved sources: %#v", resolverSources) + querier := resolver.NewNamespaceSourceQuerier(resolverSources) + + logger.Debug("checking if subscriptions need update") + + subs, err := o.lister.OperatorsV1alpha1().SubscriptionLister().Subscriptions(namespace).List(labels.Everything()) + if err != nil { + logger.WithError(err).Debug("couldn't list subscriptions") + return err + } + + // TODO: parallel + subscriptionUpdated := false + for _, sub := range subs { + logger := logger.WithFields(logrus.Fields{ + "sub": sub.GetName(), + "source": sub.Spec.CatalogSource, + "pkg": sub.Spec.Package, + "channel": sub.Spec.Channel, + }) + + // ensure the installplan reference is correct + sub, changedIP, err := o.ensureSubscriptionInstallPlanState(logger, sub) + if err != nil { + return err + } + subscriptionUpdated = subscriptionUpdated || changedIP + + // record the current state of the desired corresponding CSV in the status. no-op if we don't know the csv yet. + sub, changedCSV, err := o.ensureSubscriptionCSVState(logger, sub, querier) + if err != nil { + return err + } + + subscriptionUpdated = subscriptionUpdated || changedCSV + } + if subscriptionUpdated { + logger.Debug("subscriptions were updated, wait for a new resolution") + return nil + } + + shouldUpdate := false + for _, sub := range subs { + shouldUpdate = shouldUpdate || !o.nothingToUpdate(logger, sub) + } + if !shouldUpdate { + logger.Debug("all subscriptions up to date") + return nil + } + + logger.Debug("resolving subscriptions in namespace") + + // resolve a set of steps to apply to a cluster, a set of subscriptions to create/update, and any errors + steps, updatedSubs, err := o.resolver.ResolveSteps(namespace, querier) + if err != nil { + return err + } + + // create installplan if anything updated + if len(updatedSubs) > 0 { + logger.Debug("resolution caused subscription changes, creating installplan") + // any subscription in the namespace with manual approval will force generated installplans to be manual + // TODO: this is an odd artifact of the older resolver, and will probably confuse users. approval mode could be on the operatorgroup? + installPlanApproval := v1alpha1.ApprovalAutomatic + for _, sub := range subs { + if sub.Spec.InstallPlanApproval == v1alpha1.ApprovalManual { + installPlanApproval = v1alpha1.ApprovalManual + break + } + } + + installPlanReference, err := o.ensureInstallPlan(logger, namespace, subs, installPlanApproval, steps) + if err != nil { + logger.WithError(err).Debug("error ensuring installplan") + return err + } + if err := o.updateSubscriptionStatus(namespace, updatedSubs, installPlanReference); err != nil { + logger.WithError(err).Debug("error ensuring subscription installplan state") + return err + } + return nil + } + + return nil +} + +func (o *Operator) syncSubscriptions(obj interface{}) error { + sub, ok := obj.(*v1alpha1.Subscription) + if !ok { + o.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting Subscription failed") + } + + o.nsResolveQueue.Add(sub.GetNamespace()) + + return nil +} + +func (o *Operator) ensureResolverSources(logger *logrus.Entry, namespace string) map[resolver.CatalogKey]registryclient.Interface { + // TODO: record connection status onto an object + resolverSources := map[resolver.CatalogKey]registryclient.Interface{} + func() { + o.sourcesLock.RLock() + defer o.sourcesLock.RUnlock() + for k, ref := range o.sources { + if ref.LastHealthy.IsZero() { + logger = logger.WithField("source", k) + logger.Debug("omitting source, hasn't yet become healthy") + if err := o.catsrcQueueSet.Requeue(k.Namespace, k.Name); err != nil { + logger.Warn("error requeueing") + } + continue + } + // only resolve in namespace local + global catalogs + if k.Namespace == namespace || k.Namespace == o.namespace { + resolverSources[k] = ref.Client + } + } + }() + + for k, s := range resolverSources { + logger = logger.WithField("resolverSource", k) + if healthy, err := s.HealthCheck(context.TODO(), 2*time.Second); err != nil || !healthy { + logger.WithError(err).Debug("omitting unhealthy source") + if err := o.catsrcQueueSet.Requeue(k.Namespace, k.Name); err != nil { + logger.Warn("error requeueing") + } + delete(resolverSources, k) + } + } + + return resolverSources +} + +func (o *Operator) nothingToUpdate(logger *logrus.Entry, sub *v1alpha1.Subscription) bool { + o.sourcesLock.RLock() + defer o.sourcesLock.RUnlock() + + // Only sync if catalog has been updated since last sync time + if o.sourcesLastUpdate.Before(&sub.Status.LastUpdated) && sub.Status.State != v1alpha1.SubscriptionStateNone && sub.Status.State != v1alpha1.SubscriptionStateUpgradeAvailable { + logger.Debugf("skipping update: no new updates to catalog since last sync at %s", sub.Status.LastUpdated.String()) + return true + } + if sub.Status.InstallPlanRef != nil && sub.Status.State == v1alpha1.SubscriptionStateUpgradePending { + logger.Debugf("skipping update: installplan already created") + return true + } + return false +} + +func (o *Operator) ensureSubscriptionInstallPlanState(logger *logrus.Entry, sub *v1alpha1.Subscription) (*v1alpha1.Subscription, bool, error) { + if sub.Status.InstallPlanRef != nil { + return sub, false, nil + } + + logger.Debug("checking for existing installplan") + + // check if there's an installplan that created this subscription (only if it doesn't have a reference yet) + // this indicates it was newly resolved by another operator, and we should reference that installplan in the status + ipName, ok := sub.GetAnnotations()[generatedByKey] + if !ok { + return sub, false, nil + } + + ip, err := o.lister.OperatorsV1alpha1().InstallPlanLister().InstallPlans(sub.GetNamespace()).Get(ipName) + if err != nil { + logger.WithField("installplan", ipName).Warn("unable to get installplan from cache") + return nil, false, err + } + logger.WithField("installplan", ipName).Debug("found installplan that generated subscription") + + out := sub.DeepCopy() + ref, err := reference.GetReference(ip) + if err != nil { + logger.WithError(err).Warn("unable to generate installplan reference") + return nil, false, err + } + out.Status.InstallPlanRef = ref + out.Status.Install = v1alpha1.NewInstallPlanReference(ref) + out.Status.State = v1alpha1.SubscriptionStateUpgradePending + out.Status.CurrentCSV = out.Spec.StartingCSV + out.Status.LastUpdated = o.now() + + updated, err := o.client.OperatorsV1alpha1().Subscriptions(sub.GetNamespace()).UpdateStatus(out) + if err != nil { + return nil, false, err + } + + return updated, true, nil +} + +func (o *Operator) ensureSubscriptionCSVState(logger *logrus.Entry, sub *v1alpha1.Subscription, querier resolver.SourceQuerier) (*v1alpha1.Subscription, bool, error) { + if sub.Status.CurrentCSV == "" { + return sub, false, nil + } + + csv, err := o.client.OperatorsV1alpha1().ClusterServiceVersions(sub.GetNamespace()).Get(sub.Status.CurrentCSV, metav1.GetOptions{}) + out := sub.DeepCopy() + if err != nil { + logger.WithError(err).WithField("currentCSV", sub.Status.CurrentCSV).Debug("error fetching csv listed in subscription status") + out.Status.State = v1alpha1.SubscriptionStateUpgradePending + } else { + // Check if an update is available for the current csv + if err := querier.Queryable(); err != nil { + return nil, false, err + } + bundle, _, _ := querier.FindReplacement(&csv.Spec.Version.Version, sub.Status.CurrentCSV, sub.Spec.Package, sub.Spec.Channel, resolver.CatalogKey{Name: sub.Spec.CatalogSource, Namespace: sub.Spec.CatalogSourceNamespace}) + if bundle != nil { + o.logger.Tracef("replacement %s bundle found for current bundle %s", bundle.Name, sub.Status.CurrentCSV) + out.Status.State = v1alpha1.SubscriptionStateUpgradeAvailable + } else { + out.Status.State = v1alpha1.SubscriptionStateAtLatest + } + + out.Status.InstalledCSV = sub.Status.CurrentCSV + } + + if sub.Status.State == out.Status.State { + // The subscription status represents the cluster state + return sub, false, nil + } + out.Status.LastUpdated = o.now() + + // Update Subscription with status of transition. Log errors if we can't write them to the status. + updatedSub, err := o.client.OperatorsV1alpha1().Subscriptions(out.GetNamespace()).UpdateStatus(out) + if err != nil { + logger.WithError(err).Info("error updating subscription status") + return nil, false, fmt.Errorf("error updating Subscription status: " + err.Error()) + } + + // subscription status represents cluster state + return updatedSub, true, nil +} + +func (o *Operator) updateSubscriptionStatus(namespace string, subs []*v1alpha1.Subscription, installPlanRef *corev1.ObjectReference) error { + // TODO: parallel, sync waitgroup + var err error + for _, sub := range subs { + sub.Status.LastUpdated = o.now() + if installPlanRef != nil { + sub.Status.InstallPlanRef = installPlanRef + sub.Status.Install = v1alpha1.NewInstallPlanReference(installPlanRef) + sub.Status.State = v1alpha1.SubscriptionStateUpgradePending + } + if _, subErr := o.client.OperatorsV1alpha1().Subscriptions(namespace).UpdateStatus(sub); subErr != nil { + err = subErr + } + } + return err +} + +func (o *Operator) ensureInstallPlan(logger *logrus.Entry, namespace string, subs []*v1alpha1.Subscription, installPlanApproval v1alpha1.Approval, steps []*v1alpha1.Step) (*corev1.ObjectReference, error) { + if len(steps) == 0 { + return nil, nil + } + + // Check if any existing installplans are creating the same resources + installPlans, err := o.lister.OperatorsV1alpha1().InstallPlanLister().InstallPlans(namespace).List(labels.Everything()) + if err != nil { + return nil, err + } + + for _, installPlan := range installPlans { + if installPlan.Status.CSVManifestsMatch(steps) { + logger.Infof("found InstallPlan with matching manifests: %s", installPlan.GetName()) + return reference.GetReference(installPlan) + } + } + logger.Warn("no installplan found with matching manifests, creating new one") + + return o.createInstallPlan(namespace, subs, installPlanApproval, steps) +} + +func (o *Operator) createInstallPlan(namespace string, subs []*v1alpha1.Subscription, installPlanApproval v1alpha1.Approval, steps []*v1alpha1.Step) (*corev1.ObjectReference, error) { + if len(steps) == 0 { + return nil, nil + } + + csvNames := []string{} + catalogSourceMap := map[string]struct{}{} + for _, s := range steps { + if s.Resource.Kind == "ClusterServiceVersion" { + csvNames = append(csvNames, s.Resource.Name) + } + catalogSourceMap[s.Resource.CatalogSource] = struct{}{} + } + catalogSources := []string{} + for s := range catalogSourceMap { + catalogSources = append(catalogSources, s) + } + + phase := v1alpha1.InstallPlanPhaseInstalling + if installPlanApproval == v1alpha1.ApprovalManual { + phase = v1alpha1.InstallPlanPhaseRequiresApproval + } + ip := &v1alpha1.InstallPlan{ + ObjectMeta: metav1.ObjectMeta{ + GenerateName: "install-", + Namespace: namespace, + }, + Spec: v1alpha1.InstallPlanSpec{ + ClusterServiceVersionNames: csvNames, + Approval: installPlanApproval, + Approved: installPlanApproval == v1alpha1.ApprovalAutomatic, + }, + } + for _, sub := range subs { + ownerutil.AddNonBlockingOwner(ip, sub) + } + + res, err := o.client.OperatorsV1alpha1().InstallPlans(namespace).Create(ip) + if err != nil { + return nil, err + } + + res.Status = v1alpha1.InstallPlanStatus{ + Phase: phase, + Plan: steps, + CatalogSources: catalogSources, + } + res, err = o.client.OperatorsV1alpha1().InstallPlans(namespace).UpdateStatus(res) + if err != nil { + return nil, err + } + + return reference.GetReference(res) +} + +func (o *Operator) syncInstallPlans(obj interface{}) (syncError error) { + plan, ok := obj.(*v1alpha1.InstallPlan) + if !ok { + o.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting InstallPlan failed") + } + + logger := o.logger.WithFields(logrus.Fields{ + "id": queueinformer.NewLoopID(), + "ip": plan.GetName(), + "namespace": plan.GetNamespace(), + "phase": plan.Status.Phase, + }) + + logger.Info("syncing") + + if len(plan.Status.Plan) == 0 { + logger.Info("skip processing installplan without status - subscription sync responsible for initial status") + return + } + + outInstallPlan, syncError := transitionInstallPlanState(logger.Logger, o, *plan, o.now()) + + if syncError != nil { + logger = logger.WithField("syncError", syncError) + } + + // no changes in status, don't update + if outInstallPlan.Status.Phase == plan.Status.Phase { + return + } + + defer func() { + // Notify subscription loop of installplan changes + if owners := ownerutil.GetOwnersByKind(plan, v1alpha1.SubscriptionKind); len(owners) > 0 { + for _, owner := range owners { + logger.WithField("owner", owner).Debug("requeueing installplan owner") + o.subQueueSet.Requeue(plan.GetNamespace(), owner.Name) + } + } else { + logger.Trace("no installplan owner subscriptions found to requeue") + } + }() + + // Update InstallPlan with status of transition. Log errors if we can't write them to the status. + if _, err := o.client.OperatorsV1alpha1().InstallPlans(plan.GetNamespace()).UpdateStatus(outInstallPlan); err != nil { + logger = logger.WithField("updateError", err.Error()) + updateErr := errors.New("error updating InstallPlan status: " + err.Error()) + if syncError == nil { + logger.Info("error updating InstallPlan status") + return updateErr + } + logger.Info("error transitioning InstallPlan") + syncError = fmt.Errorf("error transitioning InstallPlan: %s and error updating InstallPlan status: %s", syncError, updateErr) + } + + return +} + +type installPlanTransitioner interface { + ResolvePlan(*v1alpha1.InstallPlan) error + ExecutePlan(*v1alpha1.InstallPlan) error +} + +var _ installPlanTransitioner = &Operator{} + +func transitionInstallPlanState(log *logrus.Logger, transitioner installPlanTransitioner, in v1alpha1.InstallPlan, now metav1.Time) (*v1alpha1.InstallPlan, error) { + out := in.DeepCopy() + + switch in.Status.Phase { + case v1alpha1.InstallPlanPhaseRequiresApproval: + if out.Spec.Approved { + log.Debugf("approved, setting to %s", v1alpha1.InstallPlanPhasePlanning) + out.Status.Phase = v1alpha1.InstallPlanPhaseInstalling + } else { + log.Debug("not approved, skipping sync") + } + return out, nil + + case v1alpha1.InstallPlanPhaseInstalling: + log.Debug("attempting to install") + if err := transitioner.ExecutePlan(out); err != nil { + out.Status.SetCondition(v1alpha1.ConditionFailed(v1alpha1.InstallPlanInstalled, + v1alpha1.InstallPlanReasonComponentFailed, err.Error(), &now)) + out.Status.Phase = v1alpha1.InstallPlanPhaseFailed + return out, err + } + out.Status.SetCondition(v1alpha1.ConditionMet(v1alpha1.InstallPlanInstalled, &now)) + out.Status.Phase = v1alpha1.InstallPlanPhaseComplete + return out, nil + default: + return out, nil + } +} + +// ResolvePlan modifies an InstallPlan to contain a Plan in its Status field. +func (o *Operator) ResolvePlan(plan *v1alpha1.InstallPlan) error { + return nil +} + +// ExecutePlan applies a planned InstallPlan to a namespace. +func (o *Operator) ExecutePlan(plan *v1alpha1.InstallPlan) error { + if plan.Status.Phase != v1alpha1.InstallPlanPhaseInstalling { + panic("attempted to install a plan that wasn't in the installing phase") + } + + namespace := plan.GetNamespace() + + // Get the set of initial installplan csv names + initialCSVNames := getCSVNameSet(plan) + // Get pre-existing CRD owners to make decisions about applying resolved CSVs + existingCRDOwners, err := o.getExistingApiOwners(plan.GetNamespace()) + if err != nil { + return err + } + + for i, step := range plan.Status.Plan { + switch step.Status { + case v1alpha1.StepStatusPresent, v1alpha1.StepStatusCreated: + continue + + case v1alpha1.StepStatusUnknown, v1alpha1.StepStatusNotPresent: + o.logger.WithFields(logrus.Fields{"kind": step.Resource.Kind, "name": step.Resource.Name}).Debug("execute resource") + switch step.Resource.Kind { + case crdKind: + // Marshal the manifest into a CRD instance. + var crd v1beta1ext.CustomResourceDefinition + err := json.Unmarshal([]byte(step.Resource.Manifest), &crd) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // TODO: check that names are accepted + // Attempt to create the CRD. + _, err = o.opClient.ApiextensionsV1beta1Interface().ApiextensionsV1beta1().CustomResourceDefinitions().Create(&crd) + if k8serrors.IsAlreadyExists(err) { + currentCRD, _ := o.lister.APIExtensionsV1beta1().CustomResourceDefinitionLister().Get(crd.GetName()) + // Compare 2 CRDs to see if it needs to be updatetd + if !reflect.DeepEqual(crd, *currentCRD) { + // Verify CRD ownership, only attempt to update if + // CRD has only one owner + // Example: provided=database.coreos.com/v1alpha1/EtcdCluster + matchedCSV, err := index.CRDProviderNames(o.csvProvidedAPIsIndexer, crd) + if err != nil { + return errorwrap.Wrapf(err, "error find matched CSV: %s", step.Resource.Name) + } + if len(matchedCSV) == 1 { + // Attempt to update CRD + crd.SetResourceVersion(currentCRD.GetResourceVersion()) + _, err = o.opClient.ApiextensionsV1beta1Interface().ApiextensionsV1beta1().CustomResourceDefinitions().Update(&crd) + if err != nil { + return errorwrap.Wrapf(err, "error update CRD: %s", step.Resource.Name) + } + } + } + // If it already existed, mark the step as Present. + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + continue + } else if err != nil { + return err + } else { + // If no error occured, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + continue + } + + case v1alpha1.ClusterServiceVersionKind: + // Marshal the manifest into a CSV instance. + var csv v1alpha1.ClusterServiceVersion + err := json.Unmarshal([]byte(step.Resource.Manifest), &csv) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Check if the resolved CSV is in the initial set + if _, ok := initialCSVNames[csv.GetName()]; !ok { + // Check for pre-existing CSVs that own the same CRDs + competingOwners, err := competingCRDOwnersExist(plan.GetNamespace(), &csv, existingCRDOwners) + if err != nil { + return errorwrap.Wrapf(err, "error checking crd owners for: %s", csv.GetName()) + } + + // TODO: decide on fail/continue logic for pre-existing dependent CSVs that own the same CRD(s) + if competingOwners { + // For now, error out + return fmt.Errorf("pre-existing CRD owners found for owned CRD(s) of dependent CSV %s", csv.GetName()) + } + } + + // Attempt to create the CSV. + csv.SetNamespace(namespace) + _, err = o.client.OperatorsV1alpha1().ClusterServiceVersions(csv.GetNamespace()).Create(&csv) + if k8serrors.IsAlreadyExists(err) { + // If it already existed, mark the step as Present. + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating csv %s", csv.GetName()) + } else { + // If no error occurred, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + case v1alpha1.SubscriptionKind: + // Marshal the manifest into a subscription instance. + var sub v1alpha1.Subscription + err := json.Unmarshal([]byte(step.Resource.Manifest), &sub) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Add the InstallPlan's name as an annotation + if annotations := sub.GetAnnotations(); annotations != nil { + annotations[generatedByKey] = plan.GetName() + } else { + sub.SetAnnotations(map[string]string{generatedByKey: plan.GetName()}) + } + + // Attempt to create the Subscription + sub.SetNamespace(namespace) + _, err = o.client.OperatorsV1alpha1().Subscriptions(sub.GetNamespace()).Create(&sub) + if k8serrors.IsAlreadyExists(err) { + // If it already existed, mark the step as Present. + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating subscription %s", sub.GetName()) + } else { + // If no error occurred, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + case secretKind: + // TODO: this will confuse bundle users that include secrets in their bundles - this only handles pull secrets + // Get the pre-existing secret. + secret, err := o.opClient.KubernetesInterface().CoreV1().Secrets(o.namespace).Get(step.Resource.Name, metav1.GetOptions{}) + if k8serrors.IsNotFound(err) { + return fmt.Errorf("secret %s does not exist", step.Resource.Name) + } else if err != nil { + return errorwrap.Wrapf(err, "error getting pull secret from olm namespace %s", secret.GetName()) + } + + // Set the namespace to the InstallPlan's namespace and attempt to + // create a new secret. + secret.SetNamespace(namespace) + _, err = o.opClient.KubernetesInterface().CoreV1().Secrets(plan.Namespace).Create(&corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secret.Name, + Namespace: plan.Namespace, + }, + Data: secret.Data, + Type: secret.Type, + }) + if k8serrors.IsAlreadyExists(err) { + // If it already existed, mark the step as Present. + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return err + } else { + // If no error occured, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + + case clusterRoleKind: + // Marshal the manifest into a ClusterRole instance. + var cr rbacv1.ClusterRole + err := json.Unmarshal([]byte(step.Resource.Manifest), &cr) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Attempt to create the ClusterRole. + _, err = o.opClient.KubernetesInterface().RbacV1().ClusterRoles().Create(&cr) + if k8serrors.IsAlreadyExists(err) { + // if we're updating, point owner to the newest csv + cr.Labels[ownerutil.OwnerKey] = step.Resolving + _, err = o.opClient.UpdateClusterRole(&cr) + if err != nil { + return errorwrap.Wrapf(err, "error updating clusterrole %s", cr.GetName()) + } + // If it already existed, mark the step as Present. + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating clusterrole %s", cr.GetName()) + } else { + // If no error occurred, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + case clusterRoleBindingKind: + // Marshal the manifest into a RoleBinding instance. + var rb rbacv1.ClusterRoleBinding + err := json.Unmarshal([]byte(step.Resource.Manifest), &rb) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Attempt to create the ClusterRoleBinding. + _, err = o.opClient.KubernetesInterface().RbacV1().ClusterRoleBindings().Create(&rb) + if k8serrors.IsAlreadyExists(err) { + // if we're updating, point owner to the newest csv + rb.Labels[ownerutil.OwnerKey] = step.Resolving + _, err = o.opClient.UpdateClusterRoleBinding(&rb) + if err != nil { + return errorwrap.Wrapf(err, "error updating clusterrolebinding %s", rb.GetName()) + } + + // If it already existed, mark the step as Present. + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating clusterrolebinding %s", rb.GetName()) + } else { + // If no error occurred, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + + case roleKind: + // Marshal the manifest into a Role instance. + var r rbacv1.Role + err := json.Unmarshal([]byte(step.Resource.Manifest), &r) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Update UIDs on all CSV OwnerReferences + updated, err := o.getUpdatedOwnerReferences(r.OwnerReferences, plan.Namespace) + if err != nil { + return errorwrap.Wrapf(err, "error generating ownerrefs for role %s", r.GetName()) + } + r.SetOwnerReferences(updated) + r.SetNamespace(namespace) + + // Attempt to create the Role. + _, err = o.opClient.KubernetesInterface().RbacV1().Roles(plan.Namespace).Create(&r) + if k8serrors.IsAlreadyExists(err) { + // If it already existed, mark the step as Present. + r.SetNamespace(plan.Namespace) + _, err = o.opClient.UpdateRole(&r) + if err != nil { + return errorwrap.Wrapf(err, "error updating role %s", r.GetName()) + } + + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating role %s", r.GetName()) + } else { + // If no error occurred, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + + case roleBindingKind: + // Marshal the manifest into a RoleBinding instance. + var rb rbacv1.RoleBinding + err := json.Unmarshal([]byte(step.Resource.Manifest), &rb) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Update UIDs on all CSV OwnerReferences + updated, err := o.getUpdatedOwnerReferences(rb.OwnerReferences, plan.Namespace) + if err != nil { + return errorwrap.Wrapf(err, "error generating ownerrefs for rolebinding %s", rb.GetName()) + } + rb.SetOwnerReferences(updated) + rb.SetNamespace(namespace) + + // Attempt to create the RoleBinding. + _, err = o.opClient.KubernetesInterface().RbacV1().RoleBindings(plan.Namespace).Create(&rb) + if k8serrors.IsAlreadyExists(err) { + rb.SetNamespace(plan.Namespace) + _, err = o.opClient.UpdateRoleBinding(&rb) + if err != nil { + return errorwrap.Wrapf(err, "error updating rolebinding %s", rb.GetName()) + } + + // If it already existed, mark the step as Present. + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating rolebinding %s", rb.GetName()) + } else { + // If no error occurred, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + + case serviceAccountKind: + // Marshal the manifest into a ServiceAccount instance. + var sa corev1.ServiceAccount + err := json.Unmarshal([]byte(step.Resource.Manifest), &sa) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Update UIDs on all CSV OwnerReferences + updated, err := o.getUpdatedOwnerReferences(sa.OwnerReferences, plan.Namespace) + if err != nil { + return errorwrap.Wrapf(err, "error generating ownerrefs for service account: %s", sa.GetName()) + } + sa.SetOwnerReferences(updated) + sa.SetNamespace(namespace) + + // Attempt to create the ServiceAccount. + _, err = o.opClient.KubernetesInterface().CoreV1().ServiceAccounts(plan.Namespace).Create(&sa) + if k8serrors.IsAlreadyExists(err) { + // If it already exists we need to patch the existing SA with the new OwnerReferences + sa.SetNamespace(plan.Namespace) + _, err = o.opClient.UpdateServiceAccount(&sa) + if err != nil { + return errorwrap.Wrapf(err, "error updating service account: %s", sa.GetName()) + } + + // Mark as present + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating service account: %s", sa.GetName()) + } else { + // If no error occurred, mark the step as Created. + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + + case serviceKind: + // Marshal the manifest into a Service instance + var s corev1.Service + err := json.Unmarshal([]byte(step.Resource.Manifest), &s) + if err != nil { + return errorwrap.Wrapf(err, "error parsing step manifest: %s", step.Resource.Name) + } + + // Update UIDs on all CSV OwnerReferences + updated, err := o.getUpdatedOwnerReferences(s.OwnerReferences, plan.Namespace) + if err != nil { + return errorwrap.Wrapf(err, "error generating ownerrefs for service: %s", s.GetName()) + } + s.SetOwnerReferences(updated) + s.SetNamespace(namespace) + + // Attempt to create the Service + _, err = o.opClient.KubernetesInterface().CoreV1().Services(plan.Namespace).Create(&s) + if k8serrors.IsAlreadyExists(err) { + // If it already exists we need to patch the existing SA with the new OwnerReferences + s.SetNamespace(plan.Namespace) + _, err = o.opClient.UpdateService(&s) + if err != nil { + return errorwrap.Wrapf(err, "error updating service: %s", s.GetName()) + } + + // Mark as present + plan.Status.Plan[i].Status = v1alpha1.StepStatusPresent + } else if err != nil { + return errorwrap.Wrapf(err, "error creating service: %s", s.GetName()) + } else { + // If no error occurred, mark the step as Created + plan.Status.Plan[i].Status = v1alpha1.StepStatusCreated + } + + default: + return v1alpha1.ErrInvalidInstallPlan + } + + default: + return v1alpha1.ErrInvalidInstallPlan + } + } + + // Loop over one final time to check and see if everything is good. + for _, step := range plan.Status.Plan { + switch step.Status { + case v1alpha1.StepStatusCreated, v1alpha1.StepStatusPresent: + default: + return nil + } + } + + return nil +} + +// getExistingApiOwners creates a map of CRD names to existing owner CSVs in the given namespace +func (o *Operator) getExistingApiOwners(namespace string) (map[string][]string, error) { + // Get a list of CSVs in the namespace + csvList, err := o.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).List(metav1.ListOptions{}) + + if err != nil { + return nil, err + } + + // Map CRD names to existing owner CSV CRs in the namespace + owners := make(map[string][]string) + for _, csv := range csvList.Items { + for _, crd := range csv.Spec.CustomResourceDefinitions.Owned { + owners[crd.Name] = append(owners[crd.Name], csv.GetName()) + } + for _, api := range csv.Spec.APIServiceDefinitions.Owned { + owners[api.Group] = append(owners[api.Group], csv.GetName()) + } + } + + return owners, nil +} + +func (o *Operator) getUpdatedOwnerReferences(refs []metav1.OwnerReference, namespace string) ([]metav1.OwnerReference, error) { + updated := append([]metav1.OwnerReference(nil), refs...) + + for i, owner := range refs { + if owner.Kind == v1alpha1.ClusterServiceVersionKind { + csv, err := o.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(owner.Name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + owner.UID = csv.GetUID() + updated[i] = owner + } + } + return updated, nil +} + +// competingCRDOwnersExist returns true if there exists a CSV that owns at least one of the given CSVs owned CRDs (that's not the given CSV) +func competingCRDOwnersExist(namespace string, csv *v1alpha1.ClusterServiceVersion, existingOwners map[string][]string) (bool, error) { + // Attempt to find a pre-existing owner in the namespace for any owned crd + for _, crdDesc := range csv.Spec.CustomResourceDefinitions.Owned { + crdOwners := existingOwners[crdDesc.Name] + l := len(crdOwners) + switch { + case l == 1: + // One competing owner found + if crdOwners[0] != csv.GetName() { + return true, nil + } + case l > 1: + return true, olmerrors.NewMultipleExistingCRDOwnersError(crdOwners, crdDesc.Name, namespace) + } + } + + return false, nil +} + +// getCSVNameSet returns a set of the given installplan's csv names +func getCSVNameSet(plan *v1alpha1.InstallPlan) map[string]struct{} { + csvNameSet := make(map[string]struct{}) + for _, name := range plan.Spec.ClusterServiceVersionNames { + csvNameSet[name] = struct{}{} + } + + return csvNameSet +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/operator_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/operator_test.go new file mode 100644 index 000000000..e18b3931b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/operator_test.go @@ -0,0 +1,830 @@ +package catalog + +import ( + "context" + "encoding/json" + "errors" + "fmt" + "testing" + "time" + + "github.com/ghodss/yaml" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/require" + "golang.org/x/time/rate" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + apiextensionsfake "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + utilclock "k8s.io/apimachinery/pkg/util/clock" + "k8s.io/client-go/informers" + k8sfake "k8s.io/client-go/kubernetes/fake" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + apiregistrationfake "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/fake" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions" + olmerrors "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + "github.com/operator-framework/operator-lifecycle-manager/pkg/fakes" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer" +) + +type mockTransitioner struct { + err error +} + +var _ installPlanTransitioner = &mockTransitioner{} + +func (m *mockTransitioner) ResolvePlan(plan *v1alpha1.InstallPlan) error { + return m.err +} + +func (m *mockTransitioner) ExecutePlan(plan *v1alpha1.InstallPlan) error { + return m.err +} + +func TestTransitionInstallPlan(t *testing.T) { + errMsg := "transition test error" + err := errors.New(errMsg) + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + + installed := &v1alpha1.InstallPlanCondition{ + Type: v1alpha1.InstallPlanInstalled, + Status: corev1.ConditionTrue, + } + failed := &v1alpha1.InstallPlanCondition{ + Type: v1alpha1.InstallPlanInstalled, + Status: corev1.ConditionFalse, + Reason: v1alpha1.InstallPlanReasonComponentFailed, + Message: errMsg, + } + + tests := []struct { + initial v1alpha1.InstallPlanPhase + transError error + approval v1alpha1.Approval + approved bool + expected v1alpha1.InstallPlanPhase + condition *v1alpha1.InstallPlanCondition + }{ + {v1alpha1.InstallPlanPhaseInstalling, nil, v1alpha1.ApprovalAutomatic, false, v1alpha1.InstallPlanPhaseComplete, installed}, + {v1alpha1.InstallPlanPhaseInstalling, nil, v1alpha1.ApprovalAutomatic, true, v1alpha1.InstallPlanPhaseComplete, installed}, + {v1alpha1.InstallPlanPhaseInstalling, err, v1alpha1.ApprovalAutomatic, false, v1alpha1.InstallPlanPhaseFailed, failed}, + {v1alpha1.InstallPlanPhaseInstalling, err, v1alpha1.ApprovalAutomatic, true, v1alpha1.InstallPlanPhaseFailed, failed}, + + {v1alpha1.InstallPlanPhaseRequiresApproval, nil, v1alpha1.ApprovalManual, false, v1alpha1.InstallPlanPhaseRequiresApproval, nil}, + {v1alpha1.InstallPlanPhaseRequiresApproval, nil, v1alpha1.ApprovalManual, true, v1alpha1.InstallPlanPhaseInstalling, nil}, + } + for _, tt := range tests { + // Create a plan in the provided initial phase. + plan := &v1alpha1.InstallPlan{ + Spec: v1alpha1.InstallPlanSpec{ + Approval: tt.approval, + Approved: tt.approved, + }, + Status: v1alpha1.InstallPlanStatus{ + Phase: tt.initial, + Conditions: []v1alpha1.InstallPlanCondition{}, + }, + } + + // Create a transitioner that returns the provided error. + transitioner := &mockTransitioner{tt.transError} + + // Attempt to transition phases. + out, _ := transitionInstallPlanState(logrus.New(), transitioner, *plan, now) + + // Assert that the final phase is as expected. + require.Equal(t, tt.expected, out.Status.Phase) + + // Assert that the condition set is as expected + if tt.condition == nil { + require.Equal(t, 0, len(out.Status.Conditions)) + } else { + require.Equal(t, 1, len(out.Status.Conditions)) + require.Equal(t, tt.condition.Type, out.Status.Conditions[0].Type) + require.Equal(t, tt.condition.Status, out.Status.Conditions[0].Status) + require.Equal(t, tt.condition.Reason, out.Status.Conditions[0].Reason) + require.Equal(t, tt.condition.Message, out.Status.Conditions[0].Message) + } + } +} + +func TestExecutePlan(t *testing.T) { + namespace := "ns" + + tests := []struct { + testName string + in *v1alpha1.InstallPlan + want []runtime.Object + err error + }{ + { + testName: "NoSteps", + in: installPlan("p", namespace, v1alpha1.InstallPlanPhaseInstalling), + want: []runtime.Object{}, + err: nil, + }, + { + testName: "MultipleSteps", + in: withSteps(installPlan("p", namespace, v1alpha1.InstallPlanPhaseInstalling, "csv"), + []*v1alpha1.Step{ + { + Resource: v1alpha1.StepResource{ + CatalogSource: "catalog", + CatalogSourceNamespace: namespace, + Group: "", + Version: "v1", + Kind: "Service", + Name: "service", + Manifest: toManifest(service("service", namespace)), + }, + Status: v1alpha1.StepStatusUnknown, + }, + { + Resource: v1alpha1.StepResource{ + CatalogSource: "catalog", + CatalogSourceNamespace: namespace, + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv", + Manifest: toManifest(csv("csv", namespace, nil, nil)), + }, + Status: v1alpha1.StepStatusUnknown, + }, + }, + ), + want: []runtime.Object{service("service", namespace), csv("csv", namespace, nil, nil)}, + err: nil, + }, + } + + for _, tt := range tests { + t.Run(tt.testName, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + + op, err := NewFakeOperator(ctx, namespace, []string{namespace}, withClientObjs(tt.in)) + require.NoError(t, err) + + err = op.ExecutePlan(tt.in) + require.Equal(t, tt.err, err) + + for _, obj := range tt.want { + var err error + var fetched runtime.Object + switch o := obj.(type) { + case *appsv1.Deployment: + fetched, err = op.opClient.GetDeployment(namespace, o.GetName()) + case *rbacv1.ClusterRole: + fetched, err = op.opClient.GetClusterRole(o.GetName()) + case *rbacv1.Role: + fetched, err = op.opClient.GetRole(namespace, o.GetName()) + case *rbacv1.ClusterRoleBinding: + fetched, err = op.opClient.GetClusterRoleBinding(o.GetName()) + case *rbacv1.RoleBinding: + fetched, err = op.opClient.GetRoleBinding(namespace, o.GetName()) + case *corev1.ServiceAccount: + fetched, err = op.opClient.GetServiceAccount(namespace, o.GetName()) + case *corev1.Service: + fetched, err = op.opClient.GetService(namespace, o.GetName()) + case *v1alpha1.ClusterServiceVersion: + fetched, err = op.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(o.GetName(), metav1.GetOptions{}) + default: + require.Failf(t, "couldn't find expected object", "%#v", obj) + } + + require.NoError(t, err, "couldn't fetch %s %v", namespace, obj) + require.EqualValues(t, obj, fetched) + } + }) + } +} + +func TestSyncCatalogSources(t *testing.T) { + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + + configmapCatalog := &v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-catalog", + Namespace: "cool-namespace", + UID: types.UID("catalog-uid"), + }, + Spec: v1alpha1.CatalogSourceSpec{ + ConfigMap: "cool-configmap", + SourceType: v1alpha1.SourceTypeInternal, + }, + } + grpcCatalog := &v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-catalog", + Namespace: "cool-namespace", + UID: types.UID("catalog-uid"), + }, + Spec: v1alpha1.CatalogSourceSpec{ + Image: "catalog-image", + SourceType: v1alpha1.SourceTypeGrpc, + }, + } + tests := []struct { + testName string + namespace string + catalogSource *v1alpha1.CatalogSource + k8sObjs []runtime.Object + configMap *corev1.ConfigMap + expectedStatus *v1alpha1.CatalogSourceStatus + expectedObjs []runtime.Object + expectedError error + }{ + { + testName: "CatalogSourceWithInvalidSourceType", + namespace: "cool-namespace", + catalogSource: &v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-catalog", + Namespace: "cool-namespace", + UID: types.UID("catalog-uid"), + }, + Spec: v1alpha1.CatalogSourceSpec{ + ConfigMap: "cool-configmap", + SourceType: "nope", + }, + }, + k8sObjs: []runtime.Object{ + &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-configmap", + Namespace: "cool-namespace", + UID: types.UID("configmap-uid"), + ResourceVersion: "resource-version", + }, + Data: fakeConfigMapData(), + }, + }, + expectedStatus: nil, + expectedError: fmt.Errorf("no reconciler for source type nope"), + }, + { + testName: "CatalogSourceWithBackingConfigMap", + namespace: "cool-namespace", + catalogSource: configmapCatalog, + k8sObjs: []runtime.Object{ + &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-configmap", + Namespace: "cool-namespace", + UID: types.UID("configmap-uid"), + ResourceVersion: "resource-version", + }, + Data: fakeConfigMapData(), + }, + }, + expectedStatus: &v1alpha1.CatalogSourceStatus{ + ConfigMapResource: &v1alpha1.ConfigMapResourceReference{ + Name: "cool-configmap", + Namespace: "cool-namespace", + UID: types.UID("configmap-uid"), + ResourceVersion: "resource-version", + }, + RegistryServiceStatus: nil, + LastSync: now, + }, + expectedError: nil, + }, + { + testName: "CatalogSourceUpdatedByDifferentCatalogOperator", + namespace: "cool-namespace", + catalogSource: &v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-catalog", + Namespace: "cool-namespace", + UID: types.UID("catalog-uid"), + }, + Spec: v1alpha1.CatalogSourceSpec{ + ConfigMap: "cool-configmap", + SourceType: v1alpha1.SourceTypeConfigmap, + }, + Status: v1alpha1.CatalogSourceStatus{ + ConfigMapResource: &v1alpha1.ConfigMapResourceReference{ + Name: "cool-configmap", + Namespace: "cool-namespace", + UID: types.UID("configmap-uid"), + ResourceVersion: "resource-version", + }, + RegistryServiceStatus: nil, + LastSync: now, + }, + }, + k8sObjs: []runtime.Object{ + &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-configmap", + Namespace: "cool-namespace", + UID: types.UID("configmap-uid"), + ResourceVersion: "resource-version", + }, + Data: fakeConfigMapData(), + }, + }, + expectedStatus: &v1alpha1.CatalogSourceStatus{ + ConfigMapResource: &v1alpha1.ConfigMapResourceReference{ + Name: "cool-configmap", + Namespace: "cool-namespace", + UID: types.UID("configmap-uid"), + ResourceVersion: "resource-version", + }, + RegistryServiceStatus: &v1alpha1.RegistryServiceStatus{ + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: "cool-namespace", + Port: "50051", + CreatedAt: now, + }, + LastSync: now, + }, + expectedError: nil, + }, + { + testName: "CatalogSourceWithMissingConfigMap", + namespace: "cool-namespace", + catalogSource: configmapCatalog, + k8sObjs: []runtime.Object{ + &corev1.ConfigMap{}, + }, + expectedStatus: nil, + expectedError: errors.New("failed to get catalog config map cool-configmap: configmap \"cool-configmap\" not found"), + }, + { + testName: "CatalogSourceWithGrpcImage", + namespace: "cool-namespace", + catalogSource: grpcCatalog, + expectedStatus: &v1alpha1.CatalogSourceStatus{ + RegistryServiceStatus: &v1alpha1.RegistryServiceStatus{ + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: "cool-namespace", + Port: "50051", + CreatedAt: now, + }, + LastSync: now, + }, + expectedError: nil, + expectedObjs: []runtime.Object{ + pod(*grpcCatalog), + }, + }, + { + testName: "CatalogSourceWithGrpcImage/EnsuresCorrectImage", + namespace: "cool-namespace", + catalogSource: grpcCatalog, + k8sObjs: []runtime.Object{ + pod(v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-catalog", + Namespace: "cool-namespace", + UID: types.UID("catalog-uid"), + }, + Spec: v1alpha1.CatalogSourceSpec{ + Image: "old-image", + SourceType: v1alpha1.SourceTypeGrpc, + }, + }), + }, + expectedStatus: &v1alpha1.CatalogSourceStatus{ + RegistryServiceStatus: &v1alpha1.RegistryServiceStatus{ + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: "cool-namespace", + Port: "50051", + CreatedAt: now, + }, + LastSync: now, + }, + expectedError: nil, + expectedObjs: []runtime.Object{ + pod(*grpcCatalog), + }, + }, + } + for _, tt := range tests { + t.Run(tt.testName, func(t *testing.T) { + // Create existing objects + clientObjs := []runtime.Object{tt.catalogSource} + + // Create test operator + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + + op, err := NewFakeOperator(ctx, tt.namespace, []string{tt.namespace}, withClock(clockFake), withClientObjs(clientObjs...), withK8sObjs(tt.k8sObjs...)) + require.NoError(t, err) + + // Run sync + err = op.syncCatalogSources(tt.catalogSource) + if tt.expectedError != nil { + require.EqualError(t, err, tt.expectedError.Error()) + } else { + require.NoError(t, err) + } + + // Get updated catalog and check status + updated, err := op.client.OperatorsV1alpha1().CatalogSources(tt.catalogSource.GetNamespace()).Get(tt.catalogSource.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.NotEmpty(t, updated) + + if tt.expectedStatus != nil { + require.NotEmpty(t, updated.Status) + require.Equal(t, *tt.expectedStatus, updated.Status) + + if tt.catalogSource.Spec.ConfigMap != "" { + configMap, err := op.opClient.KubernetesInterface().CoreV1().ConfigMaps(tt.catalogSource.GetNamespace()).Get(tt.catalogSource.Spec.ConfigMap, metav1.GetOptions{}) + require.NoError(t, err) + require.True(t, ownerutil.EnsureOwner(configMap, updated)) + } + } + + for _, o := range tt.expectedObjs { + switch o.(type) { + case *corev1.Pod: + t.Log("verifying pod") + pods, err := op.opClient.KubernetesInterface().CoreV1().Pods(tt.catalogSource.Namespace).List(metav1.ListOptions{}) + require.NoError(t, err) + require.Len(t, pods.Items, 1) + + // set the name to the generated name + o.(*corev1.Pod).SetName(pods.Items[0].GetName()) + require.EqualValues(t, o, &pods.Items[0]) + } + } + }) + } +} + +func TestCompetingCRDOwnersExist(t *testing.T) { + + testNamespace := "default" + tests := []struct { + name string + csv *v1alpha1.ClusterServiceVersion + existingCRDOwners map[string][]string + expectedErr error + expectedResult bool + }{ + { + name: "NoCompetingOwnersExist", + csv: csv("turkey", testNamespace, []string{"feathers"}, nil), + existingCRDOwners: nil, + expectedErr: nil, + expectedResult: false, + }, + { + name: "OnlyCompetingWithSelf", + csv: csv("turkey", testNamespace, []string{"feathers"}, nil), + existingCRDOwners: map[string][]string{ + "feathers": {"turkey"}, + }, + expectedErr: nil, + expectedResult: false, + }, + { + name: "CompetingOwnersExist", + csv: csv("turkey", testNamespace, []string{"feathers"}, nil), + existingCRDOwners: map[string][]string{ + "feathers": {"seagull"}, + }, + expectedErr: nil, + expectedResult: true, + }, + { + name: "CompetingOwnerExistsOnSecondCRD", + csv: csv("turkey", testNamespace, []string{"feathers", "beak"}, nil), + existingCRDOwners: map[string][]string{ + "milk": {"cow"}, + "beak": {"squid"}, + }, + expectedErr: nil, + expectedResult: true, + }, + { + name: "MoreThanOneCompetingOwnerExists", + csv: csv("turkey", testNamespace, []string{"feathers"}, nil), + existingCRDOwners: map[string][]string{ + "feathers": {"seagull", "turkey"}, + }, + expectedErr: olmerrors.NewMultipleExistingCRDOwnersError([]string{"seagull", "turkey"}, "feathers", testNamespace), + expectedResult: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + t.Parallel() + + competing, err := competingCRDOwnersExist(testNamespace, tt.csv, tt.existingCRDOwners) + + // Assert the error is as expected + if tt.expectedErr == nil { + require.Nil(t, err) + } else { + require.Equal(t, tt.expectedErr, err) + } + + require.Equal(t, competing, tt.expectedResult) + }) + } +} + +func fakeConfigMapData() map[string]string { + data := make(map[string]string) + yaml, err := yaml.Marshal([]v1beta1.CustomResourceDefinition{crd("fake-crd")}) + if err != nil { + return data + } + + data["customResourceDefinitions"] = string(yaml) + return data +} + +// fakeOperatorConfig is the configuration for a fake operator. +type fakeOperatorConfig struct { + clock utilclock.Clock + clientObjs []runtime.Object + k8sObjs []runtime.Object + extObjs []runtime.Object + regObjs []runtime.Object + clientOptions []clientfake.Option + logger *logrus.Logger +} + +// fakeOperatorOption applies an option to the given fake operator configuration. +type fakeOperatorOption func(*fakeOperatorConfig) + +func withClock(clock utilclock.Clock) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.clock = clock + } +} + +func withClientObjs(clientObjs ...runtime.Object) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.clientObjs = clientObjs + } +} + +func withK8sObjs(k8sObjs ...runtime.Object) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.k8sObjs = k8sObjs + } +} + +func extObjs(extObjs ...runtime.Object) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.extObjs = extObjs + } +} + +func withFakeClientOptions(options ...clientfake.Option) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.clientOptions = options + } +} + +// NewFakeOperator creates a new operator using fake clients. +func NewFakeOperator(ctx context.Context, namespace string, watchedNamespaces []string, fakeOptions ...fakeOperatorOption) (*Operator, error) { + // Apply options to default config + config := &fakeOperatorConfig{ + logger: logrus.New(), + clock: utilclock.RealClock{}, + } + for _, option := range fakeOptions { + option(config) + } + + // Create client fakes + clientFake := fake.NewReactionForwardingClientsetDecorator(config.clientObjs, config.clientOptions...) + opClientFake := operatorclient.NewClient(k8sfake.NewSimpleClientset(config.k8sObjs...), apiextensionsfake.NewSimpleClientset(config.extObjs...), apiregistrationfake.NewSimpleClientset(config.regObjs...)) + + // Create operator namespace + _, err := opClientFake.KubernetesInterface().CoreV1().Namespaces().Create(&corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: namespace}}) + if err != nil { + return nil, err + } + + wakeupInterval := 5 * time.Minute + lister := operatorlister.NewLister() + var sharedInformers []cache.SharedIndexInformer + for _, ns := range watchedNamespaces { + if ns != namespace { + _, err := opClientFake.KubernetesInterface().CoreV1().Namespaces().Create(&corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: namespace}}) + if err != nil { + return nil, err + } + } + + // Create informers and register listers + operatorsFactory := externalversions.NewSharedInformerFactoryWithOptions(clientFake, wakeupInterval, externalversions.WithNamespace(ns)) + catsrcInformer := operatorsFactory.Operators().V1alpha1().CatalogSources() + subInformer := operatorsFactory.Operators().V1alpha1().Subscriptions() + ipInformer := operatorsFactory.Operators().V1alpha1().InstallPlans() + csvInformer := operatorsFactory.Operators().V1alpha1().ClusterServiceVersions() + sharedInformers = append(sharedInformers, catsrcInformer.Informer(), subInformer.Informer(), ipInformer.Informer(), csvInformer.Informer()) + + lister.OperatorsV1alpha1().RegisterCatalogSourceLister(ns, catsrcInformer.Lister()) + lister.OperatorsV1alpha1().RegisterSubscriptionLister(ns, subInformer.Lister()) + lister.OperatorsV1alpha1().RegisterInstallPlanLister(ns, ipInformer.Lister()) + lister.OperatorsV1alpha1().RegisterClusterServiceVersionLister(ns, csvInformer.Lister()) + + factory := informers.NewSharedInformerFactoryWithOptions(opClientFake.KubernetesInterface(), wakeupInterval, informers.WithNamespace(ns)) + roleInformer := factory.Rbac().V1().Roles() + roleBindingInformer := factory.Rbac().V1().RoleBindings() + serviceAccountInformer := factory.Core().V1().ServiceAccounts() + serviceInformer := factory.Core().V1().Services() + podInformer := factory.Core().V1().Pods() + configMapInformer := factory.Core().V1().ConfigMaps() + sharedInformers = append(sharedInformers, roleInformer.Informer(), roleBindingInformer.Informer(), serviceAccountInformer.Informer(), serviceInformer.Informer(), podInformer.Informer(), configMapInformer.Informer()) + + lister.RbacV1().RegisterRoleLister(ns, roleInformer.Lister()) + lister.RbacV1().RegisterRoleBindingLister(ns, roleBindingInformer.Lister()) + lister.CoreV1().RegisterServiceAccountLister(ns, serviceAccountInformer.Lister()) + lister.CoreV1().RegisterServiceLister(ns, serviceInformer.Lister()) + lister.CoreV1().RegisterPodLister(ns, podInformer.Lister()) + lister.CoreV1().RegisterConfigMapLister(ns, configMapInformer.Lister()) + + } + + // Create the new operator + queueOperator, err := queueinformer.NewOperator(opClientFake.KubernetesInterface().Discovery()) + for _, informer := range sharedInformers { + queueOperator.RegisterInformer(informer) + } + + op := &Operator{ + Operator: queueOperator, + clock: config.clock, + logger: config.logger, + opClient: opClientFake, + client: clientFake, + lister: lister, + namespace: namespace, + nsResolveQueue: workqueue.NewNamedRateLimitingQueue( + workqueue.NewMaxOfRateLimiter( + workqueue.NewItemExponentialFailureRateLimiter(1*time.Second, 1000*time.Second), + // 1 qps, 100 bucket size. This is only for retry speed and its only the overall factor (not per item) + &workqueue.BucketRateLimiter{Limiter: rate.NewLimiter(rate.Limit(1), 100)}, + ), "resolver"), + sources: make(map[resolver.CatalogKey]resolver.SourceRef), + resolver: &fakes.FakeResolver{}, + } + op.reconciler = reconciler.NewRegistryReconcilerFactory(lister, op.opClient, "test:pod", op.now) + + op.RunInformers(ctx) + + if ok := cache.WaitForCacheSync(ctx.Done(), op.HasSynced); !ok { + return nil, fmt.Errorf("failed to wait for caches to sync") + } + + return op, nil +} + +func installPlan(name, namespace string, phase v1alpha1.InstallPlanPhase, names ...string) *v1alpha1.InstallPlan { + return &v1alpha1.InstallPlan{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + Spec: v1alpha1.InstallPlanSpec{ + ClusterServiceVersionNames: names, + }, + Status: v1alpha1.InstallPlanStatus{ + Phase: phase, + Plan: []*v1alpha1.Step{}, + }, + } +} + +func withSteps(plan *v1alpha1.InstallPlan, steps []*v1alpha1.Step) *v1alpha1.InstallPlan { + plan.Status.Plan = steps + return plan +} + +func csv(name, namespace string, owned, required []string) *v1alpha1.ClusterServiceVersion { + requiredCRDDescs := make([]v1alpha1.CRDDescription, 0) + for _, name := range required { + requiredCRDDescs = append(requiredCRDDescs, v1alpha1.CRDDescription{Name: name, Version: "v1", Kind: name}) + } + if len(requiredCRDDescs) == 0 { + requiredCRDDescs = nil + } + + ownedCRDDescs := make([]v1alpha1.CRDDescription, 0) + for _, name := range owned { + ownedCRDDescs = append(ownedCRDDescs, v1alpha1.CRDDescription{Name: name, Version: "v1", Kind: name}) + } + if len(ownedCRDDescs) == 0 { + ownedCRDDescs = nil + } + + return &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: ownedCRDDescs, + Required: requiredCRDDescs, + }, + }, + } +} + +func crd(name string) v1beta1.CustomResourceDefinition { + return v1beta1.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: v1beta1.CustomResourceDefinitionSpec{ + Group: name + "group", + Version: "v1", + Names: v1beta1.CustomResourceDefinitionNames{ + Kind: name, + }, + }, + } +} + +func service(name, namespace string) *corev1.Service { + return &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + } +} + +func toManifest(obj runtime.Object) string { + raw, _ := json.Marshal(obj) + return string(raw) +} + +func pod(s v1alpha1.CatalogSource) *corev1.Pod { + pod := &corev1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + GenerateName: s.GetName() + "-", + Namespace: s.GetNamespace(), + Labels: map[string]string{ + "olm.catalogSource": s.GetName(), + }, + }, + Spec: corev1.PodSpec{ + Containers: []corev1.Container{ + { + Name: "registry-server", + Image: s.Spec.Image, + Ports: []corev1.ContainerPort{ + { + Name: "grpc", + ContainerPort: 50051, + }, + }, + ReadinessProbe: &corev1.Probe{ + Handler: corev1.Handler{ + Exec: &corev1.ExecAction{ + Command: []string{"grpc_health_probe", "-addr=localhost:50051"}, + }, + }, + InitialDelaySeconds: 5, + }, + LivenessProbe: &corev1.Probe{ + Handler: corev1.Handler{ + Exec: &corev1.ExecAction{ + Command: []string{"grpc_health_probe", "-addr=localhost:50051"}, + }, + }, + InitialDelaySeconds: 10, + }, + }, + }, + Tolerations: []corev1.Toleration{ + { + Operator: corev1.TolerationOpExists, + }, + }, + }, + } + ownerutil.AddOwner(pod, &s, false, false) + return pod +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/config.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/config.go new file mode 100644 index 000000000..b8d711aff --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/config.go @@ -0,0 +1,162 @@ +package subscription + +import ( + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + utilclock "k8s.io/apimachinery/pkg/util/clock" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +type syncerConfig struct { + logger *logrus.Logger + clock utilclock.Clock + client versioned.Interface + lister operatorlister.OperatorLister + subscriptionInformer cache.SharedIndexInformer + catalogInformer cache.SharedIndexInformer + installPlanInformer cache.SharedIndexInformer + subscriptionQueue workqueue.RateLimitingInterface + reconcilers kubestate.ReconcilerChain + registryReconcilerFactory reconciler.RegistryReconcilerFactory + globalCatalogNamespace string +} + +// SyncerOption is a configuration option for a subscription syncer. +type SyncerOption func(*syncerConfig) + +func defaultSyncerConfig() *syncerConfig { + return &syncerConfig{ + logger: logrus.New(), + clock: utilclock.RealClock{}, + reconcilers: kubestate.ReconcilerChain{}, + } +} + +func (s *syncerConfig) apply(options []SyncerOption) { + for _, option := range options { + option(s) + } +} + +// WithLogger sets a syncer's logger. +func WithLogger(logger *logrus.Logger) SyncerOption { + return func(config *syncerConfig) { + config.logger = logger + } +} + +// WithClock sets a syncer's clock. +func WithClock(clock utilclock.Clock) SyncerOption { + return func(config *syncerConfig) { + config.clock = clock + } +} + +// WithClient sets a syncer's OLM client. +func WithClient(client versioned.Interface) SyncerOption { + return func(config *syncerConfig) { + config.client = client + } +} + +// WithSubscriptionInformer sets the informer a syncer will extract its subscription indexer from. +func WithSubscriptionInformer(subscriptionInformer cache.SharedIndexInformer) SyncerOption { + return func(config *syncerConfig) { + config.subscriptionInformer = subscriptionInformer + } +} + +// WithCatalogInformer sets a CatalogSource informer to act as an event source for dependent Subscriptions. +func WithCatalogInformer(catalogInformer cache.SharedIndexInformer) SyncerOption { + return func(config *syncerConfig) { + config.catalogInformer = catalogInformer + } +} + +// WithInstallPlanInformer sets an InstallPlan informer to act as an event source for dependent Subscriptions. +func WithInstallPlanInformer(installPlanInformer cache.SharedIndexInformer) SyncerOption { + return func(config *syncerConfig) { + config.installPlanInformer = installPlanInformer + } +} + +// WithOperatorLister sets a syncer's operator lister. +func WithOperatorLister(lister operatorlister.OperatorLister) SyncerOption { + return func(config *syncerConfig) { + config.lister = lister + } +} + +// WithSubscriptionQueue sets a syncer's subscription queue. +func WithSubscriptionQueue(subscriptionQueue workqueue.RateLimitingInterface) SyncerOption { + return func(config *syncerConfig) { + config.subscriptionQueue = subscriptionQueue + } +} + +// WithAppendedReconcilers adds the given reconcilers to the end of a syncer's reconciler chain, to be +// invoked after its default reconcilers have been called. +func WithAppendedReconcilers(reconcilers ...kubestate.Reconciler) SyncerOption { + return func(config *syncerConfig) { + // Add non-nil reconcilers to the chain + for _, rec := range reconcilers { + if rec != nil { + config.reconcilers = append(config.reconcilers, rec) + } + } + } +} + +// WithRegistryReconcilerFactory sets a syncer's registry reconciler factory. +func WithRegistryReconcilerFactory(r reconciler.RegistryReconcilerFactory) SyncerOption { + return func(config *syncerConfig) { + config.registryReconcilerFactory = r + } +} + +// WithGlobalCatalogNamespace sets a syncer's global catalog namespace. +func WithGlobalCatalogNamespace(namespace string) SyncerOption { + return func(config *syncerConfig) { + config.globalCatalogNamespace = namespace + } +} + +func newInvalidConfigError(msg string) error { + return errors.Errorf("invalid subscription syncer config: %s", msg) +} + +func (s *syncerConfig) validate() (err error) { + switch { + case s.logger == nil: + err = newInvalidConfigError("nil logger") + case s.clock == nil: + err = newInvalidConfigError("nil clock") + case s.client == nil: + err = newInvalidConfigError("nil client") + case s.lister == nil: + err = newInvalidConfigError("nil lister") + case s.subscriptionInformer == nil: + err = newInvalidConfigError("nil subscription informer") + case s.catalogInformer == nil: + err = newInvalidConfigError("nil catalog informer") + case s.installPlanInformer == nil: + err = newInvalidConfigError("nil installplan informer") + case s.subscriptionQueue == nil: + err = newInvalidConfigError("nil subscription queue") + case len(s.reconcilers) == 0: + err = newInvalidConfigError("no reconcilers") + case s.registryReconcilerFactory == nil: + err = newInvalidConfigError("nil reconciler factory") + case s.globalCatalogNamespace == metav1.NamespaceAll: + err = newInvalidConfigError("global catalog namespace cannot be namespace all") + } + + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/reconciler.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/reconciler.go new file mode 100644 index 000000000..6cb9b2cb3 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/reconciler.go @@ -0,0 +1,255 @@ +package subscription + +import ( + "context" + "errors" + "fmt" + "sort" + + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + utilerrors "k8s.io/apimachinery/pkg/util/errors" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/reference" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer" +) + +// ReconcilerFromLegacySyncHandler returns a reconciler that invokes the given legacy sync handler and on delete funcs. +// Since the reconciler does not return an updated kubestate, it MUST be the last reconciler in a given chain. +func ReconcilerFromLegacySyncHandler(sync queueinformer.LegacySyncHandler, onDelete func(obj interface{})) kubestate.Reconciler { + var rec kubestate.ReconcilerFunc = func(ctx context.Context, in kubestate.State) (out kubestate.State, err error) { + out = in + switch s := in.(type) { + case SubscriptionExistsState: + if sync != nil { + err = sync(s.Subscription()) + } + case SubscriptionDeletedState: + if onDelete != nil { + onDelete(s.Subscription()) + } + case SubscriptionState: + if sync != nil { + err = sync(s.Subscription()) + } + default: + utilruntime.HandleError(fmt.Errorf("unexpected subscription state in legacy reconciler: %T", s)) + } + + return + } + + return rec +} + +// catalogHealthReconciler reconciles catalog health status for subscriptions. +type catalogHealthReconciler struct { + now func() *metav1.Time + client versioned.Interface + catalogLister listers.CatalogSourceLister + registryReconcilerFactory reconciler.RegistryReconcilerFactory + globalCatalogNamespace string +} + +// Reconcile reconciles subscription catalog health conditions. +func (c *catalogHealthReconciler) Reconcile(ctx context.Context, in kubestate.State) (out kubestate.State, err error) { + next := in + var prev kubestate.State + + // loop until this state can no longer transition + for err == nil && next != nil && next != prev && !next.Terminal() { + select { + case <-ctx.Done(): + err = errors.New("subscription catalog health reconciliation context closed") + default: + prev = next + + switch s := next.(type) { + case CatalogHealthKnownState: + // Target state already known, no work to do + next = s + case CatalogHealthState: + // Gather catalog health and transition state + ns := s.Subscription().GetNamespace() + var catalogHealth []v1alpha1.SubscriptionCatalogHealth + if catalogHealth, err = c.catalogHealth(ns); err != nil { + break + } + + next, err = s.UpdateHealth(c.now(), c.client.OperatorsV1alpha1().Subscriptions(ns), catalogHealth...) + case SubscriptionExistsState: + if s == nil { + err = errors.New("nil state") + break + } + if s.Subscription() == nil { + err = errors.New("nil subscription in state") + break + } + + // Set up fresh state + next = NewCatalogHealthState(s) + default: + // Ignore all other typestates + next = s + } + } + } + + out = next + + return +} + +// catalogHealth gets the health of catalogs that can affect Susbcriptions in the given namespace. +// This means all catalogs in the given namespace, as well as any catalogs in the operator's global catalog namespace. +func (c *catalogHealthReconciler) catalogHealth(namespace string) ([]v1alpha1.SubscriptionCatalogHealth, error) { + catalogs, err := c.catalogLister.CatalogSources(namespace).List(labels.Everything()) + if err != nil { + return nil, err + } + + if namespace != c.globalCatalogNamespace { + globals, err := c.catalogLister.CatalogSources(c.globalCatalogNamespace).List(labels.Everything()) + if err != nil { + return nil, err + } + + catalogs = append(catalogs, globals...) + } + + // Sort to ensure ordering + sort.Slice(catalogs, func(i, j int) bool { + return catalogs[i].GetNamespace()+catalogs[i].GetName() < catalogs[j].GetNamespace()+catalogs[j].GetName() + }) + + catalogHealth := make([]v1alpha1.SubscriptionCatalogHealth, len(catalogs)) + now := c.now() + var errs []error + for i, catalog := range catalogs { + h, err := c.health(now, catalog) + if err != nil { + errs = append(errs, err) + continue + } + + // Prevent assignment when any error has been encountered since the results will be discarded + if errs == nil { + catalogHealth[i] = *h + } + } + + if errs != nil || len(catalogHealth) == 0 { + // Assign meaningful zero value + catalogHealth = nil + } + + return catalogHealth, utilerrors.NewAggregate(errs) +} + +// health returns a SusbcriptionCatalogHealth for the given catalog with the given now. +func (c *catalogHealthReconciler) health(now *metav1.Time, catalog *v1alpha1.CatalogSource) (*v1alpha1.SubscriptionCatalogHealth, error) { + healthy, err := c.healthy(catalog) + if err != nil { + return nil, err + } + + ref, err := reference.GetReference(catalog) + if err != nil { + return nil, err + } + if ref == nil { + return nil, errors.New("nil reference") + } + + h := &v1alpha1.SubscriptionCatalogHealth{ + CatalogSourceRef: ref, + // TODO: Should LastUpdated be set here, or at time of subscription update? + LastUpdated: now, + Healthy: healthy, + } + + return h, nil +} + +// healthy returns true if the given catalog is healthy, false otherwise, and any error encountered +// while checking the catalog's registry server. +func (c *catalogHealthReconciler) healthy(catalog *v1alpha1.CatalogSource) (bool, error) { + return c.registryReconcilerFactory.ReconcilerForSource(catalog).CheckRegistryServer(catalog) +} + +// installPlanReconciler reconciles InstallPlan status for Subscriptions. +type installPlanReconciler struct { + now func() *metav1.Time + client versioned.Interface + installPlanLister listers.InstallPlanLister +} + +// Reconcile reconciles Subscription InstallPlan conditions. +func (i *installPlanReconciler) Reconcile(ctx context.Context, in kubestate.State) (out kubestate.State, err error) { + next := in + var prev kubestate.State + + // loop until this state can no longer transition + for err == nil && next != nil && prev != next && !next.Terminal() { + select { + case <-ctx.Done(): + err = errors.New("subscription installplan reconciliation context closed") + default: + prev = next + + switch s := next.(type) { + case NoInstallPlanReferencedState: + // No InstallPlan was referenced, no work to do + next = s + case InstallPlanKnownState: + // Target state already known, no work to do + next = s + case InstallPlanReferencedState: + // Check the stated InstallPlan + ref := s.Subscription().Status.InstallPlanRef // Should never be nil in this typestate + subClient := i.client.OperatorsV1alpha1().Subscriptions(ref.Namespace) + + var plan *v1alpha1.InstallPlan + if plan, err = i.installPlanLister.InstallPlans(ref.Namespace).Get(ref.Name); err != nil { + if apierrors.IsNotFound(err) { + next, err = s.InstallPlanNotFound(i.now(), subClient) + } + + break + } + + next, err = s.CheckInstallPlanStatus(i.now(), subClient, &plan.Status) + case InstallPlanState: + next = s.CheckReference() + case SubscriptionExistsState: + if s == nil { + err = errors.New("nil state") + break + } + if s.Subscription() == nil { + err = errors.New("nil subscription in state") + break + } + + // Set up fresh state + next = newInstallPlanState(s) + default: + // Ignore all other typestates + utilruntime.HandleError(fmt.Errorf("unexpected subscription state in installplan reconciler %T", next)) + next = s + } + } + } + + out = next + + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/reconciler_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/reconciler_test.go new file mode 100644 index 000000000..3d08fcebe --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/reconciler_test.go @@ -0,0 +1,1636 @@ +package subscription + +import ( + "context" + "testing" + "time" + + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + utilclock "k8s.io/apimachinery/pkg/util/clock" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + versionedfake "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions" + registryreconciler "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" + olmfakes "github.com/operator-framework/operator-lifecycle-manager/pkg/fakes" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +func TestCatalogHealthReconcile(t *testing.T) { + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + earlier := metav1.NewTime(now.Add(-time.Minute)) + nowFunc := func() *metav1.Time { return &now } + + type fields struct { + config *fakeReconcilerConfig + } + type args struct { + in kubestate.State + } + type want struct { + err error + out kubestate.State + } + + tests := []struct { + description string + fields fields + args args + want want + }{ + { + description: "ExistsToUnhealthy/NoCatalogs", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + globalCatalogNamespace: "global", + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "default", + }, + Spec: &v1alpha1.SubscriptionSpec{}, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState( + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "default", + }, + Spec: &v1alpha1.SubscriptionSpec{}, + Status: v1alpha1.SubscriptionStatus{}, + }, + ), + }, + want: want{ + out: newCatalogUnhealthyState( + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "default", + }, + Spec: &v1alpha1.SubscriptionSpec{}, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + { + Type: v1alpha1.SubscriptionCatalogSourcesUnhealthy, + Status: corev1.ConditionTrue, + Reason: v1alpha1.NoCatalogSourcesFound, + Message: "dependency resolution requires at least one catalogsource", + LastTransitionTime: &now, + }, + }, + LastUpdated: now, + }, + }, + ), + }, + }, + { + description: "ExistsToUnhealthy/Catalogs/NoChanges", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + registryReconcilerFactory: fakeRegistryReconcilerFactory(false, nil), + globalCatalogNamespace: "global", + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + catalogSource("ns", "cs-0"), + catalogSource("ns", "cs-1"), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, false), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, false), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newCatalogUnhealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, false), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "ExistsToHealthy/Catalogs/NoChanges", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + registryReconcilerFactory: fakeRegistryReconcilerFactory(true, nil), + globalCatalogNamespace: "ns", + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + catalogSource("ns", "cs-0"), + catalogSource("ns", "cs-1"), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "ExistsToHealthy/Catalogs/Changes/GlobalAdded", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + registryReconcilerFactory: fakeRegistryReconcilerFactory(true, nil), + globalCatalogNamespace: "global", + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + catalogSource("global", "cs-g"), + catalogSource("ns", "cs-0"), + catalogSource("ns", "cs-1"), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("global", "cs-g", &now, true), + catalogHealth("ns", "cs-0", &now, true), + catalogHealth("ns", "cs-1", &now, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.CatalogSourcesAdded, "all available catalogsources are healthy", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + } + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + + rec := newFakeCatalogHealthReconciler(ctx, t, tt.fields.config) + + out, err := rec.Reconcile(ctx, tt.args.in) + require.Equal(t, tt.want.err, err) + require.Equal(t, tt.want.out, out) + + // Ensure the client's view of the subscription matches the typestate's + sub := out.(SubscriptionState).Subscription() + clusterSub, err := rec.client.OperatorsV1alpha1().Subscriptions(sub.GetNamespace()).Get(sub.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, sub, clusterSub) + }) + } +} + +func TestInstallPlanReconcile(t *testing.T) { + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + earlier := metav1.NewTime(now.Add(-time.Minute)) + nowFunc := func() *metav1.Time { return &now } + + type fields struct { + config *fakeReconcilerConfig + } + type args struct { + in kubestate.State + } + type want struct { + err error + out kubestate.State + } + + tests := []struct { + description string + fields fields + args args + want want + }{ + { + description: "SubscriptionExistsToNoInstallPlanReferenced/NoConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + want: want{ + out: newNoInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + }, + { + description: "CatalogHealthyToNoInstallPlanReferenced/MixedConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: &noInstallPlanReferencedState{ + InstallPlanState: &installPlanState{ + SubscriptionExistsState: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + }, + }, + { + description: "SubscriptionExistsToInstallPlanNotFound/NoConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanMissingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanNotFound/Conditions/NoChanges", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanMissingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "CatalogHealthyToInstallPlanNotFound/MixedConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: &installPlanMissingState{ + InstallPlanKnownState: &installPlanKnownState{ + InstallPlanReferencedState: &installPlanReferencedState{ + InstallPlanState: &installPlanState{ + SubscriptionExistsState: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + }, + }, + }, + }, + { + description: "SubscriptionExistsToInstallPlanPending/NotYetReconciled/NoConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + installPlan("ns", "ip"), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanNotYetReconciled), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanPending/Planning/NoConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhasePlanning, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhasePlanning), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanPending/Planning/Conditions/NoChanges", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhasePlanning, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhasePlanning), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhasePlanning), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhasePlanning), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanPending/Installing/NoConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanPending/RequiresApproval/NoConditions/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseRequiresApproval, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanPending/Installing/Conditions/NoChanges", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanFailed/Failed/NoProjectedReason/Conditions/Installing/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseFailed, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanFailedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, v1alpha1.InstallPlanFailed, "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanFailed/Failed/ProjectedReason/Conditions/Installing/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseFailed, + Conditions: []v1alpha1.InstallPlanCondition{ + { + Type: v1alpha1.InstallPlanInstalled, + Status: corev1.ConditionFalse, + Reason: v1alpha1.InstallPlanReasonComponentFailed, + }, + }, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanFailedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanFailed/Failed/ProjectedReason/Conditions/NoChanges", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseFailed, + Conditions: []v1alpha1.InstallPlanCondition{ + { + Type: v1alpha1.InstallPlanInstalled, + Status: corev1.ConditionFalse, + Reason: v1alpha1.InstallPlanReasonComponentFailed, + }, + }, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanFailedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanInstalled/Conditions/Installing/Changes", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseComplete, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanInstalledState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "SubscriptionExistsToInstallPlanInstalled/NoConditions/NoChanges", + fields: fields{ + config: &fakeReconcilerConfig{ + now: nowFunc, + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + withInstallPlanStatus( + installPlan("ns", "ip"), + &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseComplete, + }, + ), + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }, + }, + }, + }, + }, + args: args{ + in: newSubscriptionExistsState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }), + }, + want: want{ + out: newInstallPlanInstalledState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + LastUpdated: earlier, + }, + }), + }, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + + rec := newFakeInstallPlanReconciler(ctx, t, tt.fields.config) + + out, err := rec.Reconcile(ctx, tt.args.in) + require.Equal(t, tt.want.err, err) + require.Equal(t, tt.want.out, out) + + // Ensure the client's view of the subscription matches the typestate's + sub := out.(SubscriptionState).Subscription() + clusterSub, err := rec.client.OperatorsV1alpha1().Subscriptions(sub.GetNamespace()).Get(sub.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, sub, clusterSub) + }) + } +} + +func fakeRegistryReconcilerFactory(healthy bool, err error) *olmfakes.FakeRegistryReconcilerFactory { + return &olmfakes.FakeRegistryReconcilerFactory{ + ReconcilerForSourceStub: func(*v1alpha1.CatalogSource) registryreconciler.RegistryReconciler { + return &olmfakes.FakeRegistryReconciler{ + CheckRegistryServerStub: func(*v1alpha1.CatalogSource) (bool, error) { + return healthy, err + }, + } + }, + } +} + +type existingObjs struct { + clientObjs []runtime.Object +} + +func (e existingObjs) fakeClientset(t *testing.T) *versionedfake.ReactionForwardingClientsetDecorator { + return versionedfake.NewReactionForwardingClientsetDecorator(e.clientObjs, clientfake.WithSelfLinks(t)) +} + +type fakeReconcilerConfig struct { + now func() *metav1.Time + registryReconcilerFactory registryreconciler.RegistryReconcilerFactory + globalCatalogNamespace string + subscriptionNamespace string + existingObjs existingObjs +} + +func newFakeCatalogHealthReconciler(ctx context.Context, t *testing.T, config *fakeReconcilerConfig) *catalogHealthReconciler { + fakeClient := config.existingObjs.fakeClientset(t) + versionedFactory := externalversions.NewSharedInformerFactoryWithOptions(fakeClient, time.Minute) + catalogInformer := versionedFactory.Operators().V1alpha1().CatalogSources() + lister := operatorlister.NewLister() + lister.OperatorsV1alpha1().RegisterCatalogSourceLister(metav1.NamespaceAll, catalogInformer.Lister()) + + rec := &catalogHealthReconciler{ + now: config.now, + client: fakeClient, + catalogLister: lister.OperatorsV1alpha1().CatalogSourceLister(), + registryReconcilerFactory: config.registryReconcilerFactory, + globalCatalogNamespace: config.globalCatalogNamespace, + } + + versionedFactory.Start(ctx.Done()) + versionedFactory.WaitForCacheSync(ctx.Done()) + + return rec +} + +func newFakeInstallPlanReconciler(ctx context.Context, t *testing.T, config *fakeReconcilerConfig) *installPlanReconciler { + fakeClient := config.existingObjs.fakeClientset(t) + versionedFactory := externalversions.NewSharedInformerFactoryWithOptions(fakeClient, time.Minute) + ipInformer := versionedFactory.Operators().V1alpha1().InstallPlans() + lister := operatorlister.NewLister() + lister.OperatorsV1alpha1().RegisterInstallPlanLister(metav1.NamespaceAll, ipInformer.Lister()) + + rec := &installPlanReconciler{ + now: config.now, + client: fakeClient, + installPlanLister: lister.OperatorsV1alpha1().InstallPlanLister(), + } + + versionedFactory.Start(ctx.Done()) + versionedFactory.WaitForCacheSync(ctx.Done()) + + return rec +} + +// Helper functions to shortcut to a particular state. +// They should not be used outside of testing. + +func newSubscriptionExistsState(sub *v1alpha1.Subscription) SubscriptionExistsState { + return &subscriptionExistsState{ + SubscriptionState: NewSubscriptionState(sub), + } +} + +func newCatalogHealthState(sub *v1alpha1.Subscription) CatalogHealthState { + return &catalogHealthState{ + SubscriptionExistsState: newSubscriptionExistsState(sub), + } +} + +func newCatalogHealthKnownState(sub *v1alpha1.Subscription) CatalogHealthKnownState { + return &catalogHealthKnownState{ + CatalogHealthState: newCatalogHealthState(sub), + } +} + +func newCatalogHealthyState(sub *v1alpha1.Subscription) CatalogHealthyState { + return &catalogHealthyState{ + CatalogHealthKnownState: newCatalogHealthKnownState(sub), + } +} + +func newCatalogUnhealthyState(sub *v1alpha1.Subscription) CatalogUnhealthyState { + return &catalogUnhealthyState{ + CatalogHealthKnownState: newCatalogHealthKnownState(sub), + } +} + +func newNoInstallPlanReferencedState(sub *v1alpha1.Subscription) NoInstallPlanReferencedState { + return &noInstallPlanReferencedState{ + InstallPlanState: newInstallPlanState(newSubscriptionExistsState(sub)), + } +} + +func newInstallPlanReferencedState(sub *v1alpha1.Subscription) InstallPlanReferencedState { + return &installPlanReferencedState{ + InstallPlanState: newInstallPlanState(newSubscriptionExistsState(sub)), + } +} + +func newInstallPlanKnownState(sub *v1alpha1.Subscription) InstallPlanKnownState { + return &installPlanKnownState{ + InstallPlanReferencedState: newInstallPlanReferencedState(sub), + } +} + +func newInstallPlanMissingState(sub *v1alpha1.Subscription) InstallPlanMissingState { + return &installPlanMissingState{ + InstallPlanKnownState: newInstallPlanKnownState(sub), + } +} + +func newInstallPlanPendingState(sub *v1alpha1.Subscription) InstallPlanPendingState { + return &installPlanPendingState{ + InstallPlanKnownState: newInstallPlanKnownState(sub), + } +} + +func newInstallPlanFailedState(sub *v1alpha1.Subscription) InstallPlanFailedState { + return &installPlanFailedState{ + InstallPlanKnownState: newInstallPlanKnownState(sub), + } +} + +func newInstallPlanInstalledState(sub *v1alpha1.Subscription) InstallPlanInstalledState { + return &installPlanInstalledState{ + InstallPlanKnownState: newInstallPlanKnownState(sub), + } +} + +// Helper functions for generating OLM resources. + +func catalogSource(namespace, name string) *v1alpha1.CatalogSource { + return &v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + SelfLink: clientfake.BuildSelfLink(v1alpha1.SchemeGroupVersion.String(), "catalogsources", namespace, name), + UID: types.UID(name), + }, + } +} + +func installPlan(namespace, name string) *v1alpha1.InstallPlan { + return &v1alpha1.InstallPlan{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + SelfLink: clientfake.BuildSelfLink(v1alpha1.SchemeGroupVersion.String(), "installplans", namespace, name), + UID: types.UID(name), + }, + } +} + +func withInstallPlanStatus(plan *v1alpha1.InstallPlan, status *v1alpha1.InstallPlanStatus) *v1alpha1.InstallPlan { + if plan == nil { + plan = &v1alpha1.InstallPlan{} + } + if status == nil { + status = &v1alpha1.InstallPlanStatus{} + } + plan.Status = *status + + return plan +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/state.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/state.go new file mode 100644 index 000000000..6f93863ba --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/state.go @@ -0,0 +1,528 @@ +package subscription + +import ( + "fmt" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + clientv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/typed/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" +) + +// SubscriptionState describes subscription states. +type SubscriptionState interface { + kubestate.State + + isSubscriptionState() + setSubscription(*v1alpha1.Subscription) + + Subscription() *v1alpha1.Subscription + Add() SubscriptionExistsState + Update() SubscriptionExistsState + Delete() SubscriptionDeletedState +} + +// SubscriptionExistsState describes subscription states in which the subscription exists on the cluster. +type SubscriptionExistsState interface { + SubscriptionState + + isSubscriptionExistsState() +} + +// SubscriptionAddedState describes subscription states in which the subscription was added to cluster. +type SubscriptionAddedState interface { + SubscriptionExistsState + + isSubscriptionAddedState() +} + +// SubscriptionUpdatedState describes subscription states in which the subscription was updated in the cluster. +type SubscriptionUpdatedState interface { + SubscriptionExistsState + + isSubscriptionUpdatedState() +} + +// SubscriptionDeletedState describes subscription states in which the subscription no longer exists and was deleted from the cluster. +type SubscriptionDeletedState interface { + SubscriptionState + + isSubscriptionDeletedState() +} + +// CatalogHealthState describes subscription states that represent a subscription with respect to catalog health. +type CatalogHealthState interface { + SubscriptionExistsState + + isCatalogHealthState() + + // UpdateHealth transitions the CatalogHealthState to another CatalogHealthState based on the given subscription catalog health. + // The state's underlying subscription may be updated on the cluster. If the subscription is updated, the resulting state will contain the updated version. + UpdateHealth(now *metav1.Time, client clientv1alpha1.SubscriptionInterface, health ...v1alpha1.SubscriptionCatalogHealth) (CatalogHealthState, error) +} + +// CatalogHealthKnownState describes subscription states in which all relevant catalog health is known. +type CatalogHealthKnownState interface { + CatalogHealthState + + isCatalogHealthKnownState() +} + +// CatalogHealthyState describes subscription states in which all relevant catalogs are known to be healthy. +type CatalogHealthyState interface { + CatalogHealthKnownState + + isCatalogHealthyState() +} + +// CatalogUnhealthyState describes subscription states in which at least one relevant catalog is known to be unhealthy. +type CatalogUnhealthyState interface { + CatalogHealthKnownState + + isCatalogUnhealthyState() +} + +// InstallPlanState describes Subscription states with respect to an InstallPlan. +type InstallPlanState interface { + SubscriptionExistsState + + isInstallPlanState() + + CheckReference() InstallPlanState +} + +type NoInstallPlanReferencedState interface { + InstallPlanState + + isNoInstallPlanReferencedState() +} + +type InstallPlanReferencedState interface { + InstallPlanState + + isInstallPlanReferencedState() + + InstallPlanNotFound(now *metav1.Time, client clientv1alpha1.SubscriptionInterface) (InstallPlanReferencedState, error) + + CheckInstallPlanStatus(now *metav1.Time, client clientv1alpha1.SubscriptionInterface, status *v1alpha1.InstallPlanStatus) (InstallPlanReferencedState, error) +} + +type InstallPlanKnownState interface { + InstallPlanReferencedState + + isInstallPlanKnownState() +} + +type InstallPlanMissingState interface { + InstallPlanKnownState + + isInstallPlanMissingState() +} + +type InstallPlanPendingState interface { + InstallPlanKnownState + + isInstallPlanPendingState() +} + +type InstallPlanFailedState interface { + InstallPlanKnownState + + isInstallPlanFailedState() +} + +type InstallPlanInstalledState interface { + InstallPlanKnownState + + isInstallPlanInstalledState() +} + +type subscriptionState struct { + kubestate.State + + subscription *v1alpha1.Subscription +} + +func (s *subscriptionState) isSubscriptionState() {} + +func (s *subscriptionState) setSubscription(sub *v1alpha1.Subscription) { + s.subscription = sub +} + +func (s *subscriptionState) Subscription() *v1alpha1.Subscription { + return s.subscription +} + +func (s *subscriptionState) Add() SubscriptionExistsState { + return &subscriptionAddedState{ + SubscriptionExistsState: &subscriptionExistsState{ + SubscriptionState: s, + }, + } +} + +func (s *subscriptionState) Update() SubscriptionExistsState { + return &subscriptionUpdatedState{ + SubscriptionExistsState: &subscriptionExistsState{ + SubscriptionState: s, + }, + } +} + +func (s *subscriptionState) Delete() SubscriptionDeletedState { + return &subscriptionDeletedState{ + SubscriptionState: s, + } +} + +func NewSubscriptionState(sub *v1alpha1.Subscription) SubscriptionState { + return &subscriptionState{ + State: kubestate.NewState(), + subscription: sub, + } +} + +type subscriptionExistsState struct { + SubscriptionState +} + +func (*subscriptionExistsState) isSubscriptionExistsState() {} + +type subscriptionAddedState struct { + SubscriptionExistsState +} + +func (c *subscriptionAddedState) isSubscriptionAddedState() {} + +type subscriptionUpdatedState struct { + SubscriptionExistsState +} + +func (c *subscriptionUpdatedState) isSubscriptionUpdatedState() {} + +type subscriptionDeletedState struct { + SubscriptionState +} + +func (c *subscriptionDeletedState) isSubscriptionDeletedState() {} + +type catalogHealthState struct { + SubscriptionExistsState +} + +func (c *catalogHealthState) isCatalogHealthState() {} + +func (c *catalogHealthState) UpdateHealth(now *metav1.Time, client clientv1alpha1.SubscriptionInterface, catalogHealth ...v1alpha1.SubscriptionCatalogHealth) (CatalogHealthState, error) { + in := c.Subscription() + out := in.DeepCopy() + + healthSet := make(map[types.UID]v1alpha1.SubscriptionCatalogHealth, len(catalogHealth)) + healthy := true + missingTargeted := true + + cond := out.Status.GetCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy) + for _, h := range catalogHealth { + ref := h.CatalogSourceRef + healthSet[ref.UID] = h + healthy = healthy && h.Healthy + + if ref.Namespace == in.Spec.CatalogSourceNamespace && ref.Name == in.Spec.CatalogSource { + missingTargeted = false + if !h.Healthy { + cond.Message = fmt.Sprintf("targeted catalogsource %s/%s unhealthy", ref.Namespace, ref.Name) + } + } + } + + var known CatalogHealthKnownState + switch { + case missingTargeted: + healthy = false + cond.Message = fmt.Sprintf("targeted catalogsource %s/%s missing", in.Spec.CatalogSourceNamespace, in.Spec.CatalogSource) + fallthrough + case !healthy: + cond.Status = corev1.ConditionTrue + cond.Reason = v1alpha1.UnhealthyCatalogSourceFound + known = &catalogUnhealthyState{ + CatalogHealthKnownState: &catalogHealthKnownState{ + CatalogHealthState: c, + }, + } + default: + cond.Status = corev1.ConditionFalse + cond.Reason = v1alpha1.AllCatalogSourcesHealthy + cond.Message = "all available catalogsources are healthy" + known = &catalogHealthyState{ + CatalogHealthKnownState: &catalogHealthKnownState{ + CatalogHealthState: c, + }, + } + } + + // Check for changes in CatalogHealth + update := true + switch numNew, numOld := len(healthSet), len(in.Status.CatalogHealth); { + case numNew > numOld: + cond.Reason = v1alpha1.CatalogSourcesAdded + case numNew < numOld: + cond.Reason = v1alpha1.CatalogSourcesDeleted + case numNew == 0 && numNew == numOld: + healthy = false + cond.Reason = v1alpha1.NoCatalogSourcesFound + cond.Message = "dependency resolution requires at least one catalogsource" + case numNew == numOld: + // Check against existing subscription + for _, oldHealth := range in.Status.CatalogHealth { + uid := oldHealth.CatalogSourceRef.UID + if newHealth, ok := healthSet[uid]; !ok || !newHealth.Equals(oldHealth) { + cond.Reason = v1alpha1.CatalogSourcesUpdated + break + } + } + + fallthrough + default: + update = false + } + + if !update && cond.Equals(in.Status.GetCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy)) { + // Nothing to do, transition to self + return known, nil + } + + cond.LastTransitionTime = now + out.Status.LastUpdated = *now + out.Status.SetCondition(cond) + out.Status.CatalogHealth = catalogHealth + + updated, err := client.UpdateStatus(out) + if err != nil { + // Error occurred, transition to self + return c, err + } + + // Inject updated subscription into the state + known.setSubscription(updated) + + return known, nil +} + +func NewCatalogHealthState(s SubscriptionExistsState) CatalogHealthState { + return &catalogHealthState{ + SubscriptionExistsState: s, + } +} + +type catalogHealthKnownState struct { + CatalogHealthState +} + +func (c *catalogHealthKnownState) isCatalogHealthKnownState() {} + +func (c *catalogHealthKnownState) CatalogHealth() []v1alpha1.SubscriptionCatalogHealth { + return c.Subscription().Status.CatalogHealth +} + +type catalogHealthyState struct { + CatalogHealthKnownState +} + +func (c *catalogHealthyState) isCatalogHealthyState() {} + +type catalogUnhealthyState struct { + CatalogHealthKnownState +} + +func (c *catalogUnhealthyState) isCatalogUnhealthyState() {} + +type installPlanState struct { + SubscriptionExistsState +} + +func (i *installPlanState) isInstallPlanState() {} + +func (i *installPlanState) CheckReference() InstallPlanState { + if i.Subscription().Status.InstallPlanRef != nil { + return &installPlanReferencedState{ + InstallPlanState: i, + } + } + + return &noInstallPlanReferencedState{ + InstallPlanState: i, + } +} + +func newInstallPlanState(s SubscriptionExistsState) InstallPlanState { + return &installPlanState{ + SubscriptionExistsState: s, + } +} + +type noInstallPlanReferencedState struct { + InstallPlanState +} + +func (n *noInstallPlanReferencedState) isNoInstallPlanReferencedState() {} + +type installPlanReferencedState struct { + InstallPlanState +} + +func (i *installPlanReferencedState) isInstallPlanReferencedState() {} + +var hashEqual = comparison.NewHashEqualitor() + +func (i *installPlanReferencedState) InstallPlanNotFound(now *metav1.Time, client clientv1alpha1.SubscriptionInterface) (InstallPlanReferencedState, error) { + in := i.Subscription() + out := in.DeepCopy() + + // Remove pending and failed conditions + out.Status.RemoveConditions(v1alpha1.SubscriptionInstallPlanPending, v1alpha1.SubscriptionInstallPlanFailed) + + // Set missing condition to true + missingCond := out.Status.GetCondition(v1alpha1.SubscriptionInstallPlanMissing) + missingCond.Status = corev1.ConditionTrue + missingCond.Reason = v1alpha1.ReferencedInstallPlanNotFound + missingCond.LastTransitionTime = now + out.Status.SetCondition(missingCond) + + // Build missing state + missingState := &installPlanMissingState{ + InstallPlanKnownState: &installPlanKnownState{ + InstallPlanReferencedState: i, + }, + } + + // Bail out if the conditions haven't changed (using select fields included in a hash) + if hashEqual(out.Status.Conditions, in.Status.Conditions) { + return missingState, nil + } + + // Update the Subscription + out.Status.LastUpdated = *now + updated, err := client.UpdateStatus(out) + if err != nil { + return i, err + } + + // Stuff updated Subscription into state + missingState.setSubscription(updated) + + return missingState, nil +} + +func (i *installPlanReferencedState) CheckInstallPlanStatus(now *metav1.Time, client clientv1alpha1.SubscriptionInterface, status *v1alpha1.InstallPlanStatus) (InstallPlanReferencedState, error) { + in := i.Subscription() + out := in.DeepCopy() + + // Remove missing, pending, and failed conditions + out.Status.RemoveConditions(v1alpha1.SubscriptionInstallPlanMissing, v1alpha1.SubscriptionInstallPlanPending, v1alpha1.SubscriptionInstallPlanFailed) + + // Build and set the InstallPlan condition, if any + cond := v1alpha1.SubscriptionCondition{ + Status: corev1.ConditionUnknown, + LastTransitionTime: now, + } + + // TODO: Use InstallPlan conditions instead of phases + // Get the status of the InstallPlan and create the appropriate condition and state + var known InstallPlanKnownState + switch phase := status.Phase; phase { + case v1alpha1.InstallPlanPhaseNone: + // Set reason and let the following case fill out the pending condition + cond.Reason = v1alpha1.InstallPlanNotYetReconciled + fallthrough + case v1alpha1.InstallPlanPhasePlanning, v1alpha1.InstallPlanPhaseInstalling, v1alpha1.InstallPlanPhaseRequiresApproval: + if cond.Reason == "" { + cond.Reason = string(phase) + } + + cond.Type = v1alpha1.SubscriptionInstallPlanPending + cond.Status = corev1.ConditionTrue + out.Status.SetCondition(cond) + + // Build pending state + known = &installPlanPendingState{ + InstallPlanKnownState: &installPlanKnownState{ + InstallPlanReferencedState: i, + }, + } + case v1alpha1.InstallPlanPhaseFailed: + // Attempt to project reason from failed InstallPlan condition + if installedCond := status.GetCondition(v1alpha1.InstallPlanInstalled); installedCond.Status == corev1.ConditionFalse { + cond.Reason = string(installedCond.Reason) + } else { + cond.Reason = v1alpha1.InstallPlanFailed + } + + cond.Type = v1alpha1.SubscriptionInstallPlanFailed + cond.Status = corev1.ConditionTrue + out.Status.SetCondition(cond) + + // Build failed state + known = &installPlanFailedState{ + InstallPlanKnownState: &installPlanKnownState{ + InstallPlanReferencedState: i, + }, + } + default: + // Build installed state + known = &installPlanInstalledState{ + InstallPlanKnownState: &installPlanKnownState{ + InstallPlanReferencedState: i, + }, + } + } + + // Bail out if the conditions haven't changed (using select fields included in a hash) + if hashEqual(out.Status.Conditions, in.Status.Conditions) { + return known, nil + } + + // Update the Subscription + out.Status.LastUpdated = *now + updated, err := client.UpdateStatus(out) + if err != nil { + return i, err + } + + // Stuff updated Subscription into state + known.setSubscription(updated) + + return known, nil +} + +type installPlanKnownState struct { + InstallPlanReferencedState +} + +func (i *installPlanKnownState) isInstallPlanKnownState() {} + +type installPlanMissingState struct { + InstallPlanKnownState +} + +func (i *installPlanMissingState) isInstallPlanMissingState() {} + +type installPlanPendingState struct { + InstallPlanKnownState +} + +func (i *installPlanPendingState) isInstallPlanPendingState() {} + +type installPlanFailedState struct { + InstallPlanKnownState +} + +func (i *installPlanFailedState) isInstallPlanFailedState() {} + +type installPlanInstalledState struct { + InstallPlanKnownState +} + +func (i *installPlanInstalledState) isInstallPlanInstalledState() {} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/state_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/state_test.go new file mode 100644 index 000000000..71cf908bf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/state_test.go @@ -0,0 +1,1730 @@ +package subscription + +import ( + "testing" + "time" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + utilclock "k8s.io/apimachinery/pkg/util/clock" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/stretchr/testify/require" +) + +func TestUpdateHealth(t *testing.T) { + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + earlier := metav1.NewTime(now.Add(-time.Minute)) + + type fields struct { + existingObjs existingObjs + namespace string + state CatalogHealthState + } + type args struct { + now *metav1.Time + catalogHealth []v1alpha1.SubscriptionCatalogHealth + } + type want struct { + transitioned CatalogHealthState + terminal bool + err error + } + + tests := []struct { + description string + fields fields + args args + want want + }{ + { + description: "CatalogHealthState/NoCatalogSources/NoConditions/Unhealthy/ConditionsAdded", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + }, + }, + }, + namespace: "ns", + state: newCatalogHealthState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + }), + }, + args: args{ + now: &now, + }, + want: want{ + transitioned: newCatalogUnhealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.NoCatalogSourcesFound, "dependency resolution requires at least one catalogsource", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "CatalogHealthState/CatalogSources/NoConditions/Unhealthy/CatalogsAdded", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + }, + }, + }, + namespace: "ns", + state: newCatalogHealthState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + }, + }, + }), + }, + args: args{ + now: &now, + catalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &now, false), + }, + }, + want: want{ + transitioned: newCatalogUnhealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &now, false), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "CatalogHealthState/CatalogSources/Conditions/Unhealthy/NoChanges", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newCatalogHealthState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + catalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &now, false), + catalogHealth("ns", "cs-1", &now, true), + }, + }, + want: want{ + transitioned: newCatalogUnhealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "CatalogHealthState/CatalogSources/Conditions/Unhealthy/ToHealthy", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newCatalogHealthState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, "targeted catalogsource ns/cs-0 unhealthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + catalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &now, true), + catalogHealth("ns", "cs-1", &now, true), + }, + }, + want: want{ + transitioned: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &now, true), + catalogHealth("ns", "cs-1", &now, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.CatalogSourcesUpdated, "all available catalogsources are healthy", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "CatalogHealthState/CatalogSources/Conditions/MissingTargeted/Healthy/ToUnhealthy", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newCatalogHealthState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, false), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + catalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-1", &now, true), + catalogHealth("global", "cs-g", &now, true), + }, + }, + want: want{ + transitioned: newCatalogUnhealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-1", &now, true), + catalogHealth("global", "cs-g", &now, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionTrue, v1alpha1.CatalogSourcesUpdated, "targeted catalogsource ns/cs-0 missing", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "CatalogHealthState/CatalogSources/Conditions/Healthy/NoChanges", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newCatalogHealthState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + catalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &now, true), + catalogHealth("ns", "cs-1", &now, true), + }, + }, + want: want{ + transitioned: newCatalogHealthyState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSourceNamespace: "ns", + CatalogSource: "cs-0", + }, + Status: v1alpha1.SubscriptionStatus{ + CatalogHealth: []v1alpha1.SubscriptionCatalogHealth{ + catalogHealth("ns", "cs-0", &earlier, true), + catalogHealth("ns", "cs-1", &earlier, true), + }, + Conditions: []v1alpha1.SubscriptionCondition{ + catalogUnhealthyCondition(corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + fakeClient := tt.fields.existingObjs.fakeClientset(t).OperatorsV1alpha1().Subscriptions(tt.fields.namespace) + transitioned, err := tt.fields.state.UpdateHealth(tt.args.now, fakeClient, tt.args.catalogHealth...) + require.Equal(t, tt.want.err, err) + require.Equal(t, tt.want.transitioned, transitioned) + + if tt.want.transitioned != nil { + require.Equal(t, tt.want.terminal, transitioned.Terminal()) + + // Ensure the client's view of the subscription matches the typestate's + sub := transitioned.(SubscriptionState).Subscription() + clusterSub, err := fakeClient.Get(sub.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, sub, clusterSub) + } + + }) + } +} + +func TestCheckReference(t *testing.T) { + type fields struct { + state InstallPlanState + } + type want struct { + transitioned InstallPlanState + terminal bool + } + + tests := []struct { + description string + fields fields + want want + }{ + { + description: "NoReference/FromInstallPlanState/ToNoInstallPlanReferencedState", + fields: fields{ + state: newInstallPlanState(newSubscriptionExistsState( + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }, + )), + }, + want: want{ + transitioned: newNoInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + terminal: false, + }, + }, + { + description: "NoReference/FromNoInstallPlanReferencedState/ToNoInstallPlanReferencedState", + fields: fields{ + state: newNoInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + want: want{ + transitioned: newNoInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + terminal: false, + }, + }, + { + description: "NoReference/FromInstallPlanReferencedState/ToNoInstallPlanReferencedState", + fields: fields{ + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + want: want{ + transitioned: newNoInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + terminal: false, + }, + }, + { + description: "Reference/FromInstallPlanState/ToInstallPlanReferencedState", + fields: fields{ + state: newInstallPlanState(newSubscriptionExistsState( + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + }, + }, + )), + }, + want: want{ + transitioned: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + }, + }), + terminal: false, + }, + }, + { + description: "Reference/FromInstallPlanReferencedState/ToInstallPlanReferencedState", + fields: fields{ + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + }, + }), + }, + want: want{ + transitioned: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + }, + }), + terminal: false, + }, + }, + { + description: "Reference/FromNoInstallPlanReferencedState/ToInstallPlanReferencedState", + fields: fields{ + state: newNoInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + }, + }), + }, + want: want{ + transitioned: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + InstallPlanRef: &corev1.ObjectReference{ + Namespace: "ns", + Name: "ip", + }, + }, + }), + terminal: false, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + transitioned := tt.fields.state.CheckReference() + require.Equal(t, tt.want.transitioned, transitioned) + require.Equal(t, tt.want.terminal, transitioned.Terminal()) + }) + } +} + +func TestInstallPlanNotFound(t *testing.T) { + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + earlier := metav1.NewTime(now.Add(-time.Minute)) + + type fields struct { + existingObjs existingObjs + namespace string + state InstallPlanReferencedState + } + type args struct { + now *metav1.Time + } + type want struct { + transitioned InstallPlanReferencedState + terminal bool + err error + } + tests := []struct { + description string + fields fields + args args + want want + }{ + { + description: "InstallPlanReferencedState/NoConditions/ToInstallPlanMissingState/Update", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + }, + want: want{ + transitioned: newInstallPlanMissingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/ToInstallPlanMissingState/NoUpdate", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + }, + want: want{ + transitioned: newInstallPlanMissingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanMissingState/Conditions/ToInstallPlanMissingState/NoUpdate", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanMissingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + }, + want: want{ + transitioned: newInstallPlanMissingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/ToInstallPlanMissingState/Update/RemovesFailedAndPending", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + }, + want: want{ + transitioned: newInstallPlanMissingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, v1alpha1.ReferencedInstallPlanNotFound, "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + fakeClient := tt.fields.existingObjs.fakeClientset(t).OperatorsV1alpha1().Subscriptions(tt.fields.namespace) + transitioned, err := tt.fields.state.InstallPlanNotFound(tt.args.now, fakeClient) + require.Equal(t, tt.want.err, err) + require.Equal(t, tt.want.transitioned, transitioned) + + if tt.want.transitioned != nil { + require.Equal(t, tt.want.terminal, transitioned.Terminal()) + + // Ensure the client's view of the subscription matches the typestate's + sub := transitioned.(SubscriptionState).Subscription() + clusterSub, err := fakeClient.Get(sub.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, sub, clusterSub) + } + }) + } +} + +func TestCheckInstallPlanStatus(t *testing.T) { + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + earlier := metav1.NewTime(now.Add(-time.Minute)) + + type fields struct { + existingObjs existingObjs + namespace string + state InstallPlanReferencedState + } + type args struct { + now *metav1.Time + status *v1alpha1.InstallPlanStatus + } + type want struct { + transitioned InstallPlanReferencedState + terminal bool + err error + } + tests := []struct { + description string + fields fields + args args + want want + }{ + { + description: "InstallPlanReferencedState/NoConditions/InstallPlanNotYetReconciled/ToInstallPlanPendingState/Update", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{}, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/InstallPlanNotYetReconciled/ToInstallPlanPendingState/NoUpdate", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{}, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanPendingState/Conditions/InstallPlanNotYetReconciled/ToInstallPlanPendingState/NoUpdate", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{}, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/InstallPlanNotYetReconciled/ToInstallPlanPendingState/Update/RemovesFailedAndMissing", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{}, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, v1alpha1.InstallPlanNotYetReconciled, "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/NoConditions/RequiresApproval/ToInstallPlanPendingState/Update", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseRequiresApproval, + }, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/RequiresApproval/ToInstallPlanPendingState/NoUpdate", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseRequiresApproval, + }, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/RequiresApproval/ToInstallPlanPendingState/Update/RemovesMissingAndFailed", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseRequiresApproval, + }, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseRequiresApproval), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/NoConditions/Installing/ToInstallPlanPendingState/Update", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + }, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/Installing/ToInstallPlanPendingState/NoUpdate", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + }, + }, + want: want{ + transitioned: newInstallPlanPendingState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planPendingCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanPhaseInstalling), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/NoConditions/Failed/ToInstallPlanFailedState/Update/NoReason", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseFailed, + }, + }, + want: want{ + transitioned: newInstallPlanFailedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanFailed), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/Failed/ToInstallPlanFailedState/NoUpdate/NoReason", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseFailed, + }, + }, + want: want{ + transitioned: newInstallPlanFailedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/NoConditions/Failed/ToInstallPlanFailedState/Update/InstallPlanReasonComponentFailed", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseFailed, + Conditions: []v1alpha1.InstallPlanCondition{ + { + Type: v1alpha1.InstallPlanInstalled, + Status: corev1.ConditionFalse, + Reason: v1alpha1.InstallPlanReasonComponentFailed, + }, + }, + }, + }, + want: want{ + transitioned: newInstallPlanFailedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &now), + }, + LastUpdated: now, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/Failed/ToInstallPlanFailedState/NoUpdate/InstallPlanReasonComponentFailed", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseFailed, + Conditions: []v1alpha1.InstallPlanCondition{ + { + Type: v1alpha1.InstallPlanInstalled, + Status: corev1.ConditionFalse, + Reason: v1alpha1.InstallPlanReasonComponentFailed, + }, + }, + }, + }, + want: want{ + transitioned: newInstallPlanFailedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planFailedCondition(corev1.ConditionTrue, string(v1alpha1.InstallPlanReasonComponentFailed), "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + }, + { + description: "InstallPlanReferencedState/Conditions/Installed/ToInstallPlanInstalledState/Update/RemovesMissingPendingAndFailed", + fields: fields{ + existingObjs: existingObjs{ + clientObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, "", "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }, + }, + }, + namespace: "ns", + state: newInstallPlanReferencedState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + Conditions: []v1alpha1.SubscriptionCondition{ + planMissingCondition(corev1.ConditionTrue, "", "", &earlier), + planPendingCondition(corev1.ConditionTrue, "", "", &earlier), + planFailedCondition(corev1.ConditionTrue, "", "", &earlier), + }, + LastUpdated: earlier, + }, + }), + }, + args: args{ + now: &now, + status: &v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseComplete, + }, + }, + want: want{ + transitioned: newInstallPlanInstalledState(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: "ns", + }, + Status: v1alpha1.SubscriptionStatus{ + LastUpdated: now, + }, + }), + }, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + fakeClient := tt.fields.existingObjs.fakeClientset(t).OperatorsV1alpha1().Subscriptions(tt.fields.namespace) + transitioned, err := tt.fields.state.CheckInstallPlanStatus(tt.args.now, fakeClient, tt.args.status) + require.Equal(t, tt.want.err, err) + require.Equal(t, tt.want.transitioned, transitioned) + + if tt.want.transitioned != nil { + require.Equal(t, tt.want.terminal, transitioned.Terminal()) + + // Ensure the client's view of the subscription matches the typestate's + sub := transitioned.(SubscriptionState).Subscription() + clusterSub, err := fakeClient.Get(sub.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, sub, clusterSub) + } + }) + } +} + +func catalogHealth(namespace, name string, lastUpdated *metav1.Time, healthy bool) v1alpha1.SubscriptionCatalogHealth { + return v1alpha1.SubscriptionCatalogHealth{ + CatalogSourceRef: &corev1.ObjectReference{ + Kind: v1alpha1.CatalogSourceKind, + Namespace: namespace, + Name: name, + UID: types.UID(name), + APIVersion: v1alpha1.CatalogSourceCRDAPIVersion, + }, + LastUpdated: lastUpdated, + Healthy: healthy, + } +} + +func subscriptionCondition(conditionType v1alpha1.SubscriptionConditionType, status corev1.ConditionStatus, reason, message string, time *metav1.Time) v1alpha1.SubscriptionCondition { + return v1alpha1.SubscriptionCondition{ + Type: conditionType, + Status: status, + Reason: reason, + Message: message, + LastTransitionTime: time, + } +} + +func catalogUnhealthyCondition(status corev1.ConditionStatus, reason, message string, time *metav1.Time) v1alpha1.SubscriptionCondition { + return subscriptionCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy, status, reason, message, time) +} + +func planMissingCondition(status corev1.ConditionStatus, reason, message string, time *metav1.Time) v1alpha1.SubscriptionCondition { + return subscriptionCondition(v1alpha1.SubscriptionInstallPlanMissing, status, reason, message, time) +} + +func planFailedCondition(status corev1.ConditionStatus, reason, message string, time *metav1.Time) v1alpha1.SubscriptionCondition { + return subscriptionCondition(v1alpha1.SubscriptionInstallPlanFailed, status, reason, message, time) +} + +func planPendingCondition(status corev1.ConditionStatus, reason, message string, time *metav1.Time) v1alpha1.SubscriptionCondition { + return subscriptionCondition(v1alpha1.SubscriptionInstallPlanPending, status, reason, message, time) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/syncer.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/syncer.go new file mode 100644 index 000000000..9f51011cc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/syncer.go @@ -0,0 +1,241 @@ +package subscription + +import ( + "context" + "fmt" + + "github.com/sirupsen/logrus" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + utilclock "k8s.io/apimachinery/pkg/util/clock" + "k8s.io/client-go/tools/cache" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +var scheme = runtime.NewScheme() + +func init() { + // Register internal types and conversion funcs + install.Install(scheme) +} + +// subscriptionSyncer syncs Subscriptions by invoking its reconciler chain for each Subscription event it receives. +type subscriptionSyncer struct { + logger *logrus.Logger + clock utilclock.Clock + reconcilers kubestate.ReconcilerChain + subscriptionCache cache.Indexer + installPlanLister listers.InstallPlanLister + globalCatalogNamespace string + notify kubestate.NotifyFunc +} + +// now returns the Syncer's current time. +func (s *subscriptionSyncer) now() *metav1.Time { + now := metav1.NewTime(s.clock.Now().UTC()) + return &now +} + +// Sync reconciles Subscription events by invoking a sequence of reconcilers, passing the result of each +// successful reconciliation as an argument to its successor. +func (s *subscriptionSyncer) Sync(ctx context.Context, event kubestate.ResourceEvent) error { + res := &v1alpha1.Subscription{} + if err := scheme.Convert(event.Resource(), res, nil); err != nil { + return err + } + + logger := s.logger.WithFields(logrus.Fields{ + "reconciling": fmt.Sprintf("%T", res), + "selflink": res.GetSelfLink(), + "event": event.Type(), + }) + logger.Info("syncing") + + // Enter initial state based on subscription and event type + // TODO: Consider generalizing initial generic add, update, delete transitions in the kubestate package. + // Possibly make a resource event aware bridge between Sync and reconciler. + initial := NewSubscriptionState(res.DeepCopy()) + switch event.Type() { + case kubestate.ResourceAdded: + initial = initial.Add() + case kubestate.ResourceUpdated: + initial = initial.Update() + case kubestate.ResourceDeleted: + initial = initial.Delete() + } + + reconciled, err := s.reconcilers.Reconcile(ctx, initial) + if err != nil { + logger.WithError(err).Warn("an error was encountered during reconciliation") + return err + } + + logger.WithFields(logrus.Fields{ + "state": fmt.Sprintf("%T", reconciled), + }).Debug("reconciliation successful") + + return nil +} + +func (s *subscriptionSyncer) Notify(event kubestate.ResourceEvent) { + s.notify(event) +} + +// catalogSubscriptionKeys returns the set of explicit subscription keys, cluster-wide, that are possibly affected by catalogs in the given namespace. +func (s *subscriptionSyncer) catalogSubscriptionKeys(namespace string) ([]string, error) { + var keys []string + var err error + if namespace == s.globalCatalogNamespace { + keys = s.subscriptionCache.ListKeys() + } else { + keys, err = s.subscriptionCache.IndexKeys(cache.NamespaceIndex, namespace) + } + + return keys, err +} + +// notifyOnCatalog notifies dependent subscriptions of the change with the given object. +// The given object is assumed to be a CatalogSource, CatalogSource tombstone, or a cache.ExplicitKey. +func (s *subscriptionSyncer) notifyOnCatalog(ctx context.Context, obj interface{}) { + k, err := cache.DeletionHandlingMetaNamespaceKeyFunc(obj) + if err != nil { + s.logger.WithField("resource", obj).Warn("could not unpack key") + return + } + + logger := s.logger.WithField("key", k) + ns, _, err := cache.SplitMetaNamespaceKey(k) + if err != nil { + logger.Warn("could not split meta key") + return + } + + dependentKeys, err := s.catalogSubscriptionKeys(ns) + if err != nil { + logger.Warn("could not retrieve dependent subscriptions") + return + } + + logger = logger.WithField("dependents", len(dependentKeys)) + logger.Trace("notifing dependent subscriptions") + for _, subKey := range dependentKeys { + logger.Tracef("notifying subscription %s", subKey) + s.Notify(kubestate.NewResourceEvent(kubestate.ResourceUpdated, subKey)) + } + logger.Trace("dependent subscriptions notified") +} + +// notifyOnInstallPlan notifies dependent subscriptions of the change with the given object. +// The given object is assumed to be an InstallPlan, InstallPlan tombstone, or a cache.ExplicitKey. +func (s *subscriptionSyncer) notifyOnInstallPlan(ctx context.Context, obj interface{}) { + plan, ok := obj.(*v1alpha1.InstallPlan) + if !ok { + s.logger.WithField("obj", fmt.Sprintf("%v", obj)).Trace("could not cast as installplan directly while notifying subscription syncer") + if tombstone, ok := obj.(cache.DeletedFinalStateUnknown); ok { + if plan, ok = tombstone.Obj.(*v1alpha1.InstallPlan); !ok { + s.logger.WithField("tombstone", tombstone).Warn("could not cast as installplan") + return + } + } else { + k, err := cache.DeletionHandlingMetaNamespaceKeyFunc(obj) + if err != nil { + s.logger.WithField("resource", obj).Warn("could not unpack key") + return + } + logger := s.logger.WithField("key", k) + + ns, name, err := cache.SplitMetaNamespaceKey(k) + if err != nil { + logger.Warn("could not split meta key") + return + } + + if plan, err = s.installPlanLister.InstallPlans(ns).Get(name); err != nil { + logger.WithError(err).Warn("could not get installplan") + return + } + } + } + + logger := s.logger.WithFields(logrus.Fields{ + "namespace": plan.GetNamespace(), + "installplan": plan.GetName(), + }) + + // Notify dependent owner Subscriptions + owners := ownerutil.GetOwnersByKind(plan, v1alpha1.SubscriptionKind) + for _, owner := range owners { + subKey := fmt.Sprintf("%s/%s", plan.GetNamespace(), owner.Name) + logger.Tracef("notifying subscription %s", subKey) + s.Notify(kubestate.NewResourceEvent(kubestate.ResourceUpdated, cache.ExplicitKey(subKey))) + } +} + +func eventHandlers(ctx context.Context, notify func(ctx context.Context, obj interface{})) cache.ResourceEventHandlerFuncs { + return cache.ResourceEventHandlerFuncs{ + AddFunc: func(obj interface{}) { + notify(ctx, obj) + }, + UpdateFunc: func(oldObj, newObj interface{}) { + notify(ctx, newObj) + }, + DeleteFunc: func(obj interface{}) { + notify(ctx, obj) + }, + } +} + +// NewSyncer returns a syncer that syncs Subscription resources. +func NewSyncer(ctx context.Context, options ...SyncerOption) (kubestate.Syncer, error) { + config := defaultSyncerConfig() + config.apply(options) + + return newSyncerWithConfig(ctx, config) +} + +func newSyncerWithConfig(ctx context.Context, config *syncerConfig) (kubestate.Syncer, error) { + if err := config.validate(); err != nil { + return nil, err + } + + s := &subscriptionSyncer{ + logger: config.logger, + clock: config.clock, + reconcilers: config.reconcilers, + subscriptionCache: config.subscriptionInformer.GetIndexer(), + installPlanLister: config.lister.OperatorsV1alpha1().InstallPlanLister(), + notify: func(event kubestate.ResourceEvent) { + // Notify Subscriptions by enqueuing to the Subscription queue. + config.subscriptionQueue.Add(event) + }, + } + + // Build a reconciler chain from the default and configured reconcilers + // Default reconcilers should always come first in the chain + defaultReconcilers := kubestate.ReconcilerChain{ + &installPlanReconciler{ + now: s.now, + client: config.client, + installPlanLister: config.lister.OperatorsV1alpha1().InstallPlanLister(), + }, + &catalogHealthReconciler{ + now: s.now, + client: config.client, + catalogLister: config.lister.OperatorsV1alpha1().CatalogSourceLister(), + registryReconcilerFactory: config.registryReconcilerFactory, + globalCatalogNamespace: config.globalCatalogNamespace, + }, + } + s.reconcilers = append(defaultReconcilers, s.reconcilers...) + + // Add dependency notifications + config.installPlanInformer.AddEventHandler(eventHandlers(ctx, s.notifyOnInstallPlan)) + config.catalogInformer.AddEventHandler(eventHandlers(ctx, s.notifyOnCatalog)) + + return s, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/syncer_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/syncer_test.go new file mode 100644 index 000000000..534b656ad --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscription/syncer_test.go @@ -0,0 +1,78 @@ +package subscription + +import ( + "context" + "testing" + + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/require" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" +) + +func TestSync(t *testing.T) { + type fields struct { + syncer kubestate.Syncer + } + type args struct { + event kubestate.ResourceEvent + } + type want struct { + err error + subscriptions []v1alpha1.Subscription + } + + tests := []struct { + description string + fields fields + args args + want want + }{ + { + description: "v1alpha1/OK", + fields: fields{ + syncer: &subscriptionSyncer{ + logger: logrus.New(), + }, + }, + args: args{ + event: kubestate.NewResourceEvent( + kubestate.ResourceAdded, + &v1alpha1.Subscription{}, + ), + }, + want: want{ + err: nil, + }, + }, + { + description: "internalversion/OK", + fields: fields{ + syncer: &subscriptionSyncer{ + logger: logrus.New(), + }, + }, + args: args{ + event: kubestate.NewResourceEvent( + kubestate.ResourceAdded, + &operators.Subscription{}, + ), + }, + want: want{ + err: nil, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + + require.Equal(t, tt.fields.syncer.Sync(ctx, tt.args.event), tt.want.err) + }) + } + +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscriptions.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscriptions.go new file mode 100644 index 000000000..8cea6b8be --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscriptions.go @@ -0,0 +1,51 @@ +package catalog + +import ( + "errors" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" +) + +var ( + ErrNilSubscription = errors.New("invalid Subscription object: ") +) + +const ( + PackageLabel = "olm.package" + CatalogLabel = "olm.catalog" + CatalogNamespaceLabel = "olm.catalog.namespace" + ChannelLabel = "olm.channel" +) + +func labelsForSubscription(sub *v1alpha1.Subscription) map[string]string { + return map[string]string{ + PackageLabel: sub.Spec.Package, + CatalogLabel: sub.Spec.CatalogSource, + CatalogNamespaceLabel: sub.Spec.CatalogSourceNamespace, + ChannelLabel: sub.Spec.Channel, + } +} + +// TODO remove this once UI no longer needs them +func legacyLabelsForSubscription(sub *v1alpha1.Subscription) map[string]string { + return map[string]string{ + "alm-package": sub.Spec.Package, + "alm-catalog": sub.Spec.CatalogSource, + "alm-channel": sub.Spec.Channel, + } +} + +func ensureLabels(sub *v1alpha1.Subscription) *v1alpha1.Subscription { + labels := sub.GetLabels() + if labels == nil { + labels = map[string]string{} + } + for k, v := range labelsForSubscription(sub) { + labels[k] = v + } + for k, v := range legacyLabelsForSubscription(sub) { + labels[k] = v + } + sub.SetLabels(labels) + return sub +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscriptions_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscriptions_test.go new file mode 100644 index 000000000..bcbbe3d92 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog/subscriptions_test.go @@ -0,0 +1,694 @@ +package catalog + +import ( + "context" + "fmt" + "testing" + "time" + + "github.com/stretchr/testify/require" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + utilclock "k8s.io/apimachinery/pkg/util/clock" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + "github.com/operator-framework/operator-lifecycle-manager/pkg/fakes" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake" +) + +func TestSyncSubscriptions(t *testing.T) { + clockFake := utilclock.NewFakeClock(time.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC)) + now := metav1.NewTime(clockFake.Now()) + testNamespace := "testNamespace" + + type fields struct { + clientOptions []clientfake.Option + sourcesLastUpdate metav1.Time + resolveSteps []*v1alpha1.Step + resolveSubs []*v1alpha1.Subscription + resolveErr error + existingOLMObjs []runtime.Object + existingObjects []runtime.Object + } + type args struct { + obj interface{} + } + tests := []struct { + name string + fields fields + args args + wantErr error + wantInstallPlan *v1alpha1.InstallPlan + wantSubscriptions []*v1alpha1.Subscription + }{ + { + name: "BadObject", + args: args{ + obj: &v1alpha1.ClusterServiceVersion{}, + }, + wantErr: fmt.Errorf("casting Subscription failed"), + }, + { + name: "NoStatus/NoCurrentCSV/MissingCatalogSourceNamespace", + fields: fields{ + clientOptions: []clientfake.Option{clientfake.WithSelfLinks(t)}, + existingOLMObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + resolveSteps: []*v1alpha1.Step{ + { + Resolving: "csv.v.1", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.1", + Manifest: "{}", + }, + }, + }, + resolveSubs: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.1", + State: "SubscriptionStateAtLatest", + }, + }, + }, + }, + args: args{ + obj: &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + wantSubscriptions: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.1", + State: v1alpha1.SubscriptionStateUpgradePending, + Install: &v1alpha1.InstallPlanReference{ + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + InstallPlanRef: &v1.ObjectReference{ + Namespace: testNamespace, + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + LastUpdated: now, + }, + }, + }, + wantInstallPlan: &v1alpha1.InstallPlan{ + Spec: v1alpha1.InstallPlanSpec{ + ClusterServiceVersionNames: []string{ + "csv.v.1", + }, + Approval: v1alpha1.ApprovalAutomatic, + Approved: true, + }, + Status: v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + CatalogSources: []string{ + "src", + }, + Plan: []*v1alpha1.Step{ + { + Resolving: "csv.v.1", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.1", + Manifest: "{}", + }, + }, + }, + }, + }, + }, + { + name: "NoStatus/NoCurrentCSV/FoundInCatalog", + fields: fields{ + clientOptions: []clientfake.Option{clientfake.WithSelfLinks(t)}, + existingOLMObjs: []runtime.Object{ + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + resolveSteps: []*v1alpha1.Step{ + { + Resolving: "csv.v.1", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.1", + Manifest: "{}", + }, + }, + }, + resolveSubs: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.1", + State: "SubscriptionStateAtLatest", + }, + }, + }, + }, + args: args{ + obj: &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + wantSubscriptions: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.1", + State: v1alpha1.SubscriptionStateUpgradePending, + Install: &v1alpha1.InstallPlanReference{ + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + InstallPlanRef: &v1.ObjectReference{ + Namespace: testNamespace, + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + LastUpdated: now, + }, + }, + }, + wantInstallPlan: &v1alpha1.InstallPlan{ + Spec: v1alpha1.InstallPlanSpec{ + ClusterServiceVersionNames: []string{ + "csv.v.1", + }, + Approval: v1alpha1.ApprovalAutomatic, + Approved: true, + }, + Status: v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + CatalogSources: []string{ + "src", + }, + Plan: []*v1alpha1.Step{ + { + Resolving: "csv.v.1", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.1", + Manifest: "{}", + }, + }, + }, + }, + }, + }, + { + name: "Status/HaveCurrentCSV/UpdateFoundInCatalog", + fields: fields{ + clientOptions: []clientfake.Option{clientfake.WithSelfLinks(t)}, + existingOLMObjs: []runtime.Object{ + &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "csv.v.1", + Namespace: testNamespace, + }, + Status: v1alpha1.ClusterServiceVersionStatus{ + Phase: v1alpha1.CSVPhaseSucceeded, + }, + }, + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + resolveSteps: []*v1alpha1.Step{ + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.2", + Manifest: "{}", + }, + }, + }, + resolveSubs: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.2", + State: "SubscriptionStateAtLatest", + }, + }, + }, + }, + args: args{ + obj: &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + wantSubscriptions: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.2", + State: v1alpha1.SubscriptionStateUpgradePending, + Install: &v1alpha1.InstallPlanReference{ + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + InstallPlanRef: &v1.ObjectReference{ + Namespace: testNamespace, + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + LastUpdated: now, + }, + }, + }, + wantInstallPlan: &v1alpha1.InstallPlan{ + Spec: v1alpha1.InstallPlanSpec{ + ClusterServiceVersionNames: []string{ + "csv.v.2", + }, + Approval: v1alpha1.ApprovalAutomatic, + Approved: true, + }, + Status: v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + CatalogSources: []string{ + "src", + }, + Plan: []*v1alpha1.Step{ + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.2", + Manifest: "{}", + }, + }, + }, + }, + }, + }, + { + name: "Status/HaveCurrentCSV/UpdateFoundInCatalog/UpdateRequiresDependency", + fields: fields{ + clientOptions: []clientfake.Option{clientfake.WithSelfLinks(t)}, + existingOLMObjs: []runtime.Object{ + &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "csv.v.1", + Namespace: testNamespace, + }, + Status: v1alpha1.ClusterServiceVersionStatus{ + Phase: v1alpha1.CSVPhaseSucceeded, + }, + }, + &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + resolveSteps: []*v1alpha1.Step{ + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.2", + Manifest: "{}", + }, + }, + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "dep.v.1", + Manifest: "{}", + }, + }, + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.SubscriptionKind, + Name: "sub-dep", + Manifest: "{}", + }, + }, + }, + resolveSubs: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.2", + State: "SubscriptionStateAtLatest", + }, + }, + }, + }, + args: args{ + obj: &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "", + State: "", + }, + }, + }, + wantSubscriptions: []*v1alpha1.Subscription{ + { + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "sub", + Namespace: testNamespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: "csv.v.2", + State: v1alpha1.SubscriptionStateUpgradePending, + Install: &v1alpha1.InstallPlanReference{ + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + InstallPlanRef: &v1.ObjectReference{ + Namespace: testNamespace, + Kind: v1alpha1.InstallPlanKind, + APIVersion: v1alpha1.InstallPlanAPIVersion, + }, + LastUpdated: now, + }, + }, + }, + wantInstallPlan: &v1alpha1.InstallPlan{ + Spec: v1alpha1.InstallPlanSpec{ + ClusterServiceVersionNames: []string{ + "csv.v.2", + "dep.v.1", + }, + Approval: v1alpha1.ApprovalAutomatic, + Approved: true, + }, + Status: v1alpha1.InstallPlanStatus{ + Phase: v1alpha1.InstallPlanPhaseInstalling, + CatalogSources: []string{ + "src", + }, + Plan: []*v1alpha1.Step{ + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "csv.v.2", + Manifest: "{}", + }, + }, + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + Name: "dep.v.1", + Manifest: "{}", + }, + }, + { + Resolving: "csv.v.2", + Resource: v1alpha1.StepResource{ + CatalogSource: "src", + CatalogSourceNamespace: testNamespace, + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.SubscriptionKind, + Name: "sub-dep", + Manifest: "{}", + }, + }, + }, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // Create test operator + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + + o, err := NewFakeOperator(ctx, testNamespace, []string{testNamespace}, withClock(clockFake), withClientObjs(tt.fields.existingOLMObjs...), withK8sObjs(tt.fields.existingObjects...), withFakeClientOptions(tt.fields.clientOptions...)) + require.NoError(t, err) + + o.reconciler = &fakes.FakeRegistryReconcilerFactory{ + ReconcilerForSourceStub: func(source *v1alpha1.CatalogSource) reconciler.RegistryReconciler { + return &fakes.FakeRegistryReconciler{ + EnsureRegistryServerStub: func(source *v1alpha1.CatalogSource) error { + return nil + }, + } + }, + } + + o.sourcesLastUpdate = tt.fields.sourcesLastUpdate + o.resolver = &fakes.FakeResolver{ + ResolveStepsStub: func(string, resolver.SourceQuerier) ([]*v1alpha1.Step, []*v1alpha1.Subscription, error) { + return tt.fields.resolveSteps, tt.fields.resolveSubs, tt.fields.resolveErr + }, + } + + namespace := &v1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: testNamespace, + }, + } + if err := o.syncSubscriptions(tt.args.obj); err != nil { + require.Equal(t, tt.wantErr, err) + } else { + require.Equal(t, tt.wantErr, o.syncResolvingNamespace(namespace)) + } + + for _, s := range tt.wantSubscriptions { + fetched, err := o.client.OperatorsV1alpha1().Subscriptions(testNamespace).Get(s.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, s, fetched) + } + if tt.wantInstallPlan != nil { + installPlans, err := o.client.OperatorsV1alpha1().InstallPlans(testNamespace).List(metav1.ListOptions{}) + require.NoError(t, err) + require.Equal(t, 1, len(installPlans.Items)) + ip := installPlans.Items[0] + require.Equal(t, tt.wantInstallPlan.Spec, ip.Spec) + require.Equal(t, tt.wantInstallPlan.Status, ip.Status) + } + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/apiservices.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/apiservices.go new file mode 100644 index 000000000..11a6a0ae1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/apiservices.go @@ -0,0 +1,761 @@ +package olm + +import ( + "fmt" + "strings" + "time" + + log "github.com/sirupsen/logrus" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + utilerrors "k8s.io/apimachinery/pkg/util/errors" + "k8s.io/apimachinery/pkg/util/intstr" + apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/certs" + olmerrors "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +const ( + // DefaultCertMinFresh is the default min-fresh value - 1 day + DefaultCertMinFresh = time.Hour * 24 + // DefaultCertValidFor is the default duration a cert can be valid for - 2 years + DefaultCertValidFor = time.Hour * 24 * 730 + // OLMCAHashAnnotationKey is the label key used to store the hash of the CA cert + OLMCAHashAnnotationKey = "olmcahash" + // Organization is the organization name used in the generation of x509 certs + Organization = "Red Hat, Inc." +) + +func (a *Operator) shouldRotateCerts(csv *v1alpha1.ClusterServiceVersion) bool { + now := metav1.Now() + if !csv.Status.CertsRotateAt.IsZero() && csv.Status.CertsRotateAt.Before(&now) { + return true + } + + return false +} + +// apiServiceResourceErrorActionable returns true if OLM can do something about any one +// of the apiService errors in errs; otherwise returns false +// +// This method can be used to determine if a CSV in a failed state due to APIService +// issues can resolve them by reinstalling +func (a *Operator) apiServiceResourceErrorActionable(err error) bool { + filtered := utilerrors.FilterOut(err, func(e error) bool { + _, unadoptable := e.(olmerrors.UnadoptableError) + return !unadoptable + }) + actionable := filtered == nil + + return actionable +} + +// checkAPIServiceResources checks if all expected generated resources for the given APIService exist +func (a *Operator) checkAPIServiceResources(csv *v1alpha1.ClusterServiceVersion, hashFunc certs.PEMHash) error { + logger := log.WithFields(log.Fields{ + "csv": csv.GetName(), + "namespace": csv.GetNamespace(), + }) + + errs := []error{} + owners := []ownerutil.Owner{csv} + + // Get replacing CSV if exists + replacing, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(csv.GetNamespace()).Get(csv.Spec.Replaces) + if err != nil && !k8serrors.IsNotFound(err) { + logger.WithError(err).Warn("could not get replacement csv") + return err + } + if replacing != nil { + owners = append(owners, replacing) + } + + ruleChecker := install.NewCSVRuleChecker(a.lister.RbacV1().RoleLister(), a.lister.RbacV1().RoleBindingLister(), a.lister.RbacV1().ClusterRoleLister(), a.lister.RbacV1().ClusterRoleBindingLister(), csv) + for _, desc := range csv.GetOwnedAPIServiceDescriptions() { + apiServiceName := desc.GetName() + logger := logger.WithFields(log.Fields{ + "apiservice": apiServiceName, + }) + + apiService, err := a.lister.APIRegistrationV1().APIServiceLister().Get(apiServiceName) + if err != nil { + logger.Warnf("could not retrieve generated APIService") + errs = append(errs, err) + continue + } + + // Check if the APIService is adoptable + if !ownerutil.AdoptableLabels(apiService.GetLabels(), true, owners...) { + logger.WithFields(log.Fields{"obj": "apiService", "labels": apiService.GetLabels()}).Debug("adoption failed") + err := olmerrors.NewUnadoptableError("", apiServiceName) + logger.WithError(err).Warn("found unadoptable apiservice") + errs = append(errs, err) + return utilerrors.NewAggregate(errs) + } + + serviceName := APIServiceNameToServiceName(apiServiceName) + service, err := a.lister.CoreV1().ServiceLister().Services(csv.GetNamespace()).Get(serviceName) + if err != nil { + logger.WithField("service", serviceName).Warnf("could not retrieve generated Service") + errs = append(errs, err) + continue + } + + // Check if the APIService points to the correct service + if apiService.Spec.Service.Name != serviceName || apiService.Spec.Service.Namespace != csv.GetNamespace() { + logger.WithFields(log.Fields{"service": apiService.Spec.Service.Name, "serviceNamespace": apiService.Spec.Service.Namespace}).Warnf("APIService service reference mismatch") + errs = append(errs, fmt.Errorf("APIService service reference mismatch")) + continue + } + + // Check if CA is Active + caBundle := apiService.Spec.CABundle + ca, err := certs.PEMToCert(caBundle) + if err != nil { + logger.Warnf("could not convert APIService CA bundle to x509 cert") + errs = append(errs, err) + continue + } + if !certs.Active(ca) { + logger.Warnf("CA cert not active") + errs = append(errs, fmt.Errorf("CA cert not active")) + continue + } + + // Check if serving cert is active + secretName := apiServiceName + "-cert" + secret, err := a.lister.CoreV1().SecretLister().Secrets(csv.GetNamespace()).Get(secretName) + if err != nil { + logger.WithField("secret", secretName).Warnf("could not retrieve generated Secret") + errs = append(errs, err) + continue + } + cert, err := certs.PEMToCert(secret.Data["tls.crt"]) + if err != nil { + logger.Warnf("could not convert serving cert to x509 cert") + errs = append(errs, err) + continue + } + if !certs.Active(cert) { + logger.Warnf("serving cert not active") + errs = append(errs, fmt.Errorf("serving cert not active")) + continue + } + + // Check if CA hash matches expected + caHash := hashFunc(caBundle) + if hash, ok := secret.GetAnnotations()[OLMCAHashAnnotationKey]; !ok || hash != caHash { + logger.WithField("secret", secretName).Warnf("secret CA cert hash does not match expected") + errs = append(errs, fmt.Errorf("secret %s CA cert hash does not match expected", secretName)) + continue + } + + // Check if serving cert is trusted by the CA + hosts := []string{ + fmt.Sprintf("%s.%s", service.GetName(), csv.GetNamespace()), + fmt.Sprintf("%s.%s.svc", service.GetName(), csv.GetNamespace()), + } + for _, host := range hosts { + if err := certs.VerifyCert(ca, cert, host); err != nil { + errs = append(errs, fmt.Errorf("could not verify cert: %s", err.Error())) + continue + } + } + + // Ensure the existing Deployment has a matching CA hash annotation + deployment, err := a.lister.AppsV1().DeploymentLister().Deployments(csv.GetNamespace()).Get(desc.DeploymentName) + if k8serrors.IsNotFound(err) || err != nil { + logger.WithField("deployment", desc.DeploymentName).Warnf("expected Deployment could not be retrieved") + errs = append(errs, err) + continue + } + if hash, ok := deployment.Spec.Template.GetAnnotations()[OLMCAHashAnnotationKey]; !ok || hash != caHash { + logger.WithField("deployment", desc.DeploymentName).Warnf("Deployment CA cert hash does not match expected") + errs = append(errs, fmt.Errorf("Deployment %s CA cert hash does not match expected", desc.DeploymentName)) + continue + } + + // Ensure the Deployment's ServiceAccount exists + serviceAccountName := deployment.Spec.Template.Spec.ServiceAccountName + if serviceAccountName == "" { + serviceAccountName = "default" + } + serviceAccount, err := a.lister.CoreV1().ServiceAccountLister().ServiceAccounts(deployment.GetNamespace()).Get(serviceAccountName) + if err != nil { + logger.WithField("serviceaccount", serviceAccountName).Warnf("could not retrieve ServiceAccount") + errs = append(errs, err) + continue + } + + // Ensure RBAC permissions for the APIService are correct + rulesMap := map[string][]rbacv1.PolicyRule{ + // Serving cert Secret Rule + csv.GetNamespace(): { + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{secret.GetName()}, + }, + }, + "kube-system": {}, + metav1.NamespaceAll: {}, + } + + // extension-apiserver-authentication-reader + authReaderRole, err := a.lister.RbacV1().RoleLister().Roles("kube-system").Get("extension-apiserver-authentication-reader") + if err != nil { + logger.Warnf("could not retrieve Role extension-apiserver-authentication-reader") + errs = append(errs, err) + continue + } + rulesMap["kube-system"] = append(rulesMap["kube-system"], authReaderRole.Rules...) + + // system:auth-delegator + authDelegatorClusterRole, err := a.lister.RbacV1().ClusterRoleLister().Get("system:auth-delegator") + if err != nil { + logger.Warnf("could not retrieve ClusterRole system:auth-delegator") + errs = append(errs, err) + continue + } + rulesMap[metav1.NamespaceAll] = append(rulesMap[metav1.NamespaceAll], authDelegatorClusterRole.Rules...) + + for namespace, rules := range rulesMap { + for _, rule := range rules { + satisfied, err := ruleChecker.RuleSatisfied(serviceAccount, namespace, rule) + if err != nil { + logger.WithField("rule", fmt.Sprintf("%+v", rule)).Warnf("error checking Rule") + errs = append(errs, err) + continue + } + if !satisfied { + logger.WithField("rule", fmt.Sprintf("%+v", rule)).Warnf("Rule not satisfied") + errs = append(errs, fmt.Errorf("Rule %+v not satisfied", rule)) + continue + } + } + } + } + + return utilerrors.NewAggregate(errs) +} + +func (a *Operator) isAPIServiceAvailable(apiService *apiregistrationv1.APIService) bool { + for _, c := range apiService.Status.Conditions { + if c.Type == apiregistrationv1.Available && c.Status == apiregistrationv1.ConditionTrue { + return true + } + } + return false +} + +func (a *Operator) areAPIServicesAvailable(csv *v1alpha1.ClusterServiceVersion) (bool, error) { + for _, desc := range csv.Spec.APIServiceDefinitions.Owned { + apiService, err := a.lister.APIRegistrationV1().APIServiceLister().Get(desc.GetName()) + if k8serrors.IsNotFound(err) { + return false, nil + } + + if err != nil { + return false, err + } + + if !a.isAPIServiceAvailable(apiService) { + return false, nil + } + + if err := a.isGVKRegistered(desc.Group, desc.Version, desc.Kind); err != nil { + return false, nil + } + } + + return true, nil +} + +func (a *Operator) installOwnedAPIServiceRequirements(csv *v1alpha1.ClusterServiceVersion, strategy install.Strategy) (install.Strategy, error) { + logger := log.WithFields(log.Fields{ + "csv": csv.GetName(), + "namespace": csv.GetNamespace(), + }) + + // Assume the strategy is for a deployment + strategyDetailsDeployment, ok := strategy.(*install.StrategyDetailsDeployment) + if !ok { + return nil, fmt.Errorf("unsupported InstallStrategy type") + } + + // Return early if there are no owned APIServices + if len(csv.Spec.APIServiceDefinitions.Owned) == 0 { + return strategyDetailsDeployment, nil + } + + // Create the CA + expiration := time.Now().Add(DefaultCertValidFor) + ca, err := certs.GenerateCA(expiration, Organization) + if err != nil { + logger.Debug("failed to generate CA") + return nil, err + } + rotateAt := expiration.Add(-1 * DefaultCertMinFresh) + + depSpecs := make(map[string]appsv1.DeploymentSpec) + for _, sddSpec := range strategyDetailsDeployment.DeploymentSpecs { + depSpecs[sddSpec.Name] = sddSpec.Spec + } + + // Create all resources required, and update the matching DeploymentSpec's Volume and VolumeMounts + apiDescs := csv.GetOwnedAPIServiceDescriptions() + for _, desc := range apiDescs { + depSpec, ok := depSpecs[desc.DeploymentName] + if !ok { + return nil, fmt.Errorf("StrategyDetailsDeployment missing deployment %s for owned APIService %s", desc.DeploymentName, fmt.Sprintf("%s.%s", desc.Version, desc.Group)) + } + + newDepSpec, err := a.installAPIServiceRequirements(desc, ca, rotateAt, depSpec, csv) + if err != nil { + return nil, err + } + depSpecs[desc.DeploymentName] = *newDepSpec + } + + // Replace all matching DeploymentSpecs in the strategy + for i, sddSpec := range strategyDetailsDeployment.DeploymentSpecs { + if depSpec, ok := depSpecs[sddSpec.Name]; ok { + strategyDetailsDeployment.DeploymentSpecs[i].Spec = depSpec + } + } + + // Set CSV cert status + csv.Status.CertsLastUpdated = metav1.Now() + csv.Status.CertsRotateAt = metav1.NewTime(rotateAt) + + return strategyDetailsDeployment, nil +} + +func (a *Operator) installAPIServiceRequirements(desc v1alpha1.APIServiceDescription, ca *certs.KeyPair, rotateAt time.Time, depSpec appsv1.DeploymentSpec, csv *v1alpha1.ClusterServiceVersion) (*appsv1.DeploymentSpec, error) { + apiServiceName := fmt.Sprintf("%s.%s", desc.Version, desc.Group) + logger := log.WithFields(log.Fields{ + "csv": csv.GetName(), + "namespace": csv.GetNamespace(), + "apiservice": apiServiceName, + }) + + // Create a service for the deployment + containerPort := 443 + if desc.ContainerPort > 0 { + containerPort = int(desc.ContainerPort) + } + service := &corev1.Service{ + Spec: corev1.ServiceSpec{ + Ports: []corev1.ServicePort{ + { + Port: int32(443), + TargetPort: intstr.FromInt(containerPort), + }, + }, + Selector: depSpec.Selector.MatchLabels, + }, + } + service.SetName(APIServiceNameToServiceName(apiServiceName)) + service.SetNamespace(csv.GetNamespace()) + ownerutil.AddNonBlockingOwner(service, csv) + + existingService, err := a.lister.CoreV1().ServiceLister().Services(csv.GetNamespace()).Get(service.GetName()) + if err == nil { + if !ownerutil.Adoptable(csv, existingService.GetOwnerReferences()) { + return nil, fmt.Errorf("service %s not safe to replace: extraneous ownerreferences found", service.GetName()) + } + service.SetOwnerReferences(append(service.GetOwnerReferences(), existingService.GetOwnerReferences()...)) + + // Delete the Service to replace + deleteErr := a.opClient.DeleteService(service.GetNamespace(), service.GetName(), &metav1.DeleteOptions{}) + if err != nil && !k8serrors.IsNotFound(deleteErr) { + return nil, fmt.Errorf("could not delete existing service %s", service.GetName()) + } + } + + // Attempt to create the Service + _, err = a.opClient.CreateService(service) + if err != nil { + logger.Warnf("could not create service %s", service.GetName()) + return nil, fmt.Errorf("could not create service %s: %s", service.GetName(), err.Error()) + } + + // Create signed serving cert + hosts := []string{ + fmt.Sprintf("%s.%s", service.GetName(), csv.GetNamespace()), + fmt.Sprintf("%s.%s.svc", service.GetName(), csv.GetNamespace()), + } + servingPair, err := certs.CreateSignedServingPair(rotateAt, Organization, ca, hosts) + if err != nil { + logger.Warnf("could not generate signed certs for hosts %v", hosts) + return nil, err + } + + // Create Secret for serving cert + certPEM, privPEM, err := servingPair.ToPEM() + if err != nil { + logger.Warnf("unable to convert serving certificate and private key to PEM format for APIService %s", apiServiceName) + return nil, err + } + + secret := &corev1.Secret{ + Data: map[string][]byte{ + "tls.crt": certPEM, + "tls.key": privPEM, + }, + Type: corev1.SecretTypeTLS, + } + secret.SetName(apiServiceName + "-cert") + secret.SetNamespace(csv.GetNamespace()) + + // Add olmcasha hash as a label to the + caPEM, _, err := ca.ToPEM() + if err != nil { + logger.Warnf("unable to convert CA certificate to PEM format for APIService %s", apiServiceName) + return nil, err + } + caHash := certs.PEMSHA256(caPEM) + secret.SetAnnotations(map[string]string{OLMCAHashAnnotationKey: caHash}) + + existingSecret, err := a.lister.CoreV1().SecretLister().Secrets(csv.GetNamespace()).Get(secret.GetName()) + if err == nil { + // Check if the only owners are this CSV or in this CSV's replacement chain + if ownerutil.Adoptable(csv, existingSecret.GetOwnerReferences()) { + ownerutil.AddNonBlockingOwner(secret, csv) + } + + // Attempt an update + if _, err := a.opClient.UpdateSecret(secret); err != nil { + logger.Warnf("could not update secret %s", secret.GetName()) + return nil, err + } + } else if k8serrors.IsNotFound(err) { + // Create the secret + ownerutil.AddNonBlockingOwner(secret, csv) + _, err = a.opClient.CreateSecret(secret) + if err != nil { + log.Warnf("could not create secret %s", secret.GetName()) + return nil, err + } + } else { + return nil, err + } + + // create Role and RoleBinding to allow the deployment to mount the Secret + secretRole := &rbacv1.Role{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{secret.GetName()}, + }, + }, + } + secretRole.SetName(secret.GetName()) + secretRole.SetNamespace(csv.GetNamespace()) + + existingSecretRole, err := a.lister.RbacV1().RoleLister().Roles(csv.GetNamespace()).Get(secretRole.GetName()) + if err == nil { + // Check if the only owners are this CSV or in this CSV's replacement chain + if ownerutil.Adoptable(csv, existingSecretRole.GetOwnerReferences()) { + ownerutil.AddNonBlockingOwner(secretRole, csv) + } + + // Attempt an update + if _, err := a.opClient.UpdateRole(secretRole); err != nil { + logger.Warnf("could not update secret role %s", secretRole.GetName()) + return nil, err + } + } else if k8serrors.IsNotFound(err) { + // Create the role + ownerutil.AddNonBlockingOwner(secretRole, csv) + _, err = a.opClient.CreateRole(secretRole) + if err != nil { + log.Warnf("could not create secret role %s", secretRole.GetName()) + return nil, err + } + } else { + return nil, err + } + + if depSpec.Template.Spec.ServiceAccountName == "" { + depSpec.Template.Spec.ServiceAccountName = "default" + } + + secretRoleBinding := &rbacv1.RoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: depSpec.Template.Spec.ServiceAccountName, + Namespace: csv.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: secretRole.GetName(), + }, + } + secretRoleBinding.SetName(secret.GetName()) + secretRoleBinding.SetNamespace(csv.GetNamespace()) + + existingSecretRoleBinding, err := a.lister.RbacV1().RoleBindingLister().RoleBindings(csv.GetNamespace()).Get(secretRoleBinding.GetName()) + if err == nil { + // Check if the only owners are this CSV or in this CSV's replacement chain + if ownerutil.Adoptable(csv, existingSecretRoleBinding.GetOwnerReferences()) { + ownerutil.AddNonBlockingOwner(secretRoleBinding, csv) + } + + // Attempt an update + if _, err := a.opClient.UpdateRoleBinding(secretRoleBinding); err != nil { + logger.Warnf("could not update secret rolebinding %s", secretRoleBinding.GetName()) + return nil, err + } + } else if k8serrors.IsNotFound(err) { + // Create the role + ownerutil.AddNonBlockingOwner(secretRoleBinding, csv) + _, err = a.opClient.CreateRoleBinding(secretRoleBinding) + if err != nil { + log.Warnf("could not create secret rolebinding with dep spec: %+v", depSpec) + return nil, err + } + } else { + return nil, err + } + + // create ClusterRoleBinding to system:auth-delegator Role + authDelegatorClusterRoleBinding := &rbacv1.ClusterRoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: depSpec.Template.Spec.ServiceAccountName, + Namespace: csv.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: "system:auth-delegator", + }, + } + authDelegatorClusterRoleBinding.SetName(apiServiceName + "-system:auth-delegator") + + existingAuthDelegatorClusterRoleBinding, err := a.lister.RbacV1().ClusterRoleBindingLister().Get(authDelegatorClusterRoleBinding.GetName()) + if err == nil { + // Check if the only owners are this CSV or in this CSV's replacement chain. + if ownerutil.AdoptableLabels(existingAuthDelegatorClusterRoleBinding.GetLabels(), true, csv) { + logger.WithFields(log.Fields{"obj": "authDelegatorCRB", "labels": existingAuthDelegatorClusterRoleBinding.GetLabels()}).Debug("adopting") + if err := ownerutil.AddOwnerLabels(authDelegatorClusterRoleBinding, csv); err != nil { + return nil, err + } + } + + // Attempt an update. + if _, err := a.opClient.UpdateClusterRoleBinding(authDelegatorClusterRoleBinding); err != nil { + logger.Warnf("could not update auth delegator clusterrolebinding %s", authDelegatorClusterRoleBinding.GetName()) + return nil, err + } + } else if k8serrors.IsNotFound(err) { + // Create the role. + if err := ownerutil.AddOwnerLabels(authDelegatorClusterRoleBinding, csv); err != nil { + return nil, err + } + _, err = a.opClient.CreateClusterRoleBinding(authDelegatorClusterRoleBinding) + if err != nil { + log.Warnf("could not create auth delegator clusterrolebinding %s", authDelegatorClusterRoleBinding.GetName()) + return nil, err + } + } else { + return nil, err + } + + // Create RoleBinding to extension-apiserver-authentication-reader Role in the kube-system namespace. + authReaderRoleBinding := &rbacv1.RoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: depSpec.Template.Spec.ServiceAccountName, + Namespace: csv.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "extension-apiserver-authentication-reader", + }, + } + authReaderRoleBinding.SetName(apiServiceName + "-auth-reader") + authReaderRoleBinding.SetNamespace("kube-system") + + existingAuthReaderRoleBinding, err := a.lister.RbacV1().RoleBindingLister().RoleBindings("kube-system").Get(authReaderRoleBinding.GetName()) + if err == nil { + // Check if the only owners are this CSV or in this CSV's replacement chain. + if ownerutil.AdoptableLabels(existingAuthReaderRoleBinding.GetLabels(), true, csv) { + logger.WithFields(log.Fields{"obj": "existingAuthReaderRB", "labels": existingAuthReaderRoleBinding.GetLabels()}).Debug("adopting") + if err := ownerutil.AddOwnerLabels(authReaderRoleBinding, csv); err != nil { + return nil, err + } + } + // Attempt an update. + if _, err := a.opClient.UpdateRoleBinding(authReaderRoleBinding); err != nil { + logger.Warnf("could not update auth reader role binding %s", authReaderRoleBinding.GetName()) + return nil, err + } + } else if k8serrors.IsNotFound(err) { + // Create the role. + if err := ownerutil.AddOwnerLabels(authReaderRoleBinding, csv); err != nil { + return nil, err + } + _, err = a.opClient.CreateRoleBinding(authReaderRoleBinding) + if err != nil { + log.Warnf("could not create auth reader role binding %s", authReaderRoleBinding.GetName()) + return nil, err + } + } else { + return nil, err + } + + // Update deployment with secret volume mount. + volume := corev1.Volume{ + Name: "apiservice-cert", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: secret.GetName(), + Items: []corev1.KeyToPath{ + { + Key: "tls.crt", + Path: "apiserver.crt", + }, + { + Key: "tls.key", + Path: "apiserver.key", + }, + }, + }, + }, + } + + replaced := false + for i, v := range depSpec.Template.Spec.Volumes { + if v.Name == volume.Name { + depSpec.Template.Spec.Volumes[i] = volume + replaced = true + break + } + } + if !replaced { + depSpec.Template.Spec.Volumes = append(depSpec.Template.Spec.Volumes, volume) + } + + mount := corev1.VolumeMount{ + Name: volume.Name, + MountPath: "/apiserver.local.config/certificates", + } + for i, container := range depSpec.Template.Spec.Containers { + found := false + for j, m := range container.VolumeMounts { + if m.Name == mount.Name { + found = true + break + } + + // Replace if mounting to the same location. + if m.MountPath == mount.MountPath { + container.VolumeMounts[j] = mount + found = true + break + } + } + if !found { + container.VolumeMounts = append(container.VolumeMounts, mount) + } + + depSpec.Template.Spec.Containers[i] = container + } + + // Setting the olm hash label forces a rollout and ensures that the new secret + // is used by the apiserver if not hot reloading. + depSpec.Template.ObjectMeta.SetAnnotations(map[string]string{OLMCAHashAnnotationKey: caHash}) + + exists := true + apiService, err := a.lister.APIRegistrationV1().APIServiceLister().Get(apiServiceName) + if err != nil { + if !k8serrors.IsNotFound(err) { + return nil, err + } + + exists = false + apiService = &apiregistrationv1.APIService{ + Spec: apiregistrationv1.APIServiceSpec{ + Group: desc.Group, + Version: desc.Version, + GroupPriorityMinimum: int32(2000), + VersionPriority: int32(15), + }, + } + apiService.SetName(apiServiceName) + } else { + owners := []ownerutil.Owner{csv} + + // Get replacing CSV + replaces, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(csv.GetNamespace()).Get(csv.Spec.Replaces) + if err == nil { + owners = append(owners, replaces) + } + + // check if the APIService is adoptable + if !ownerutil.AdoptableLabels(apiService.GetLabels(), true, owners...) { + logger.WithFields(log.Fields{"obj": "apiService", "labels": apiService.GetLabels()}).Debug("adoption failed") + return nil, fmt.Errorf("pre-existing APIService %s is not adoptable", apiServiceName) + } + } + + // Add the CSV as an owner + if err := ownerutil.AddOwnerLabels(apiService, csv); err != nil { + return nil, err + } + + // update the ServiceReference + apiService.Spec.Service = &apiregistrationv1.ServiceReference{ + Namespace: service.GetNamespace(), + Name: service.GetName(), + } + + // create a fresh CA bundle + apiService.Spec.CABundle = caPEM + + // attempt a update or create + if exists { + logger.Debug("updating APIService") + _, err = a.opClient.UpdateAPIService(apiService) + } else { + logger.Debug("creating APIService") + _, err = a.opClient.CreateAPIService(apiService) + } + + if err != nil { + logger.Warnf("could not create or update APIService") + return nil, err + } + + return &depSpec, nil +} + +// APIServiceNameToServiceName returns the result of replacing all +// periods in the given APIService name with hyphens +func APIServiceNameToServiceName(apiServiceName string) string { + // Replace all '.'s with "-"s to convert to a DNS-1035 label + return strings.Replace(apiServiceName, ".", "-", -1) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/config.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/config.go new file mode 100644 index 000000000..13c4484c6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/config.go @@ -0,0 +1,152 @@ +package olm + +import ( + "time" + + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + utilclock "k8s.io/apimachinery/pkg/util/clock" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/internalversion" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/labeler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" +) + +type OperatorOption func(*operatorConfig) + +type operatorConfig struct { + resyncPeriod time.Duration + operatorNamespace string + watchedNamespaces []string + clock utilclock.Clock + logger *logrus.Logger + operatorClient operatorclient.ClientInterface + externalClient versioned.Interface + internalClient internalversion.Interface + strategyResolver install.StrategyResolverInterface + apiReconciler resolver.APIIntersectionReconciler + apiLabeler labeler.Labeler +} + +func (o *operatorConfig) apply(options []OperatorOption) { + for _, option := range options { + option(o) + } +} + +func newInvalidConfigError(name, msg string) error { + return errors.Errorf("%s config invalid: %s", name, msg) +} + +func (o *operatorConfig) validate() (err error) { + // TODO: Add better config validation + switch { + case o.resyncPeriod < 0: + err = newInvalidConfigError("resync period", "must be >= 0") + case o.operatorNamespace == metav1.NamespaceAll: + err = newInvalidConfigError("operator namespace", "must be a single namespace") + case len(o.watchedNamespaces) == 0: + err = newInvalidConfigError("watched namespaces", "must watch at least one namespace") + case o.clock == nil: + err = newInvalidConfigError("clock", "must not be nil") + case o.logger == nil: + err = newInvalidConfigError("logger", "must not be nil") + case o.operatorClient == nil: + err = newInvalidConfigError("operator client", "must not be nil") + case o.externalClient == nil: + err = newInvalidConfigError("external client", "must not be nil") + // case o.internalClient == nil: + // err = newInvalidConfigError("internal client", "must not be nil") + case o.strategyResolver == nil: + err = newInvalidConfigError("strategy resolver", "must not be nil") + case o.apiReconciler == nil: + err = newInvalidConfigError("api reconciler", "must not be nil") + case o.apiLabeler == nil: + err = newInvalidConfigError("api labeler", "must not be nil") + } + + return +} + +func defaultOperatorConfig() *operatorConfig { + return &operatorConfig{ + resyncPeriod: 30 * time.Second, + operatorNamespace: "default", + watchedNamespaces: []string{metav1.NamespaceAll}, + clock: utilclock.RealClock{}, + logger: logrus.New(), + strategyResolver: &install.StrategyResolver{}, + apiReconciler: resolver.APIIntersectionReconcileFunc(resolver.ReconcileAPIIntersection), + apiLabeler: labeler.Func(resolver.LabelSetsFor), + } +} + +func WithResyncPeriod(period time.Duration) OperatorOption { + return func(config *operatorConfig) { + config.resyncPeriod = period + } +} + +func WithOperatorNamespace(namespace string) OperatorOption { + return func(config *operatorConfig) { + config.operatorNamespace = namespace + } +} + +func WithWatchedNamespaces(namespaces ...string) OperatorOption { + return func(config *operatorConfig) { + config.watchedNamespaces = namespaces + } +} + +func WithLogger(logger *logrus.Logger) OperatorOption { + return func(config *operatorConfig) { + config.logger = logger + } +} + +func WithClock(clock utilclock.Clock) OperatorOption { + return func(config *operatorConfig) { + config.clock = clock + } +} + +func WithOperatorClient(operatorClient operatorclient.ClientInterface) OperatorOption { + return func(config *operatorConfig) { + config.operatorClient = operatorClient + } +} + +func WithExternalClient(externalClient versioned.Interface) OperatorOption { + return func(config *operatorConfig) { + config.externalClient = externalClient + } +} + +func WithInternalClient(internalClient internalversion.Interface) OperatorOption { + return func(config *operatorConfig) { + config.internalClient = internalClient + } +} + +func WithStrategyResolver(strategyResolver install.StrategyResolverInterface) OperatorOption { + return func(config *operatorConfig) { + config.strategyResolver = strategyResolver + } +} + +func WithAPIReconciler(apiReconciler resolver.APIIntersectionReconciler) OperatorOption { + return func(config *operatorConfig) { + config.apiReconciler = apiReconciler + } +} + +func WithAPILabeler(apiLabeler labeler.Labeler) OperatorOption { + return func(config *operatorConfig) { + config.apiLabeler = apiLabeler + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operator.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operator.go new file mode 100644 index 000000000..48142093c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operator.go @@ -0,0 +1,1602 @@ +package olm + +import ( + "context" + "errors" + "fmt" + "strings" + "time" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/sirupsen/logrus" + corev1 "k8s.io/api/core/v1" + extinf "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + utilclock "k8s.io/apimachinery/pkg/util/clock" + utilerrors "k8s.io/apimachinery/pkg/util/errors" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/client-go/informers" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/tools/record" + "k8s.io/client-go/util/workqueue" + apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" + kagg "k8s.io/kube-aggregator/pkg/client/informers/externalversions" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/certs" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + csvutility "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/event" + index "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/labeler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer" + "github.com/operator-framework/operator-lifecycle-manager/pkg/metrics" +) + +var ( + ErrRequirementsNotMet = errors.New("requirements were not met") + ErrCRDOwnerConflict = errors.New("conflicting CRD owner in namespace") + ErrAPIServiceOwnerConflict = errors.New("unable to adopt APIService") +) + +var timeNow = func() metav1.Time { return metav1.NewTime(time.Now().UTC()) } + +type Operator struct { + queueinformer.Operator + + clock utilclock.Clock + logger *logrus.Logger + opClient operatorclient.ClientInterface + client versioned.Interface + lister operatorlister.OperatorLister + ogQueueSet *queueinformer.ResourceQueueSet + csvQueueSet *queueinformer.ResourceQueueSet + csvCopyQueueSet *queueinformer.ResourceQueueSet + csvGCQueueSet *queueinformer.ResourceQueueSet + apiServiceQueue workqueue.RateLimitingInterface + csvIndexers map[string]cache.Indexer + recorder record.EventRecorder + resolver install.StrategyResolverInterface + apiReconciler resolver.APIIntersectionReconciler + apiLabeler labeler.Labeler + csvSetGenerator csvutility.SetGenerator + csvReplaceFinder csvutility.ReplaceFinder + csvNotification csvutility.WatchNotification +} + +func NewOperator(ctx context.Context, options ...OperatorOption) (*Operator, error) { + config := defaultOperatorConfig() + config.apply(options) + + return newOperatorWithConfig(ctx, config) +} + +func newOperatorWithConfig(ctx context.Context, config *operatorConfig) (*Operator, error) { + if err := config.validate(); err != nil { + return nil, err + } + + queueOperator, err := queueinformer.NewOperator(config.operatorClient.KubernetesInterface().Discovery(), queueinformer.WithOperatorLogger(config.logger)) + if err != nil { + return nil, err + } + + eventRecorder, err := event.NewRecorder(config.operatorClient.KubernetesInterface().CoreV1().Events(metav1.NamespaceAll)) + if err != nil { + return nil, err + } + + lister := operatorlister.NewLister() + + op := &Operator{ + Operator: queueOperator, + clock: config.clock, + logger: config.logger, + opClient: config.operatorClient, + client: config.externalClient, + ogQueueSet: queueinformer.NewEmptyResourceQueueSet(), + csvQueueSet: queueinformer.NewEmptyResourceQueueSet(), + csvCopyQueueSet: queueinformer.NewEmptyResourceQueueSet(), + csvGCQueueSet: queueinformer.NewEmptyResourceQueueSet(), + apiServiceQueue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "apiservice"), + resolver: config.strategyResolver, + apiReconciler: config.apiReconciler, + lister: lister, + recorder: eventRecorder, + apiLabeler: config.apiLabeler, + csvIndexers: map[string]cache.Indexer{}, + csvSetGenerator: csvutility.NewSetGenerator(config.logger, lister), + csvReplaceFinder: csvutility.NewReplaceFinder(config.logger, config.externalClient), + } + + // Set up syncing for namespace-scoped resources + k8sSyncer := queueinformer.LegacySyncHandler(op.syncObject).ToSyncerWithDelete(op.handleDeletion) + for _, namespace := range config.watchedNamespaces { + // Wire CSVs + extInformerFactory := externalversions.NewSharedInformerFactoryWithOptions(op.client, config.resyncPeriod, externalversions.WithNamespace(namespace)) + csvInformer := extInformerFactory.Operators().V1alpha1().ClusterServiceVersions() + op.lister.OperatorsV1alpha1().RegisterClusterServiceVersionLister(namespace, csvInformer.Lister()) + csvQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), fmt.Sprintf("%s/csv", namespace)) + op.csvQueueSet.Set(namespace, csvQueue) + csvQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithMetricsProvider(metrics.NewMetricsCSV(csvInformer.Lister())), + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(csvQueue), + queueinformer.WithInformer(csvInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncClusterServiceVersion).ToSyncerWithDelete(op.handleClusterServiceVersionDeletion)), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(csvQueueInformer) + csvInformer.Informer().AddIndexers(cache.Indexers{index.MetaLabelIndexFuncKey: index.MetaLabelIndexFunc}) + csvIndexer := csvInformer.Informer().GetIndexer() + op.csvIndexers[namespace] = csvIndexer + + // Register separate queue for copying csvs + csvCopyQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), fmt.Sprintf("%s/csv-copy", namespace)) + op.csvCopyQueueSet.Set(namespace, csvCopyQueue) + csvCopyQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(csvCopyQueue), + queueinformer.WithIndexer(csvIndexer), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncCopyCSV).ToSyncer()), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(csvCopyQueueInformer) + + // Register separate queue for gcing csvs + csvGCQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), fmt.Sprintf("%s/csv-gc", namespace)) + op.csvGCQueueSet.Set(namespace, csvGCQueue) + csvGCQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(csvGCQueue), + queueinformer.WithIndexer(csvIndexer), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncGcCsv).ToSyncer()), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(csvGCQueueInformer) + + // Wire OperatorGroup reconciliation + operatorGroupInformer := extInformerFactory.Operators().V1().OperatorGroups() + op.lister.OperatorsV1().RegisterOperatorGroupLister(namespace, operatorGroupInformer.Lister()) + ogQueue := workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), fmt.Sprintf("%s/og", namespace)) + op.ogQueueSet.Set(namespace, ogQueue) + operatorGroupQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(ogQueue), + queueinformer.WithInformer(operatorGroupInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncOperatorGroups).ToSyncerWithDelete(op.operatorGroupDeleted)), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(operatorGroupQueueInformer) + + // Wire Deployments + k8sInformerFactory := informers.NewSharedInformerFactoryWithOptions(op.opClient.KubernetesInterface(), config.resyncPeriod, informers.WithNamespace(namespace)) + depInformer := k8sInformerFactory.Apps().V1().Deployments() + op.lister.AppsV1().RegisterDeploymentLister(namespace, depInformer.Lister()) + depQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(depInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(depQueueInformer) + + // Set up RBAC informers + roleInformer := k8sInformerFactory.Rbac().V1().Roles() + op.lister.RbacV1().RegisterRoleLister(namespace, roleInformer.Lister()) + roleQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(roleInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(roleQueueInformer) + + roleBindingInformer := k8sInformerFactory.Rbac().V1().RoleBindings() + op.lister.RbacV1().RegisterRoleBindingLister(namespace, roleBindingInformer.Lister()) + roleBindingQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(roleBindingInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(roleBindingQueueInformer) + + // Register Secret QueueInformer + secretInformer := k8sInformerFactory.Core().V1().Secrets() + op.lister.CoreV1().RegisterSecretLister(namespace, secretInformer.Lister()) + secretQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(secretInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(secretQueueInformer) + + // Register Service QueueInformer + serviceInformer := k8sInformerFactory.Core().V1().Services() + op.lister.CoreV1().RegisterServiceLister(namespace, serviceInformer.Lister()) + serviceQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(serviceInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(serviceQueueInformer) + + // Register ServiceAccount QueueInformer + serviceAccountInformer := k8sInformerFactory.Core().V1().ServiceAccounts() + op.lister.CoreV1().RegisterServiceAccountLister(metav1.NamespaceAll, serviceAccountInformer.Lister()) + serviceAccountQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(serviceAccountInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + op.RegisterQueueInformer(serviceAccountQueueInformer) + } + + k8sInformerFactory := informers.NewSharedInformerFactory(op.opClient.KubernetesInterface(), config.resyncPeriod) + clusterRoleInformer := k8sInformerFactory.Rbac().V1().ClusterRoles() + op.lister.RbacV1().RegisterClusterRoleLister(clusterRoleInformer.Lister()) + clusterRoleQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(clusterRoleInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(clusterRoleQueueInformer) + + clusterRoleBindingInformer := k8sInformerFactory.Rbac().V1().ClusterRoleBindings() + op.lister.RbacV1().RegisterClusterRoleBindingLister(clusterRoleBindingInformer.Lister()) + clusterRoleBindingQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(clusterRoleBindingInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(clusterRoleBindingQueueInformer) + + // register namespace queueinformer + namespaceInformer := k8sInformerFactory.Core().V1().Namespaces() + op.lister.CoreV1().RegisterNamespaceLister(namespaceInformer.Lister()) + namespaceInformer.Informer().AddEventHandler( + &cache.ResourceEventHandlerFuncs{ + DeleteFunc: op.namespaceAddedOrRemoved, + AddFunc: op.namespaceAddedOrRemoved, + }, + ) + namespaceQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(namespaceInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncObject).ToSyncer()), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(namespaceQueueInformer) + + // Register APIService QueueInformer + apiServiceInformer := kagg.NewSharedInformerFactory(op.opClient.ApiregistrationV1Interface(), config.resyncPeriod).Apiregistration().V1().APIServices() + op.lister.APIRegistrationV1().RegisterAPIServiceLister(apiServiceInformer.Lister()) + apiServiceQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithQueue(op.apiServiceQueue), + queueinformer.WithInformer(apiServiceInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(op.syncAPIService).ToSyncerWithDelete(op.handleDeletion)), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(apiServiceQueueInformer) + + // Register CustomResourceDefinition QueueInformer + crdInformer := extinf.NewSharedInformerFactory(op.opClient.ApiextensionsV1beta1Interface(), config.resyncPeriod).Apiextensions().V1beta1().CustomResourceDefinitions() + op.lister.APIExtensionsV1beta1().RegisterCustomResourceDefinitionLister(crdInformer.Lister()) + crdQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithLogger(op.logger), + queueinformer.WithInformer(crdInformer.Informer()), + queueinformer.WithSyncer(k8sSyncer), + ) + if err != nil { + return nil, err + } + op.RegisterQueueInformer(crdQueueInformer) + + return op, nil +} + +func (a *Operator) now() metav1.Time { + return metav1.NewTime(a.clock.Now().UTC()) +} + +func (a *Operator) syncAPIService(obj interface{}) (syncError error) { + apiService, ok := obj.(*apiregistrationv1.APIService) + if !ok { + a.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting APIService failed") + } + + logger := a.logger.WithFields(logrus.Fields{ + "id": queueinformer.NewLoopID(), + "apiService": apiService.GetName(), + }) + logger.Info("syncing APIService") + + if name, ns, ok := ownerutil.GetOwnerByKindLabel(apiService, v1alpha1.ClusterServiceVersionKind); ok { + _, err := a.lister.CoreV1().NamespaceLister().Get(ns) + if k8serrors.IsNotFound(err) { + logger.Debug("Deleting api service since owning namespace is not found") + syncError = a.opClient.DeleteAPIService(apiService.GetName(), &metav1.DeleteOptions{}) + return + } + + _, err = a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(ns).Get(name) + if k8serrors.IsNotFound(err) { + logger.Debug("Deleting api service since owning CSV is not found") + syncError = a.opClient.DeleteAPIService(apiService.GetName(), &metav1.DeleteOptions{}) + return + } else if err != nil { + syncError = err + return + } else { + if ownerutil.IsOwnedByKindLabel(apiService, v1alpha1.ClusterServiceVersionKind) { + logger.Debug("requeueing owner CSVs") + a.requeueOwnerCSVs(apiService) + } + } + } + + return nil +} + +func (a *Operator) GetCSVSetGenerator() csvutility.SetGenerator { + return a.csvSetGenerator +} + +func (a *Operator) GetReplaceFinder() csvutility.ReplaceFinder { + return a.csvReplaceFinder +} + +func (a *Operator) RegisterCSVWatchNotification(csvNotification csvutility.WatchNotification) { + if csvNotification == nil { + return + } + + a.csvNotification = csvNotification +} + +func (a *Operator) syncObject(obj interface{}) (syncError error) { + // Assert as metav1.Object + metaObj, ok := obj.(metav1.Object) + if !ok { + syncError = errors.New("object sync: casting to metav1.Object failed") + a.logger.Warn(syncError.Error()) + return + } + logger := a.logger.WithFields(logrus.Fields{ + "name": metaObj.GetName(), + "namespace": metaObj.GetNamespace(), + "self": metaObj.GetSelfLink(), + }) + + // Requeue all owner CSVs + if ownerutil.IsOwnedByKind(metaObj, v1alpha1.ClusterServiceVersionKind) { + logger.Debug("requeueing owner csvs") + a.requeueOwnerCSVs(metaObj) + } + + // Requeues objects that can't have ownerrefs (cluster -> namespace, cross-namespace) + if ownerutil.IsOwnedByKindLabel(metaObj, v1alpha1.ClusterServiceVersionKind) { + logger.Debug("requeueing owner csvs") + a.requeueOwnerCSVs(metaObj) + } + + // Requeue CSVs with provided and required labels (for CRDs) + if labelSets, err := a.apiLabeler.LabelSetsFor(metaObj); err != nil { + logger.WithError(err).Warn("couldn't create label set") + } else if len(labelSets) > 0 { + logger.Debug("requeueing providing/requiring csvs") + a.requeueCSVsByLabelSet(logger, labelSets...) + } + + return nil +} + +func (a *Operator) namespaceAddedOrRemoved(obj interface{}) { + // Check to see if any operator groups are associated with this namespace + namespace, ok := obj.(*corev1.Namespace) + if !ok { + return + } + + logger := a.logger.WithFields(logrus.Fields{ + "name": namespace.GetName(), + }) + + operatorGroupList, err := a.lister.OperatorsV1().OperatorGroupLister().OperatorGroups(metav1.NamespaceAll).List(labels.Everything()) + if err != nil { + logger.WithError(err).Warn("lister failed") + return + } + + for _, group := range operatorGroupList { + if resolver.NewNamespaceSet(group.Status.Namespaces).Contains(namespace.GetName()) { + if err := a.ogQueueSet.Requeue(group.Namespace, group.Name); err != nil { + logger.WithError(err).Warn("error requeuing operatorgroup") + } + } + } + return +} + +func (a *Operator) handleClusterServiceVersionDeletion(obj interface{}) { + clusterServiceVersion, ok := obj.(*v1alpha1.ClusterServiceVersion) + if !ok { + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("couldn't get object from tombstone %#v", obj)) + return + } + + clusterServiceVersion, ok = tombstone.Obj.(*v1alpha1.ClusterServiceVersion) + if !ok { + utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not a ClusterServiceVersion %#v", obj)) + return + } + } + + if a.csvNotification != nil { + a.csvNotification.OnDelete(clusterServiceVersion) + } + + logger := a.logger.WithFields(logrus.Fields{ + "id": queueinformer.NewLoopID(), + "csv": clusterServiceVersion.GetName(), + "namespace": clusterServiceVersion.GetNamespace(), + "phase": clusterServiceVersion.Status.Phase, + }) + + defer func(csv v1alpha1.ClusterServiceVersion) { + if clusterServiceVersion.IsCopied() { + logger.Debug("deleted csv is copied. skipping operatorgroup requeue") + return + } + + // Requeue all OperatorGroups in the namespace + logger.Debug("requeueing operatorgroups in namespace") + operatorGroups, err := a.lister.OperatorsV1().OperatorGroupLister().OperatorGroups(csv.GetNamespace()).List(labels.Everything()) + if err != nil { + logger.WithError(err).Warnf("an error occurred while listing operatorgroups to requeue after csv deletion") + return + } + + for _, operatorGroup := range operatorGroups { + logger := logger.WithField("operatorgroup", operatorGroup.GetName()) + logger.Debug("requeueing") + if err := a.ogQueueSet.Requeue(operatorGroup.GetNamespace(), operatorGroup.GetName()); err != nil { + logger.WithError(err).Debug("error requeueing operatorgroup") + } + } + }(*clusterServiceVersion) + + targetNamespaces, ok := clusterServiceVersion.Annotations[v1.OperatorGroupTargetsAnnotationKey] + if !ok { + logger.Debug("missing target namespaces annotation on csv") + return + } + + operatorNamespace, ok := clusterServiceVersion.Annotations[v1.OperatorGroupNamespaceAnnotationKey] + if !ok { + logger.Debug("missing operator namespace annotation on csv") + return + } + + if _, ok = clusterServiceVersion.Annotations[v1.OperatorGroupAnnotationKey]; !ok { + logger.Debug("missing operatorgroup name annotation on csv") + return + } + + if clusterServiceVersion.IsCopied() { + logger.Debug("deleted csv is copied. skipping additional cleanup steps") + return + } + + logger.Info("gcing children") + namespaces := []string{} + if targetNamespaces == "" { + namespaceList, err := a.opClient.KubernetesInterface().CoreV1().Namespaces().List(metav1.ListOptions{}) + if err != nil { + logger.WithError(err).Warn("cannot list all namespaces to requeue child csvs for deletion") + return + } + for _, namespace := range namespaceList.Items { + namespaces = append(namespaces, namespace.GetName()) + } + } else { + namespaces = strings.Split(targetNamespaces, ",") + } + for _, namespace := range namespaces { + if namespace != operatorNamespace { + logger.WithField("targetNamespace", namespace).Debug("requeueing child csv for deletion") + a.csvGCQueueSet.Requeue(namespace, clusterServiceVersion.GetName()) + } + } + + for _, desc := range clusterServiceVersion.Spec.APIServiceDefinitions.Owned { + apiServiceName := fmt.Sprintf("%s.%s", desc.Version, desc.Group) + fetched, err := a.lister.APIRegistrationV1().APIServiceLister().Get(apiServiceName) + if k8serrors.IsNotFound(err) { + continue + } + if err != nil { + logger.WithError(err).Warn("api service get failure") + continue + } + apiServiceLabels := fetched.GetLabels() + if clusterServiceVersion.GetName() == apiServiceLabels[ownerutil.OwnerKey] && clusterServiceVersion.GetNamespace() == apiServiceLabels[ownerutil.OwnerNamespaceKey] { + logger.Infof("gcing api service %v", apiServiceName) + err := a.opClient.DeleteAPIService(apiServiceName, &metav1.DeleteOptions{}) + if err != nil { + logger.WithError(err).Warn("cannot delete orphaned api service") + } + } + } +} + +func (a *Operator) removeDanglingChildCSVs(csv *v1alpha1.ClusterServiceVersion) error { + logger := a.logger.WithFields(logrus.Fields{ + "id": queueinformer.NewLoopID(), + "csv": csv.GetName(), + "namespace": csv.GetNamespace(), + "phase": csv.Status.Phase, + "labels": csv.GetLabels(), + "annotations": csv.GetAnnotations(), + }) + + if !csv.IsCopied() { + logger.Debug("removeDanglingChild called on a parent. this is a no-op but should be avoided.") + return nil + } + + operatorNamespace, ok := csv.Annotations[v1.OperatorGroupNamespaceAnnotationKey] + if !ok { + logger.Debug("missing operator namespace annotation on copied CSV") + return a.deleteChild(csv, logger) + } + + logger = logger.WithField("parentNamespace", operatorNamespace) + parent, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(operatorNamespace).Get(csv.GetName()) + if k8serrors.IsNotFound(err) || k8serrors.IsGone(err) || parent == nil { + logger.Debug("deleting copied CSV since parent is missing") + return a.deleteChild(csv, logger) + } + + if parent.Status.Phase == v1alpha1.CSVPhaseFailed && parent.Status.Reason == v1alpha1.CSVReasonInterOperatorGroupOwnerConflict { + logger.Debug("deleting copied CSV since parent has intersecting operatorgroup conflict") + return a.deleteChild(csv, logger) + } + + if annotations := parent.GetAnnotations(); annotations != nil { + if !resolver.NewNamespaceSetFromString(annotations[v1.OperatorGroupTargetsAnnotationKey]).Contains(csv.GetNamespace()) { + logger.WithField("parentTargets", annotations[v1.OperatorGroupTargetsAnnotationKey]). + Debug("deleting copied CSV since parent no longer lists this as a target namespace") + return a.deleteChild(csv, logger) + } + } + + return nil +} + +func (a *Operator) deleteChild(csv *v1alpha1.ClusterServiceVersion, logger *logrus.Entry) error { + logger.Debug("gcing csv") + return a.client.OperatorsV1alpha1().ClusterServiceVersions(csv.GetNamespace()).Delete(csv.GetName(), metav1.NewDeleteOptions(0)) +} + +// syncClusterServiceVersion is the method that gets called when we see a CSV event in the cluster +func (a *Operator) syncClusterServiceVersion(obj interface{}) (syncError error) { + clusterServiceVersion, ok := obj.(*v1alpha1.ClusterServiceVersion) + if !ok { + a.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting ClusterServiceVersion failed") + } + + logger := a.logger.WithFields(logrus.Fields{ + "id": queueinformer.NewLoopID(), + "csv": clusterServiceVersion.GetName(), + "namespace": clusterServiceVersion.GetNamespace(), + "phase": clusterServiceVersion.Status.Phase, + }) + logger.Debug("syncing CSV") + + if a.csvNotification != nil { + a.csvNotification.OnAddOrUpdate(clusterServiceVersion) + } + + if clusterServiceVersion.IsCopied() { + logger.Debug("skipping copied csv transition, schedule for gc check") + a.csvGCQueueSet.Requeue(clusterServiceVersion.GetNamespace(), clusterServiceVersion.GetName()) + return + } + + outCSV, syncError := a.transitionCSVState(*clusterServiceVersion) + + if outCSV == nil { + return + } + + // status changed, update CSV + if !(outCSV.Status.LastUpdateTime == clusterServiceVersion.Status.LastUpdateTime && + outCSV.Status.Phase == clusterServiceVersion.Status.Phase && + outCSV.Status.Reason == clusterServiceVersion.Status.Reason && + outCSV.Status.Message == clusterServiceVersion.Status.Message) { + + // Update CSV with status of transition. Log errors if we can't write them to the status. + _, err := a.client.OperatorsV1alpha1().ClusterServiceVersions(outCSV.GetNamespace()).UpdateStatus(outCSV) + if err != nil { + updateErr := errors.New("error updating ClusterServiceVersion status: " + err.Error()) + if syncError == nil { + logger.Info(updateErr) + syncError = updateErr + } else { + syncError = fmt.Errorf("error transitioning ClusterServiceVersion: %s and error updating CSV status: %s", syncError, updateErr) + } + } + } + + operatorGroup := a.operatorGroupFromAnnotations(logger, clusterServiceVersion) + if operatorGroup == nil { + logger.WithField("reason", "no operatorgroup found for active CSV").Debug("skipping potential RBAC creation in target namespaces") + return + } + + if len(operatorGroup.Status.Namespaces) == 1 && operatorGroup.Status.Namespaces[0] == operatorGroup.GetNamespace() { + logger.Debug("skipping copy for OwnNamespace operatorgroup") + return + } + // Ensure operator has access to targetnamespaces with cluster RBAC + // (roles/rolebindings are checked for each target namespace in syncCopyCSV) + if err := a.ensureRBACInTargetNamespace(clusterServiceVersion, operatorGroup); err != nil { + logger.WithError(err).Info("couldn't ensure RBAC in target namespaces") + syncError = err + } + + if !outCSV.IsUncopiable() { + a.csvCopyQueueSet.Requeue(outCSV.GetNamespace(), outCSV.GetName()) + } + + return +} + +func (a *Operator) syncCopyCSV(obj interface{}) (syncError error) { + clusterServiceVersion, ok := obj.(*v1alpha1.ClusterServiceVersion) + if !ok { + a.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting ClusterServiceVersion failed") + } + + logger := a.logger.WithFields(logrus.Fields{ + "id": queueinformer.NewLoopID(), + "csv": clusterServiceVersion.GetName(), + "namespace": clusterServiceVersion.GetNamespace(), + "phase": clusterServiceVersion.Status.Phase, + }) + + logger.Debug("copying CSV") + + operatorGroup := a.operatorGroupFromAnnotations(logger, clusterServiceVersion) + if operatorGroup == nil { + // since syncClusterServiceVersion is the only enqueuer, annotations should be present + logger.WithField("reason", "no operatorgroup found for active CSV").Error("operatorgroup should have annotations") + syncError = fmt.Errorf("operatorGroup for csv '%v' should have annotations", clusterServiceVersion.GetName()) + return + } + + logger.WithFields(logrus.Fields{ + "targetNamespaces": strings.Join(operatorGroup.Status.Namespaces, ","), + }).Debug("copying csv to targets") + + // Check if we need to do any copying / annotation for the operatorgroup + if err := a.ensureCSVsInNamespaces(clusterServiceVersion, operatorGroup, resolver.NewNamespaceSet(operatorGroup.Status.Namespaces)); err != nil { + logger.WithError(err).Info("couldn't copy CSV to target namespaces") + syncError = err + } + + return +} + +func (a *Operator) syncGcCsv(obj interface{}) (syncError error) { + clusterServiceVersion, ok := obj.(*v1alpha1.ClusterServiceVersion) + if !ok { + a.logger.Debugf("wrong type: %#v", obj) + return fmt.Errorf("casting ClusterServiceVersion failed") + } + if clusterServiceVersion.IsCopied() { + syncError = a.removeDanglingChildCSVs(clusterServiceVersion) + return + } + return +} + +// operatorGroupFromAnnotations returns the OperatorGroup for the CSV only if the CSV is active one in the group +func (a *Operator) operatorGroupFromAnnotations(logger *logrus.Entry, csv *v1alpha1.ClusterServiceVersion) *v1.OperatorGroup { + annotations := csv.GetAnnotations() + + // Not part of a group yet + if annotations == nil { + logger.Info("not part of any operatorgroup, no annotations") + return nil + } + + // Not in the OperatorGroup namespace + if annotations[v1.OperatorGroupNamespaceAnnotationKey] != csv.GetNamespace() { + logger.Info("not in operatorgroup namespace") + return nil + } + + operatorGroupName, ok := annotations[v1.OperatorGroupAnnotationKey] + + // No OperatorGroup annotation + if !ok { + logger.Info("no olm.operatorGroup annotation") + return nil + } + + logger = logger.WithField("operatorgroup", operatorGroupName) + + operatorGroup, err := a.lister.OperatorsV1().OperatorGroupLister().OperatorGroups(csv.GetNamespace()).Get(operatorGroupName) + // OperatorGroup not found + if err != nil { + logger.Info("operatorgroup not found") + return nil + } + + targets, ok := annotations[v1.OperatorGroupTargetsAnnotationKey] + + // No target annotation + if !ok { + logger.Info("no olm.targetNamespaces annotation") + return nil + } + + // Target namespaces don't match + if targets != strings.Join(operatorGroup.Status.Namespaces, ",") { + logger.Info("olm.targetNamespaces annotation doesn't match operatorgroup status") + return nil + } + + return operatorGroup +} + +func (a *Operator) operatorGroupForCSV(csv *v1alpha1.ClusterServiceVersion, logger *logrus.Entry) (*v1.OperatorGroup, error) { + now := a.now() + + // Attempt to associate an OperatorGroup with the CSV. + operatorGroups, err := a.client.OperatorsV1().OperatorGroups(csv.GetNamespace()).List(metav1.ListOptions{}) + if err != nil { + logger.Errorf("error occurred while attempting to associate csv with operatorgroup") + return nil, err + } + var operatorGroup *v1.OperatorGroup + + switch len(operatorGroups.Items) { + case 0: + err = fmt.Errorf("csv in namespace with no operatorgroups") + logger.Warn(err) + csv.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonNoOperatorGroup, err.Error(), now, a.recorder) + return nil, err + case 1: + operatorGroup = &operatorGroups.Items[0] + logger = logger.WithField("opgroup", operatorGroup.GetName()) + if a.operatorGroupAnnotationsDiffer(&csv.ObjectMeta, operatorGroup) { + a.setOperatorGroupAnnotations(&csv.ObjectMeta, operatorGroup, true) + if _, err := a.client.OperatorsV1alpha1().ClusterServiceVersions(csv.GetNamespace()).Update(csv); err != nil { + logger.WithError(err).Warn("error adding operatorgroup annotations") + return nil, err + } + if targetNamespaceList, err := a.getOperatorGroupTargets(operatorGroup); err == nil && len(targetNamespaceList) == 0 { + csv.SetPhaseWithEventIfChanged(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonNoTargetNamespaces, "no targetNamespaces are matched operatorgroups namespace selection", now, a.recorder) + } + return nil, nil + } + logger.Info("csv in operatorgroup") + return operatorGroup, nil + default: + err = fmt.Errorf("csv created in namespace with multiple operatorgroups, can't pick one automatically") + logger.WithError(err).Warn("csv failed to become an operatorgroup member") + if csv.Status.Reason != v1alpha1.CSVReasonTooManyOperatorGroups { + csv.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonTooManyOperatorGroups, err.Error(), now, a.recorder) + } + return nil, err + } +} + +// transitionCSVState moves the CSV status state machine along based on the current value and the current cluster state. +func (a *Operator) transitionCSVState(in v1alpha1.ClusterServiceVersion) (out *v1alpha1.ClusterServiceVersion, syncError error) { + logger := a.logger.WithFields(logrus.Fields{ + "id": queueinformer.NewLoopID(), + "csv": in.GetName(), + "namespace": in.GetNamespace(), + "phase": in.Status.Phase, + }) + + out = in.DeepCopy() + now := a.now() + + operatorSurface, err := resolver.NewOperatorFromV1Alpha1CSV(out) + if err != nil { + // TODO: Add failure status to CSV + syncError = err + return + } + + // Ensure required and provided API labels + if labelSets, err := a.apiLabeler.LabelSetsFor(operatorSurface); err != nil { + logger.WithError(err).Warn("couldn't create label set") + } else if len(labelSets) > 0 { + updated, err := a.ensureLabels(out, labelSets...) + if err != nil { + logger.WithError(err).Warn("issue ensuring csv api labels") + syncError = err + return + } + // Update the underlying value of out to preserve changes + *out = *updated + } + + // Verify CSV operatorgroup (and update annotations if needed) + operatorGroup, err := a.operatorGroupForCSV(out, logger) + if operatorGroup == nil { + // when err is nil, we still want to exit, but we don't want to re-add the csv ratelimited to the queue + syncError = err + logger.WithError(err).Info("operatorgroup incorrect") + return + } + + if err := a.ensureDeploymentAnnotations(logger, out); err != nil { + return nil, err + } + + modeSet, err := v1alpha1.NewInstallModeSet(out.Spec.InstallModes) + if err != nil { + syncError = err + logger.WithError(err).Warn("csv has invalid installmodes") + out.SetPhaseWithEventIfChanged(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInvalidInstallModes, syncError.Error(), now, a.recorder) + return + } + + // Check if the CSV supports its operatorgroup's selected namespaces + targets, ok := out.GetAnnotations()[v1.OperatorGroupTargetsAnnotationKey] + if ok { + namespaces := strings.Split(targets, ",") + + if err := modeSet.Supports(out.GetNamespace(), namespaces); err != nil { + logger.WithField("reason", err.Error()).Info("installmodeset does not support operatorgroups namespace selection") + out.SetPhaseWithEventIfChanged(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonUnsupportedOperatorGroup, err.Error(), now, a.recorder) + return + } + } else { + logger.Info("csv missing olm.targetNamespaces annotation") + out.SetPhaseWithEventIfChanged(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonNoTargetNamespaces, "csv missing olm.targetNamespaces annotation", now, a.recorder) + return + } + + // Check for intersecting provided APIs in intersecting OperatorGroups + options := metav1.ListOptions{ + FieldSelector: fmt.Sprintf("metadata.name!=%s,metadata.namespace!=%s", operatorGroup.GetName(), operatorGroup.GetNamespace()), + } + otherGroups, err := a.client.OperatorsV1().OperatorGroups(metav1.NamespaceAll).List(options) + + groupSurface := resolver.NewOperatorGroup(operatorGroup) + otherGroupSurfaces := resolver.NewOperatorGroupSurfaces(otherGroups.Items...) + providedAPIs := operatorSurface.ProvidedAPIs().StripPlural() + + switch result := a.apiReconciler.Reconcile(providedAPIs, groupSurface, otherGroupSurfaces...); { + case operatorGroup.Spec.StaticProvidedAPIs && (result == resolver.AddAPIs || result == resolver.RemoveAPIs): + // Transition the CSV to FAILED with status reason "CannotModifyStaticOperatorGroupProvidedAPIs" + if out.Status.Reason != v1alpha1.CSVReasonInterOperatorGroupOwnerConflict { + logger.WithField("apis", providedAPIs).Warn("cannot modify provided apis of static provided api operatorgroup") + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs, "static provided api operatorgroup cannot be modified by these apis", now, a.recorder) + a.cleanupCSVDeployments(logger, out) + } + return + case result == resolver.APIConflict: + // Transition the CSV to FAILED with status reason "InterOperatorGroupOwnerConflict" + if out.Status.Reason != v1alpha1.CSVReasonInterOperatorGroupOwnerConflict { + logger.WithField("apis", providedAPIs).Warn("intersecting operatorgroups provide the same apis") + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInterOperatorGroupOwnerConflict, "intersecting operatorgroups provide the same apis", now, a.recorder) + a.cleanupCSVDeployments(logger, out) + } + return + case result == resolver.AddAPIs: + // Add the CSV's provided APIs to its OperatorGroup's annotation + logger.WithField("apis", providedAPIs).Debug("adding csv provided apis to operatorgroup") + union := groupSurface.ProvidedAPIs().Union(providedAPIs) + unionedAnnotations := operatorGroup.GetAnnotations() + if unionedAnnotations == nil { + unionedAnnotations = make(map[string]string) + } + unionedAnnotations[v1.OperatorGroupProvidedAPIsAnnotationKey] = union.String() + operatorGroup.SetAnnotations(unionedAnnotations) + if _, err := a.client.OperatorsV1().OperatorGroups(operatorGroup.GetNamespace()).Update(operatorGroup); err != nil && !k8serrors.IsNotFound(err) { + syncError = fmt.Errorf("could not update operatorgroups %s annotation: %v", v1.OperatorGroupProvidedAPIsAnnotationKey, err) + } + a.csvQueueSet.Requeue(out.GetNamespace(), out.GetName()) + return + case result == resolver.RemoveAPIs: + // Remove the CSV's provided APIs from its OperatorGroup's annotation + logger.WithField("apis", providedAPIs).Debug("removing csv provided apis from operatorgroup") + difference := groupSurface.ProvidedAPIs().Difference(providedAPIs) + if diffedAnnotations := operatorGroup.GetAnnotations(); diffedAnnotations != nil { + diffedAnnotations[v1.OperatorGroupProvidedAPIsAnnotationKey] = difference.String() + operatorGroup.SetAnnotations(diffedAnnotations) + if _, err := a.client.OperatorsV1().OperatorGroups(operatorGroup.GetNamespace()).Update(operatorGroup); err != nil && !k8serrors.IsNotFound(err) { + syncError = fmt.Errorf("could not update operatorgroups %s annotation: %v", v1.OperatorGroupProvidedAPIsAnnotationKey, err) + } + } + a.csvQueueSet.Requeue(out.GetNamespace(), out.GetName()) + return + default: + logger.WithField("apis", providedAPIs).Debug("no intersecting operatorgroups provide the same apis") + } + + switch out.Status.Phase { + case v1alpha1.CSVPhaseNone: + logger.Info("scheduling ClusterServiceVersion for requirement verification") + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonRequirementsUnknown, "requirements not yet checked", now, a.recorder) + case v1alpha1.CSVPhasePending: + met, statuses, err := a.requirementAndPermissionStatus(out) + if err != nil { + // TODO: account for Bad Rule as well + logger.Info("invalid install strategy") + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInvalidStrategy, fmt.Sprintf("install strategy invalid: %s", err.Error()), now, a.recorder) + return + } + out.SetRequirementStatus(statuses) + + // Check if we need to requeue the previous + if prev := a.isReplacing(out); prev != nil { + if prev.Status.Phase == v1alpha1.CSVPhaseSucceeded { + if err := a.csvQueueSet.Requeue(prev.GetNamespace(), prev.GetName()); err != nil { + a.logger.WithError(err).Warn("error requeueing previous") + } + } + } + + if !met { + logger.Info("requirements were not met") + out.SetPhaseWithEventIfChanged(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonRequirementsNotMet, "one or more requirements couldn't be found", now, a.recorder) + syncError = ErrRequirementsNotMet + return + } + + // Check for CRD ownership conflicts + if syncError = a.crdOwnerConflicts(out, a.csvSet(out.GetNamespace(), v1alpha1.CSVPhaseAny)); syncError != nil { + if syncError == ErrCRDOwnerConflict { + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonOwnerConflict, syncError.Error(), now, a.recorder) + } + return + } + + // Check for APIServices ownership conflicts + if syncError = a.apiServiceOwnerConflicts(out); syncError != nil { + if syncError == ErrAPIServiceOwnerConflict { + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonOwnerConflict, syncError.Error(), now, a.recorder) + } + return + } + + // Check if we're not ready to install part of the replacement chain yet + if prev := a.isReplacing(out); prev != nil { + if prev.Status.Phase != v1alpha1.CSVPhaseReplacing { + return + } + } + + logger.Info("scheduling ClusterServiceVersion for install") + out.SetPhaseWithEvent(v1alpha1.CSVPhaseInstallReady, v1alpha1.CSVReasonRequirementsMet, "all requirements found, attempting install", now, a.recorder) + case v1alpha1.CSVPhaseInstallReady: + installer, strategy := a.parseStrategiesAndUpdateStatus(out) + if strategy == nil { + return + } + + // Install owned APIServices and update strategy with serving cert data + strategy, syncError = a.installOwnedAPIServiceRequirements(out, strategy) + if syncError != nil { + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonComponentFailed, fmt.Sprintf("install API services failed: %s", syncError), now, a.recorder) + return + } + + if syncError = installer.Install(strategy); syncError != nil { + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonComponentFailed, fmt.Sprintf("install strategy failed: %s", syncError), now, a.recorder) + return + } + + out.SetPhaseWithEvent(v1alpha1.CSVPhaseInstalling, v1alpha1.CSVReasonInstallSuccessful, "waiting for install components to report healthy", now, a.recorder) + err := a.csvQueueSet.Requeue(out.GetNamespace(), out.GetName()) + if err != nil { + a.logger.Warn(err.Error()) + } + return + + case v1alpha1.CSVPhaseInstalling: + installer, strategy := a.parseStrategiesAndUpdateStatus(out) + if strategy == nil { + return + } + + if installErr := a.updateInstallStatus(out, installer, strategy, v1alpha1.CSVPhaseInstalling, v1alpha1.CSVReasonWaiting); installErr == nil { + logger.WithField("strategy", out.Spec.InstallStrategy.StrategyName).Infof("install strategy successful") + } else { + // Set phase to failed if it's been a long time since the last transition (5 minutes) + if metav1.Now().Sub(out.Status.LastTransitionTime.Time) >= 5*time.Minute { + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInstallCheckFailed, fmt.Sprintf("install timeout"), now, a.recorder) + } + } + + case v1alpha1.CSVPhaseSucceeded: + // Check if the current CSV is being replaced, return with replacing status if so + if err := a.checkReplacementsAndUpdateStatus(out); err != nil { + logger.WithError(err).Info("replacement check") + return + } + + installer, strategy := a.parseStrategiesAndUpdateStatus(out) + if strategy == nil { + return + } + + // Check if any generated resources are missing + if err := a.checkAPIServiceResources(out, certs.PEMSHA256); err != nil { + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonAPIServiceResourceIssue, err.Error(), now, a.recorder) + return + } + + // Check if it's time to refresh owned APIService certs + if a.shouldRotateCerts(out) { + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonNeedsCertRotation, "owned APIServices need cert refresh", now, a.recorder) + return + } + + // Ensure requirements are still present + met, statuses, err := a.requirementAndPermissionStatus(out) + if err != nil { + logger.Info("invalid install strategy") + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInvalidStrategy, fmt.Sprintf("install strategy invalid: %s", err.Error()), now, a.recorder) + return + } else if !met { + out.SetRequirementStatus(statuses) + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonRequirementsNotMet, fmt.Sprintf("requirements no longer met"), now, a.recorder) + return + } + + // Check install status + if installErr := a.updateInstallStatus(out, installer, strategy, v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonComponentUnhealthy); installErr != nil { + logger.WithField("strategy", out.Spec.InstallStrategy.StrategyName).Warnf("unhealthy component: %s", installErr) + return + } + + // Ensure cluster roles exist for using provided apis + if err := a.ensureClusterRolesForCSV(out, operatorGroup); err != nil { + logger.WithError(err).Info("couldn't ensure clusterroles for provided api types") + syncError = err + return + } + + case v1alpha1.CSVPhaseFailed: + installer, strategy := a.parseStrategiesAndUpdateStatus(out) + if strategy == nil { + return + } + + // Check if failed due to unsupported InstallModes + if out.Status.Reason == v1alpha1.CSVReasonNoTargetNamespaces || + out.Status.Reason == v1alpha1.CSVReasonNoOperatorGroup || + out.Status.Reason == v1alpha1.CSVReasonTooManyOperatorGroups || + out.Status.Reason == v1alpha1.CSVReasonUnsupportedOperatorGroup { + logger.Info("InstallModes now support target namespaces. Transitioning to Pending...") + // Check occurred before switch, safe to transition to pending + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonRequirementsUnknown, "InstallModes now support target namespaces", now, a.recorder) + return + } + + // Check if failed due to conflicting OperatorGroups + if out.Status.Reason == v1alpha1.CSVReasonInterOperatorGroupOwnerConflict { + logger.Info("OperatorGroup no longer intersecting with conflicting owner. Transitioning to Pending...") + // Check occurred before switch, safe to transition to pending + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonRequirementsUnknown, "OperatorGroup no longer intersecting with conflicting owner", now, a.recorder) + return + } + + // Check if failed due to an attempt to modify a static OperatorGroup + if out.Status.Reason == v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs { + logger.Info("static OperatorGroup and intersecting groups now support providedAPIs...") + // Check occurred before switch, safe to transition to pending + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonRequirementsUnknown, "static OperatorGroup and intersecting groups now support providedAPIs", now, a.recorder) + return + } + + // Check if requirements exist + met, statuses, err := a.requirementAndPermissionStatus(out) + if err != nil && out.Status.Reason != v1alpha1.CSVReasonInvalidStrategy { + logger.Warn("invalid install strategy") + out.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInvalidStrategy, fmt.Sprintf("install strategy invalid: %s", err.Error()), now, a.recorder) + return + } else if !met { + out.SetRequirementStatus(statuses) + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonRequirementsNotMet, fmt.Sprintf("requirements not met"), now, a.recorder) + return + } + + // Check if any generated resources are missing and that OLM can action on them + if err := a.checkAPIServiceResources(out, certs.PEMSHA256); err != nil { + if a.apiServiceResourceErrorActionable(err) { + // Check if API services are adoptable. If not, keep CSV as Failed state + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonAPIServiceResourcesNeedReinstall, err.Error(), now, a.recorder) + } + return + } + + // Check if it's time to refresh owned APIService certs + if a.shouldRotateCerts(out) { + out.SetPhaseWithEvent(v1alpha1.CSVPhasePending, v1alpha1.CSVReasonNeedsCertRotation, "owned APIServices need cert refresh", now, a.recorder) + return + } + + // Check install status + if installErr := a.updateInstallStatus(out, installer, strategy, v1alpha1.CSVPhasePending, v1alpha1.CSVReasonNeedsReinstall); installErr != nil { + logger.WithField("strategy", out.Spec.InstallStrategy.StrategyName).Warnf("needs reinstall: %s", installErr) + } + + case v1alpha1.CSVPhaseReplacing: + // determine CSVs that are safe to delete by finding a replacement chain to a CSV that's running + // since we don't know what order we'll process replacements, we have to guard against breaking that chain + + // if this isn't the earliest csv in a replacement chain, skip gc. + // marking an intermediate for deletion will break the replacement chain + if prev := a.isReplacing(out); prev != nil { + logger.Debugf("being replaced, but is not a leaf. skipping gc") + return + } + + // If there is a succeeded replacement, mark this for deletion + if next := a.isBeingReplaced(out, a.csvSet(out.GetNamespace(), v1alpha1.CSVPhaseAny)); next != nil { + if next.Status.Phase == v1alpha1.CSVPhaseSucceeded { + out.SetPhaseWithEvent(v1alpha1.CSVPhaseDeleting, v1alpha1.CSVReasonReplaced, "has been replaced by a newer ClusterServiceVersion that has successfully installed.", now, a.recorder) + } else { + // If there's a replacement, but it's not yet succeeded, requeue both (this is an active replacement) + if err := a.csvQueueSet.Requeue(next.GetNamespace(), next.GetName()); err != nil { + a.logger.Warn(err.Error()) + } + if err := a.csvQueueSet.Requeue(out.GetNamespace(), out.GetName()); err != nil { + a.logger.Warn(err.Error()) + } + } + } else { + syncError = fmt.Errorf("CSV marked as replacement, but no replacement CSV found in cluster.") + } + case v1alpha1.CSVPhaseDeleting: + syncError = a.client.OperatorsV1alpha1().ClusterServiceVersions(out.GetNamespace()).Delete(out.GetName(), metav1.NewDeleteOptions(0)) + if syncError != nil { + logger.Debugf("unable to get delete csv marked for deletion: %s", syncError.Error()) + } + } + + return +} + +// csvSet gathers all CSVs in the given namespace into a map keyed by CSV name; if metav1.NamespaceAll gets the set across all namespaces +func (a *Operator) csvSet(namespace string, phase v1alpha1.ClusterServiceVersionPhase) map[string]*v1alpha1.ClusterServiceVersion { + return a.csvSetGenerator.WithNamespace(namespace, phase) +} + +// checkReplacementsAndUpdateStatus returns an error if we can find a newer CSV and sets the status if so +func (a *Operator) checkReplacementsAndUpdateStatus(csv *v1alpha1.ClusterServiceVersion) error { + if csv.Status.Phase == v1alpha1.CSVPhaseReplacing || csv.Status.Phase == v1alpha1.CSVPhaseDeleting { + return nil + } + if replacement := a.isBeingReplaced(csv, a.csvSet(csv.GetNamespace(), v1alpha1.CSVPhaseAny)); replacement != nil { + a.logger.Infof("newer csv replacing %s, no-op", csv.SelfLink) + msg := fmt.Sprintf("being replaced by csv: %s", replacement.GetName()) + csv.SetPhaseWithEvent(v1alpha1.CSVPhaseReplacing, v1alpha1.CSVReasonBeingReplaced, msg, a.now(), a.recorder) + metrics.CSVUpgradeCount.Inc() + + return fmt.Errorf("replacing") + } + return nil +} + +func (a *Operator) updateInstallStatus(csv *v1alpha1.ClusterServiceVersion, installer install.StrategyInstaller, strategy install.Strategy, requeuePhase v1alpha1.ClusterServiceVersionPhase, requeueConditionReason v1alpha1.ConditionReason) error { + apiServicesInstalled, apiServiceErr := a.areAPIServicesAvailable(csv) + strategyInstalled, strategyErr := installer.CheckInstalled(strategy) + now := a.now() + + if strategyInstalled && apiServicesInstalled { + // if there's no error, we're successfully running + csv.SetPhaseWithEventIfChanged(v1alpha1.CSVPhaseSucceeded, v1alpha1.CSVReasonInstallSuccessful, "install strategy completed with no errors", now, a.recorder) + return nil + } + + // installcheck determined we can't progress (e.g. deployment failed to come up in time) + if install.IsErrorUnrecoverable(strategyErr) { + csv.SetPhaseWithEventIfChanged(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInstallCheckFailed, fmt.Sprintf("install failed: %s", strategyErr), now, a.recorder) + return strategyErr + } + + if apiServiceErr != nil { + csv.SetPhaseWithEventIfChanged(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonAPIServiceInstallFailed, fmt.Sprintf("APIService install failed: %s", apiServiceErr), now, a.recorder) + return apiServiceErr + } + + if !apiServicesInstalled { + csv.SetPhaseWithEventIfChanged(requeuePhase, requeueConditionReason, fmt.Sprintf("APIServices not installed"), now, a.recorder) + if err := a.csvQueueSet.Requeue(csv.GetNamespace(), csv.GetName()); err != nil { + a.logger.Warn(err.Error()) + } + + return fmt.Errorf("APIServices not installed") + } + + if strategyErr != nil { + csv.SetPhaseWithEventIfChanged(requeuePhase, requeueConditionReason, fmt.Sprintf("installing: %s", strategyErr), now, a.recorder) + if err := a.csvQueueSet.Requeue(csv.GetNamespace(), csv.GetName()); err != nil { + a.logger.Warn(err.Error()) + } + + return strategyErr + } + + return nil +} + +// parseStrategiesAndUpdateStatus returns a StrategyInstaller and a Strategy for a CSV if it can, else it sets a status on the CSV and returns +func (a *Operator) parseStrategiesAndUpdateStatus(csv *v1alpha1.ClusterServiceVersion) (install.StrategyInstaller, install.Strategy) { + strategy, err := a.resolver.UnmarshalStrategy(csv.Spec.InstallStrategy) + if err != nil { + csv.SetPhaseWithEvent(v1alpha1.CSVPhaseFailed, v1alpha1.CSVReasonInvalidStrategy, fmt.Sprintf("install strategy invalid: %s", err), a.now(), a.recorder) + return nil, nil + } + + previousCSV := a.isReplacing(csv) + var previousStrategy install.Strategy + if previousCSV != nil { + err = a.csvQueueSet.Requeue(previousCSV.Namespace, previousCSV.Name) + if err != nil { + a.logger.Warn(err.Error()) + } + + previousStrategy, err = a.resolver.UnmarshalStrategy(previousCSV.Spec.InstallStrategy) + if err != nil { + previousStrategy = nil + } + } + + strName := strategy.GetStrategyName() + installer := a.resolver.InstallerForStrategy(strName, a.opClient, a.lister, csv, csv.Annotations, previousStrategy) + return installer, strategy +} + +func (a *Operator) crdOwnerConflicts(in *v1alpha1.ClusterServiceVersion, csvsInNamespace map[string]*v1alpha1.ClusterServiceVersion) error { + csvsInChain := a.getReplacementChain(in, csvsInNamespace) + // find csvs in the namespace that are not part of the replacement chain + for name, csv := range csvsInNamespace { + if _, ok := csvsInChain[name]; ok { + continue + } + for _, crd := range in.Spec.CustomResourceDefinitions.Owned { + if name != in.GetName() && csv.OwnsCRD(crd.Name) { + return ErrCRDOwnerConflict + } + } + } + + return nil +} + +func (a *Operator) getReplacementChain(in *v1alpha1.ClusterServiceVersion, csvsInNamespace map[string]*v1alpha1.ClusterServiceVersion) map[string]struct{} { + current := in.GetName() + csvsInChain := map[string]struct{}{ + current: {}, + } + + replacement := func(csvName string) *string { + for _, csv := range csvsInNamespace { + if csv.Spec.Replaces == csvName { + name := csv.GetName() + return &name + } + } + return nil + } + + replaces := func(replaces string) *string { + for _, csv := range csvsInNamespace { + name := csv.GetName() + if name == replaces { + rep := csv.Spec.Replaces + return &rep + } + } + return nil + } + + next := replacement(current) + for next != nil { + csvsInChain[*next] = struct{}{} + current = *next + next = replacement(current) + } + + current = in.Spec.Replaces + prev := replaces(current) + if prev != nil { + csvsInChain[current] = struct{}{} + } + for prev != nil && *prev != "" { + current = *prev + csvsInChain[current] = struct{}{} + prev = replaces(current) + } + return csvsInChain +} + +func (a *Operator) apiServiceOwnerConflicts(csv *v1alpha1.ClusterServiceVersion) error { + // Get replacing CSV if exists + replacing, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(csv.GetNamespace()).Get(csv.Spec.Replaces) + if err != nil && !k8serrors.IsNotFound(err) && !k8serrors.IsGone(err) { + return err + } + + owners := []ownerutil.Owner{csv} + if replacing != nil { + owners = append(owners, replacing) + } + + for _, desc := range csv.GetOwnedAPIServiceDescriptions() { + // Check if the APIService exists + apiService, err := a.lister.APIRegistrationV1().APIServiceLister().Get(desc.GetName()) + if err != nil && !k8serrors.IsNotFound(err) && !k8serrors.IsGone(err) { + return err + } + + if apiService == nil { + continue + } + + if !ownerutil.AdoptableLabels(apiService.GetLabels(), true, owners...) { + return ErrAPIServiceOwnerConflict + } + } + + return nil +} + +func (a *Operator) isBeingReplaced(in *v1alpha1.ClusterServiceVersion, csvsInNamespace map[string]*v1alpha1.ClusterServiceVersion) (replacedBy *v1alpha1.ClusterServiceVersion) { + return a.csvReplaceFinder.IsBeingReplaced(in, csvsInNamespace) +} + +func (a *Operator) isReplacing(in *v1alpha1.ClusterServiceVersion) *v1alpha1.ClusterServiceVersion { + return a.csvReplaceFinder.IsReplacing(in) +} + +func (a *Operator) handleDeletion(obj interface{}) { + metaObj, ok := obj.(metav1.Object) + if !ok { + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("Couldn't get object from tombstone %#v", obj)) + return + } + + metaObj, ok = tombstone.Obj.(metav1.Object) + if !ok { + utilruntime.HandleError(fmt.Errorf("Tombstone contained object that is not a metav1.Object %#v", obj)) + return + } + } + logger := a.logger.WithFields(logrus.Fields{ + "name": metaObj.GetName(), + "namespace": metaObj.GetNamespace(), + "self": metaObj.GetSelfLink(), + }) + logger.Debug("handling resource deletion") + + logger.Debug("requeueing owner csvs") + a.requeueOwnerCSVs(metaObj) + + // Requeue CSVs with provided and required labels (for CRDs) + if labelSets, err := a.apiLabeler.LabelSetsFor(metaObj); err != nil { + logger.WithError(err).Warn("couldn't create label set") + } else if len(labelSets) > 0 { + logger.Debug("requeueing providing/requiring csvs") + a.requeueCSVsByLabelSet(logger, labelSets...) + } +} + +func (a *Operator) requeueCSVsByLabelSet(logger *logrus.Entry, labelSets ...labels.Set) { + keys, err := index.LabelIndexKeys(a.csvIndexers, labelSets...) + if err != nil { + logger.WithError(err).Debug("issue getting csvs by label index") + return + } + + for _, key := range keys { + if err := a.csvQueueSet.RequeueByKey(key); err != nil { + logger.WithError(err).Debug("cannot requeue requiring/providing csv") + } else { + logger.WithField("key", key).Debug("csv successfully requeued on crd change") + } + } +} + +func (a *Operator) requeueOwnerCSVs(ownee metav1.Object) { + logger := a.logger.WithFields(logrus.Fields{ + "ownee": ownee.GetName(), + "selflink": ownee.GetSelfLink(), + "namespace": ownee.GetNamespace(), + }) + + // Attempt to requeue CSV owners in the same namespace as the object + owners := ownerutil.GetOwnersByKind(ownee, v1alpha1.ClusterServiceVersionKind) + if len(owners) > 0 && ownee.GetNamespace() != metav1.NamespaceAll { + for _, ownerCSV := range owners { + // Since cross-namespace CSVs can't exist we're guaranteed the owner will be in the same namespace + err := a.csvQueueSet.Requeue(ownee.GetNamespace(), ownerCSV.Name) + if err != nil { + logger.Warn(err.Error()) + } + } + return + } + + // Requeue owners based on labels + if name, ns, ok := ownerutil.GetOwnerByKindLabel(ownee, v1alpha1.ClusterServiceVersionKind); ok { + err := a.csvQueueSet.Requeue(ns, name) + if err != nil { + logger.Warn(err.Error()) + } + } +} + +func (a *Operator) cleanupCSVDeployments(logger *logrus.Entry, csv *v1alpha1.ClusterServiceVersion) { + // Extract the InstallStrategy for the deployment + strategy, err := a.resolver.UnmarshalStrategy(csv.Spec.InstallStrategy) + if err != nil { + logger.Warn("could not parse install strategy while cleaning up CSV deployment") + return + } + + // Assume the strategy is for a deployment + strategyDetailsDeployment, ok := strategy.(*install.StrategyDetailsDeployment) + if !ok { + logger.Warnf("could not cast install strategy as type %T", strategyDetailsDeployment) + return + } + + // Delete deployments + for _, spec := range strategyDetailsDeployment.DeploymentSpecs { + logger := logger.WithField("deployment", spec.Name) + logger.Debug("cleaning up CSV deployment") + if err := a.opClient.DeleteDeployment(csv.GetNamespace(), spec.Name, &metav1.DeleteOptions{}); err != nil { + logger.WithField("err", err).Warn("error cleaning up CSV deployment") + } + } +} + +func (a *Operator) ensureDeploymentAnnotations(logger *logrus.Entry, csv *v1alpha1.ClusterServiceVersion) error { + if !csv.IsSafeToUpdateOperatorGroupAnnotations() { + return nil + } + + // Get csv operatorgroup annotations + annotations := a.copyOperatorGroupAnnotations(&csv.ObjectMeta) + + // Extract the InstallStrategy for the deployment + strategy, err := a.resolver.UnmarshalStrategy(csv.Spec.InstallStrategy) + if err != nil { + logger.Warn("could not parse install strategy while cleaning up CSV deployment") + return nil + } + + // Assume the strategy is for a deployment + strategyDetailsDeployment, ok := strategy.(*install.StrategyDetailsDeployment) + if !ok { + logger.Warnf("could not cast install strategy as type %T", strategyDetailsDeployment) + return nil + } + + existingDeployments, err := a.lister.AppsV1().DeploymentLister().Deployments(csv.GetNamespace()).List(ownerutil.CSVOwnerSelector(csv)) + if err != nil { + return err + } + + // compare deployments to see if any need to be created/updated + updateErrs := []error{} + for _, dep := range existingDeployments { + if dep.Spec.Template.Annotations == nil { + dep.Spec.Template.Annotations = map[string]string{} + } + + changed := false + for key, value := range annotations { + if v, ok := dep.Spec.Template.Annotations[key]; !ok || v != value { + dep.Spec.Template.Annotations[key] = value + changed = true + } + } + + if changed { + if _, _, err := a.opClient.UpdateDeployment(dep); err != nil { + logger.Info("annotations updated!") + updateErrs = append(updateErrs, err) + } + } + } + logger.Info("updated annotations to match current operatorgroup") + + return utilerrors.NewAggregate(updateErrs) +} + +// ensureLabels merges a label set with a CSV's labels and attempts to update the CSV if the merged set differs from the CSV's original labels. +func (a *Operator) ensureLabels(in *v1alpha1.ClusterServiceVersion, labelSets ...labels.Set) (*v1alpha1.ClusterServiceVersion, error) { + csvLabelSet := labels.Set(in.GetLabels()) + merged := csvLabelSet + for _, labelSet := range labelSets { + merged = labels.Merge(merged, labelSet) + } + if labels.Equals(csvLabelSet, merged) { + return in, nil + } + + a.logger.WithField("labels", merged).Error("Labels updated!") + + out := in.DeepCopy() + out.SetLabels(merged) + out, err := a.client.OperatorsV1alpha1().ClusterServiceVersions(out.GetNamespace()).Update(out) + return out, err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operator_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operator_test.go new file mode 100644 index 000000000..1f5ab378d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operator_test.go @@ -0,0 +1,4572 @@ +package olm + +import ( + "context" + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "crypto/x509" + "crypto/x509/pkix" + "encoding/json" + "fmt" + "math" + "math/big" + "reflect" + "sort" + "strings" + "testing" + "time" + + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + apiextensionsfake "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/fake" + "k8s.io/apimachinery/pkg/api/equality" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + utilclock "k8s.io/apimachinery/pkg/util/clock" + "k8s.io/apimachinery/pkg/util/diff" + utilerrors "k8s.io/apimachinery/pkg/util/errors" + "k8s.io/apimachinery/pkg/util/intstr" + "k8s.io/apimachinery/pkg/util/wait" + k8sfake "k8s.io/client-go/kubernetes/fake" + "k8s.io/client-go/pkg/version" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/tools/record" + apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" + apiregistrationfake "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/fake" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/certs" + olmerrors "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + "github.com/operator-framework/operator-lifecycle-manager/pkg/fakes" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/labeler" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" + "github.com/operator-framework/operator-registry/pkg/registry" +) + +type TestStrategy struct{} + +func (t *TestStrategy) GetStrategyName() string { + return "teststrategy" +} + +type TestInstaller struct { + installErr error + checkInstallErr error +} + +func NewTestInstaller(installErr error, checkInstallErr error) install.StrategyInstaller { + return &TestInstaller{ + installErr: installErr, + checkInstallErr: checkInstallErr, + } +} + +func (i *TestInstaller) Install(s install.Strategy) error { + return i.installErr +} + +func (i *TestInstaller) CheckInstalled(s install.Strategy) (bool, error) { + if i.checkInstallErr != nil { + return false, i.checkInstallErr + } + return true, nil +} + +func ownerLabelFromCSV(name, namespace string) map[string]string { + return map[string]string{ + ownerutil.OwnerKey: name, + ownerutil.OwnerNamespaceKey: namespace, + ownerutil.OwnerKind: v1alpha1.ClusterServiceVersionKind, + } +} + +func apiResourcesForObjects(objs []runtime.Object) []*metav1.APIResourceList { + apis := []*metav1.APIResourceList{} + for _, o := range objs { + switch o.(type) { + case *v1beta1.CustomResourceDefinition: + crd := o.(*v1beta1.CustomResourceDefinition) + apis = append(apis, &metav1.APIResourceList{ + GroupVersion: metav1.GroupVersion{Group: crd.Spec.Group, Version: crd.Spec.Versions[0].Name}.String(), + APIResources: []metav1.APIResource{ + { + Name: crd.GetName(), + SingularName: crd.Spec.Names.Singular, + Namespaced: crd.Spec.Scope == v1beta1.NamespaceScoped, + Group: crd.Spec.Group, + Version: crd.Spec.Versions[0].Name, + Kind: crd.Spec.Names.Kind, + }, + }, + }) + case *apiregistrationv1.APIService: + a := o.(*apiregistrationv1.APIService) + names := strings.Split(a.Name, ".") + apis = append(apis, &metav1.APIResourceList{ + GroupVersion: metav1.GroupVersion{Group: names[1], Version: a.Spec.Version}.String(), + APIResources: []metav1.APIResource{ + { + Name: names[1], + Group: names[1], + Version: a.Spec.Version, + Kind: names[1] + "Kind", + }, + }, + }) + } + } + return apis +} + +// fakeOperatorConfig is the configuration for a fake operator. +type fakeOperatorConfig struct { + *operatorConfig + + recorder record.EventRecorder + namespaces []string + fakeClientOptions []clientfake.Option + clientObjs []runtime.Object + k8sObjs []runtime.Object + extObjs []runtime.Object + regObjs []runtime.Object +} + +// fakeOperatorOption applies an option to the given fake operator configuration. +type fakeOperatorOption func(*fakeOperatorConfig) + +func withResyncPeriod(period time.Duration) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.resyncPeriod = period + } +} + +func withOperatorNamespace(namespace string) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.operatorNamespace = namespace + } +} + +func withWatchedNamespaces(namespaces ...string) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.watchedNamespaces = namespaces + } +} + +func withLogger(logger *logrus.Logger) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.logger = logger + } +} + +func withClock(clock utilclock.Clock) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.clock = clock + } +} + +func withStrategyResolver(strategyResolver install.StrategyResolverInterface) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.strategyResolver = strategyResolver + } +} + +func withAPIReconciler(apiReconciler resolver.APIIntersectionReconciler) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + if apiReconciler != nil { + config.apiReconciler = apiReconciler + } + } +} + +func withAPILabeler(apiLabeler labeler.Labeler) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + if apiLabeler != nil { + config.apiLabeler = apiLabeler + } + } +} + +func withEventRecorder(rec record.EventRecorder) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.recorder = rec + } +} + +func withNamespaces(namespaces ...string) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.namespaces = namespaces + } +} + +func withFakeClientOptions(options ...clientfake.Option) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.fakeClientOptions = options + } +} + +func withClientObjs(clientObjs ...runtime.Object) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.clientObjs = clientObjs + } +} + +func withK8sObjs(k8sObjs ...runtime.Object) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.k8sObjs = k8sObjs + } +} + +func withExtObjs(extObjs ...runtime.Object) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.extObjs = extObjs + } +} + +func withRegObjs(regObjs ...runtime.Object) fakeOperatorOption { + return func(config *fakeOperatorConfig) { + config.regObjs = regObjs + } +} + +// NewFakeOperator creates and starts a new operator using fake clients. +func NewFakeOperator(ctx context.Context, options ...fakeOperatorOption) (*Operator, error) { + // Apply options to default config + config := &fakeOperatorConfig{ + operatorConfig: &operatorConfig{ + resyncPeriod: 5 * time.Minute, + operatorNamespace: "default", + watchedNamespaces: []string{metav1.NamespaceAll}, + clock: &utilclock.RealClock{}, + logger: logrus.New(), + strategyResolver: &install.StrategyResolver{}, + apiReconciler: resolver.APIIntersectionReconcileFunc(resolver.ReconcileAPIIntersection), + apiLabeler: labeler.Func(resolver.LabelSetsFor), + }, + recorder: &record.FakeRecorder{}, + // default expected namespaces + namespaces: []string{"default", "kube-system", "kube-public"}, + } + for _, option := range options { + option(config) + } + + // Create client fakes + config.externalClient = fake.NewReactionForwardingClientsetDecorator(config.clientObjs, config.fakeClientOptions...) + // TODO: Using the ReactionForwardingClientsetDecorator for k8s objects causes issues with adding Resources for discovery. + // For now, directly use a SimpleClientset instead. + k8sClientFake := k8sfake.NewSimpleClientset(config.k8sObjs...) + k8sClientFake.Resources = apiResourcesForObjects(append(config.extObjs, config.regObjs...)) + config.operatorClient = operatorclient.NewClient(k8sClientFake, apiextensionsfake.NewSimpleClientset(config.extObjs...), apiregistrationfake.NewSimpleClientset(config.regObjs...)) + + for _, ns := range config.namespaces { + _, err := config.operatorClient.KubernetesInterface().CoreV1().Namespaces().Create(&corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: ns}}) + // Ignore already-exists errors + if err != nil && !k8serrors.IsAlreadyExists(err) { + return nil, err + } + } + + op, err := newOperatorWithConfig(ctx, config.operatorConfig) + if err != nil { + return nil, err + } + op.recorder = config.recorder + + // Only start the operator's informers (no reconciliation) + op.RunInformers(ctx) + + if ok := cache.WaitForCacheSync(ctx.Done(), op.HasSynced); !ok { + return nil, fmt.Errorf("failed to wait for caches to sync") + } + + return op, nil +} + +func buildFakeAPIIntersectionReconcilerThatReturns(result resolver.APIReconciliationResult) *fakes.FakeAPIIntersectionReconciler { + reconciler := &fakes.FakeAPIIntersectionReconciler{} + reconciler.ReconcileReturns(result) + return reconciler +} + +func deployment(deploymentName, namespace, serviceAccountName string, templateAnnotations map[string]string) *appsv1.Deployment { + var singleInstance = int32(1) + return &appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: deploymentName, + Namespace: namespace, + }, + Spec: appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + "app": deploymentName, + }, + }, + Replicas: &singleInstance, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app": deploymentName, + }, + Annotations: templateAnnotations, + }, + Spec: corev1.PodSpec{ + ServiceAccountName: serviceAccountName, + Containers: []corev1.Container{ + { + Name: deploymentName + "-c1", + Image: "nginx:1.7.9", + Ports: []corev1.ContainerPort{ + { + ContainerPort: 80, + }, + }, + }, + }, + }, + }, + }, + Status: appsv1.DeploymentStatus{ + Replicas: singleInstance, + ReadyReplicas: singleInstance, + AvailableReplicas: singleInstance, + UpdatedReplicas: singleInstance, + }, + } +} + +func serviceAccount(name, namespace string) *corev1.ServiceAccount { + serviceAccount := &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + } + + return serviceAccount +} + +func service(name, namespace, deploymentName string, targetPort int) *corev1.Service { + service := &corev1.Service{ + Spec: corev1.ServiceSpec{ + Ports: []corev1.ServicePort{ + { + Port: int32(443), + TargetPort: intstr.FromInt(targetPort), + }, + }, + Selector: map[string]string{ + "app": deploymentName, + }, + }, + } + service.SetName(name) + service.SetNamespace(namespace) + + return service +} + +func clusterRoleBinding(name, clusterRoleName, serviceAccountName, serviceAccountNamespace string) *rbacv1.ClusterRoleBinding { + clusterRoleBinding := &rbacv1.ClusterRoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: serviceAccountName, + Namespace: serviceAccountNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: clusterRoleName, + }, + } + clusterRoleBinding.SetName(name) + + return clusterRoleBinding +} + +func clusterRole(name string, rules []rbacv1.PolicyRule) *rbacv1.ClusterRole { + clusterRole := &rbacv1.ClusterRole{ + Rules: rules, + } + clusterRole.SetName(name) + + return clusterRole +} + +func role(name, namespace string, rules []rbacv1.PolicyRule) *rbacv1.Role { + role := &rbacv1.Role{ + Rules: rules, + } + role.SetName(name) + role.SetNamespace(namespace) + + return role +} + +func roleBinding(name, namespace, roleName, serviceAccountName, serviceAccountNamespace string) *rbacv1.RoleBinding { + roleBinding := &rbacv1.RoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: serviceAccountName, + Namespace: serviceAccountNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: roleName, + }, + } + roleBinding.SetName(name) + roleBinding.SetNamespace(namespace) + + return roleBinding +} + +func tlsSecret(name, namespace string, certPEM, privPEM []byte) *corev1.Secret { + secret := &corev1.Secret{ + Data: map[string][]byte{ + "tls.crt": certPEM, + "tls.key": privPEM, + }, + Type: corev1.SecretTypeTLS, + } + secret.SetName(name) + secret.SetNamespace(namespace) + + return secret +} + +func keyPairToTLSSecret(name, namespace string, kp *certs.KeyPair) *corev1.Secret { + certPEM, privPEM, err := kp.ToPEM() + if err != nil { + panic(err) + } + + return tlsSecret(name, namespace, certPEM, privPEM) +} + +func signedServingPair(notAfter time.Time, ca *certs.KeyPair, hosts []string) *certs.KeyPair { + servingPair, err := certs.CreateSignedServingPair(notAfter, Organization, ca, hosts) + if err != nil { + panic(err) + } + + return servingPair +} + +func withAnnotations(obj runtime.Object, annotations map[string]string) runtime.Object { + meta, ok := obj.(metav1.Object) + if !ok { + panic("could not find metadata on object") + } + meta.SetAnnotations(annotations) + return meta.(runtime.Object) +} + +func csvWithAnnotations(csv *v1alpha1.ClusterServiceVersion, annotations map[string]string) *v1alpha1.ClusterServiceVersion { + return withAnnotations(csv, annotations).(*v1alpha1.ClusterServiceVersion) +} + +func withLabels(obj runtime.Object, labels map[string]string) runtime.Object { + meta, ok := obj.(metav1.Object) + if !ok { + panic("could not find metadata on object") + } + meta.SetLabels(labels) + return meta.(runtime.Object) +} + +func csvWithLabels(csv *v1alpha1.ClusterServiceVersion, labels map[string]string) *v1alpha1.ClusterServiceVersion { + return withLabels(csv, labels).(*v1alpha1.ClusterServiceVersion) +} + +func addAnnotations(annotations map[string]string, add map[string]string) map[string]string { + out := map[string]string{} + for k, v := range annotations { + out[k] = v + } + for k, v := range add { + out[k] = v + } + return out +} + +func addAnnotation(obj runtime.Object, key string, value string) runtime.Object { + meta, ok := obj.(metav1.Object) + if !ok { + panic("could not find metadata on object") + } + return withAnnotations(obj, addAnnotations(meta.GetAnnotations(), map[string]string{key: value})) +} + +func csvWithStatusReason(csv *v1alpha1.ClusterServiceVersion, reason v1alpha1.ConditionReason) *v1alpha1.ClusterServiceVersion { + out := csv.DeepCopy() + out.Status.Reason = reason + return csv +} + +func installStrategy(deploymentName string, permissions []install.StrategyDeploymentPermissions, clusterPermissions []install.StrategyDeploymentPermissions) v1alpha1.NamedInstallStrategy { + var singleInstance = int32(1) + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: deploymentName, + Spec: appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + "app": deploymentName, + }, + }, + Replicas: &singleInstance, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app": deploymentName, + }, + }, + Spec: corev1.PodSpec{ + ServiceAccountName: "sa", + Containers: []corev1.Container{ + { + Name: deploymentName + "-c1", + Image: "nginx:1.7.9", + Ports: []corev1.ContainerPort{ + { + ContainerPort: 80, + }, + }, + }, + }, + }, + }, + }, + }, + }, + Permissions: permissions, + ClusterPermissions: clusterPermissions, + } + strategyRaw, err := json.Marshal(strategy) + if err != nil { + panic(err) + } + + return v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + } +} + +func csv( + name, namespace, minKubeVersion, replaces string, + installStrategy v1alpha1.NamedInstallStrategy, + owned, required []*v1beta1.CustomResourceDefinition, + phase v1alpha1.ClusterServiceVersionPhase, +) *v1alpha1.ClusterServiceVersion { + requiredCRDDescs := make([]v1alpha1.CRDDescription, 0) + for _, crd := range required { + requiredCRDDescs = append(requiredCRDDescs, v1alpha1.CRDDescription{Name: crd.GetName(), Version: crd.Spec.Versions[0].Name, Kind: crd.Spec.Names.Kind}) + } + + ownedCRDDescs := make([]v1alpha1.CRDDescription, 0) + for _, crd := range owned { + ownedCRDDescs = append(ownedCRDDescs, v1alpha1.CRDDescription{Name: crd.GetName(), Version: crd.Spec.Versions[0].Name, Kind: crd.Spec.Names.Kind}) + } + + return &v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: minKubeVersion, + Replaces: replaces, + InstallStrategy: installStrategy, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: ownedCRDDescs, + Required: requiredCRDDescs, + }, + }, + Status: v1alpha1.ClusterServiceVersionStatus{ + Phase: phase, + }, + } +} + +func withConditionReason(csv *v1alpha1.ClusterServiceVersion, reason v1alpha1.ConditionReason) *v1alpha1.ClusterServiceVersion { + csv.Status.Reason = reason + return csv +} + +func withPhase(csv *v1alpha1.ClusterServiceVersion, phase v1alpha1.ClusterServiceVersionPhase, reason v1alpha1.ConditionReason, message string, now metav1.Time) *v1alpha1.ClusterServiceVersion { + csv.SetPhase(phase, reason, message, now) + return csv +} + +func withCertInfo(csv *v1alpha1.ClusterServiceVersion, rotateAt metav1.Time, lastUpdated metav1.Time) *v1alpha1.ClusterServiceVersion { + csv.Status.CertsRotateAt = rotateAt + csv.Status.CertsLastUpdated = lastUpdated + return csv +} + +func withAPIServices(csv *v1alpha1.ClusterServiceVersion, owned, required []v1alpha1.APIServiceDescription) *v1alpha1.ClusterServiceVersion { + csv.Spec.APIServiceDefinitions = v1alpha1.APIServiceDefinitions{ + Owned: owned, + Required: required, + } + return csv +} + +func withInstallModes(csv *v1alpha1.ClusterServiceVersion, installModes []v1alpha1.InstallMode) *v1alpha1.ClusterServiceVersion { + csv.Spec.InstallModes = installModes + return csv + +} + +func apis(apis ...string) []v1alpha1.APIServiceDescription { + descs := []v1alpha1.APIServiceDescription{} + for _, av := range apis { + split := strings.Split(av, ".") + descs = append(descs, v1alpha1.APIServiceDescription{ + Group: split[0], + Version: split[1], + Kind: split[2], + DeploymentName: split[0], + }) + } + return descs +} + +func apiService(group, version, serviceName, serviceNamespace, deploymentName string, caBundle []byte, availableStatus apiregistrationv1.ConditionStatus, ownerLabel map[string]string) *apiregistrationv1.APIService { + apiService := &apiregistrationv1.APIService{ + ObjectMeta: metav1.ObjectMeta{ + Labels: ownerLabel, + }, + Spec: apiregistrationv1.APIServiceSpec{ + Group: group, + Version: version, + GroupPriorityMinimum: int32(2000), + VersionPriority: int32(15), + CABundle: caBundle, + Service: &apiregistrationv1.ServiceReference{ + Name: serviceName, + Namespace: serviceNamespace, + }, + }, + Status: apiregistrationv1.APIServiceStatus{ + Conditions: []apiregistrationv1.APIServiceCondition{ + { + Type: apiregistrationv1.Available, + Status: availableStatus, + }, + }, + }, + } + apiServiceName := fmt.Sprintf("%s.%s", version, group) + apiService.SetName(apiServiceName) + + return apiService +} + +func crd(name, version, group string) *v1beta1.CustomResourceDefinition { + return &v1beta1.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: name + "." + group, + }, + Spec: v1beta1.CustomResourceDefinitionSpec{ + Group: group, + Versions: []v1beta1.CustomResourceDefinitionVersion{ + { + Name: version, + Storage: true, + Served: true, + }, + }, + Names: v1beta1.CustomResourceDefinitionNames{ + Kind: name, + }, + }, + Status: v1beta1.CustomResourceDefinitionStatus{ + Conditions: []v1beta1.CustomResourceDefinitionCondition{ + { + Type: v1beta1.Established, + Status: v1beta1.ConditionTrue, + }, + { + Type: v1beta1.NamesAccepted, + Status: v1beta1.ConditionTrue, + }, + }, + }, + } +} + +func generateCA(notAfter time.Time, organization string) (*certs.KeyPair, error) { + notBefore := time.Now() + + serial, err := rand.Int(rand.Reader, new(big.Int).SetInt64(math.MaxInt64)) + if err != nil { + return nil, err + } + + caDetails := &x509.Certificate{ + SerialNumber: serial, + Subject: pkix.Name{ + Organization: []string{organization}, + }, + NotBefore: notBefore, + NotAfter: notAfter, + IsCA: true, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, + KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, + BasicConstraintsValid: true, + } + + privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + return nil, err + } + + publicKey := &privateKey.PublicKey + certRaw, err := x509.CreateCertificate(rand.Reader, caDetails, caDetails, publicKey, privateKey) + if err != nil { + return nil, err + } + + cert, err := x509.ParseCertificate(certRaw) + if err != nil { + return nil, err + } + + ca := &certs.KeyPair{ + Cert: cert, + Priv: privateKey, + } + + return ca, nil +} + +func TestTransitionCSV(t *testing.T) { + logrus.SetLevel(logrus.DebugLevel) + namespace := "ns" + + apiHash, err := resolver.APIKeyToGVKHash(registry.APIKey{Group: "g1", Version: "v1", Kind: "c1"}) + require.NoError(t, err) + + defaultOperatorGroup := &v1.OperatorGroup{ + TypeMeta: metav1.TypeMeta{ + Kind: "OperatorGroup", + APIVersion: v1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + Namespace: namespace, + }, + Spec: v1.OperatorGroupSpec{}, + Status: v1.OperatorGroupStatus{ + Namespaces: []string{namespace}, + }, + } + + defaultTemplateAnnotations := map[string]string{ + v1.OperatorGroupTargetsAnnotationKey: namespace, + v1.OperatorGroupNamespaceAnnotationKey: namespace, + v1.OperatorGroupAnnotationKey: defaultOperatorGroup.GetName(), + } + + // Generate valid and expired CA fixtures + validCA, err := generateCA(time.Now().Add(10*365*24*time.Hour), Organization) + require.NoError(t, err) + validCAPEM, _, err := validCA.ToPEM() + require.NoError(t, err) + validCAHash := certs.PEMSHA256(validCAPEM) + + expiredCA, err := generateCA(time.Now(), Organization) + require.NoError(t, err) + expiredCAPEM, _, err := expiredCA.ToPEM() + require.NoError(t, err) + expiredCAHash := certs.PEMSHA256(expiredCAPEM) + + type csvState struct { + exists bool + phase v1alpha1.ClusterServiceVersionPhase + reason v1alpha1.ConditionReason + } + type operatorConfig struct { + apiReconciler resolver.APIIntersectionReconciler + apiLabeler labeler.Labeler + } + type initial struct { + csvs []runtime.Object + clientObjs []runtime.Object + crds []runtime.Object + objs []runtime.Object + apis []runtime.Object + } + type expected struct { + csvStates map[string]csvState + objs []runtime.Object + err map[string]error + } + tests := []struct { + name string + config operatorConfig + initial initial + expected expected + }{ + { + name: "SingleCSVNoneToPending/CRD", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + }, + }, + { + name: "SingleCSVNoneToPending/APIService/Required", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), nil, apis("a1.corev1.a1Kind")), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "a1Kind.corev1.a1")}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + }, + }, + { + name: "SingleCSVPendingToFailed/BadStrategy", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + v1alpha1.NamedInstallStrategy{"deployment", json.RawMessage{}}, + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed}, + }, + }, + }, + { + name: "SingleCSVPendingToFailed/BadStrategyPermissions", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", + nil, + []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: "sa", + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"*"}, + Resources: []string{"*"}, + NonResourceURLs: []string{"/osb"}, + }, + }, + }, + }), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sa", + Namespace: namespace, + }, + }, + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed}, + }, + }, + }, + { + name: "SingleCSVPendingToPending/CRD", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + crds: []runtime.Object{}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + err: map[string]error{ + "csv1": ErrRequirementsNotMet, + }, + }, + }, + { + name: "SingleCSVPendingToPending/APIService/Required/Missing", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), nil, apis("a1.v1.a1Kind")), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + err: map[string]error{ + "csv1": ErrRequirementsNotMet, + }, + }, + }, + { + name: "SingleCSVPendingToPending/APIService/Required/Unavailable", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), nil, apis("a1.v1.a1Kind")), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{apiService("a1", "v1", "", "", "", validCAPEM, apiregistrationv1.ConditionFalse, ownerLabelFromCSV("csv1", namespace))}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + err: map[string]error{ + "csv1": ErrRequirementsNotMet, + }, + }, + }, + { + name: "SingleCSVPendingToPending/APIService/Required/Unknown", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), nil, apis("a1.v1.a1Kind")), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{apiService("a1", "v1", "", "", "", validCAPEM, apiregistrationv1.ConditionUnknown, ownerLabelFromCSV("csv1", namespace))}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + err: map[string]error{ + "csv1": ErrRequirementsNotMet, + }, + }, + }, + { + name: "SingleCSVPendingToPending/APIService/Owned/DeploymentNotFound", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("b1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1,a1Kind.v1.a1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + err: map[string]error{ + "csv1": ErrRequirementsNotMet, + }, + }, + }, + { + name: "CSVPendingToFailed/CRDOwnerConflict", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv1", namespace), + ), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + "csv2": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonOwnerConflict}, + }, + err: map[string]error{ + "csv2": ErrCRDOwnerConflict, + }, + }, + }, + { + name: "CSVPendingToFailed/APIServiceOwnerConflict", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + apis("a1.v1.a1Kind"), nil), metav1.NewTime(time.Now().Add(24*time.Hour)), metav1.NewTime(time.Now())), + withAPIServices(csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), + apis("a1.v1.a1Kind"), nil), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "a1Kind.v1.a1")}, + apis: []runtime.Object{apiService("a1", "v1", "v1-a1", namespace, "", validCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace))}, + objs: []runtime.Object{ + withLabels( + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + })), + ownerLabelFromCSV("csv1", namespace), + ), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), validCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + "csv2": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonOwnerConflict}, + }, + err: map[string]error{ + "csv2": ErrAPIServiceOwnerConflict, + }, + }, + }, + { + name: "SingleCSVFailedToPending/Deployment", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending, reason: v1alpha1.CSVReasonNeedsReinstall}, + }, + }, + }, + { + name: "SingleCSVFailedToPending/CRD", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending, reason: v1alpha1.CSVReasonRequirementsNotMet}, + }, + }, + }, + { + name: "SingleCSVFailedToFailed/BadStrategy", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + v1alpha1.NamedInstallStrategy{"deployment", json.RawMessage{}}, + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonInvalidStrategy}, + }, + }, + }, + { + name: "SingleCSVPendingToInstallReady/CRD", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseInstallReady}, + }, + }, + }, + { + name: "SingleCSVPendingToInstallReady/APIService/Required", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhasePending, + ), defaultTemplateAnnotations), nil, apis("a1.v1.a1Kind")), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{apiService("a1", "v1", "", "", "", validCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace))}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseInstallReady}, + }, + }, + }, + { + name: "SingleCSVInstallReadyToInstalling", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseInstallReady, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseInstalling}, + }, + }, + }, + { + name: "SingleCSVInstallReadyToInstalling/APIService/Owned", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseInstallReady, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), + }, + clientObjs: []runtime.Object{addAnnotation(defaultOperatorGroup, v1.OperatorGroupProvidedAPIsAnnotationKey, "c1.v1.g1,a1Kind.v1.a1")}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseInstalling}, + }, + }, + }, + { + name: "SingleCSVSucceededToPending/APIService/Owned/CertRotation", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", validCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + })), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), validCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending, reason: v1alpha1.CSVReasonNeedsCertRotation}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/APIService/Owned/BadCAHash/Deployment", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", validCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: "a-pretty-bad-hash", + })), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), validCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonAPIServiceResourceIssue}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/APIService/Owned/BadCAHash/Secret", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", validCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + })), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), validCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: "also-a-pretty-bad-hash", + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonAPIServiceResourceIssue}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/APIService/Owned/BadCAHash/DeploymentAndSecret", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", validCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: "a-pretty-bad-hash", + })), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), validCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: "also-a-pretty-bad-hash", + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonAPIServiceResourceIssue}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/APIService/Owned/BadCA", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", []byte("a-bad-ca"), apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + })), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), validCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonAPIServiceResourceIssue}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/APIService/Owned/BadServingCert", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", validCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + })), + withAnnotations(tlsSecret("v1.a1-cert", namespace, []byte("bad-cert"), []byte("bad-key")), map[string]string{ + OLMCAHashAnnotationKey: validCAHash, + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonAPIServiceResourceIssue}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/APIService/Owned/ExpiredCA", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", expiredCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: expiredCAHash, + })), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), expiredCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: expiredCAHash, + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonAPIServiceResourceIssue}, + }, + }, + }, + { + name: "SingleCSVFailedToPending/APIService/Owned/ExpiredCA", + initial: initial{ + csvs: []runtime.Object{ + withCertInfo(withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), metav1.Now(), metav1.Now()), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{ + apiService("a1", "v1", "v1-a1", namespace, "a1", expiredCAPEM, apiregistrationv1.ConditionTrue, ownerLabelFromCSV("csv1", namespace)), + }, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", addAnnotations(defaultTemplateAnnotations, map[string]string{ + OLMCAHashAnnotationKey: expiredCAHash, + })), + withAnnotations(keyPairToTLSSecret("v1.a1-cert", namespace, signedServingPair(time.Now().Add(24*time.Hour), expiredCA, []string{"v1-a1.ns", "v1-a1.ns.svc"})), map[string]string{ + OLMCAHashAnnotationKey: expiredCAHash, + }), + service("v1-a1", namespace, "a1", 80), + serviceAccount("sa", namespace), + role("v1.a1-cert", namespace, []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"secrets"}, + ResourceNames: []string{"v1.a1-cert"}, + }, + }), + roleBinding("v1.a1-cert", namespace, "v1.a1-cert", "sa", namespace), + role("extension-apiserver-authentication-reader", "kube-system", []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{"extension-apiserver-authentication"}, + }, + }), + roleBinding("v1.a1-auth-reader", "kube-system", "extension-apiserver-authentication-reader", "sa", namespace), + clusterRole("system:auth-delegator", []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"tokenreviews"}, + }, + { + Verbs: []string{"create"}, + APIGroups: []string{"authentication.k8s.io"}, + Resources: []string{"subjectaccessreviews"}, + }, + }), + clusterRoleBinding("v1.a1-system:auth-delegator", "system:auth-delegator", "sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending, reason: v1alpha1.CSVReasonAPIServiceResourcesNeedReinstall}, + }, + }, + }, + { + name: "SingleCSVFailedToPending/InstallModes/Owned/PreviouslyUnsupported", + initial: initial{ + csvs: []runtime.Object{ + withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonUnsupportedOperatorGroup), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + serviceAccount("sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending, reason: v1alpha1.CSVReasonRequirementsUnknown}, + }, + }, + }, + { + name: "SingleCSVFailedToPending/InstallModes/Owned/PreviouslyNoOperatorGroups", + initial: initial{ + csvs: []runtime.Object{ + withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonNoOperatorGroup), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + serviceAccount("sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending, reason: v1alpha1.CSVReasonRequirementsUnknown}, + }, + }, + }, + { + name: "SingleCSVFailedToPending/InstallModes/Owned/PreviouslyTooManyOperatorGroups", + initial: initial{ + csvs: []runtime.Object{ + withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonTooManyOperatorGroups), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + serviceAccount("sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending, reason: v1alpha1.CSVReasonRequirementsUnknown}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/InstallModes/Owned/Unsupported", + initial: initial{ + csvs: []runtime.Object{ + withInstallModes(withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonInstallSuccessful), + []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: false, + }, + }, + ), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + apis: []runtime.Object{}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + serviceAccount("sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonUnsupportedOperatorGroup}, + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/InstallModes/Owned/NoOperatorGroups", + initial: initial{ + csvs: []runtime.Object{ + withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonInstallSuccessful), + }, + apis: []runtime.Object{}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + serviceAccount("sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonNoOperatorGroup}, + }, + err: map[string]error{ + "csv1": fmt.Errorf("csv in namespace with no operatorgroups"), + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/InstallModes/Owned/TooManyOperatorGroups", + initial: initial{ + csvs: []runtime.Object{ + withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonInstallSuccessful), + }, + clientObjs: []runtime.Object{ + defaultOperatorGroup, + &v1.OperatorGroup{ + TypeMeta: metav1.TypeMeta{ + Kind: "OperatorGroup", + APIVersion: v1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "default-2", + Namespace: namespace, + }, + Spec: v1.OperatorGroupSpec{}, + Status: v1.OperatorGroupStatus{ + Namespaces: []string{namespace}, + }, + }, + }, + apis: []runtime.Object{}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + serviceAccount("sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonTooManyOperatorGroups}, + }, + err: map[string]error{ + "csv1": fmt.Errorf("csv created in namespace with multiple operatorgroups, can't pick one automatically"), + }, + }, + }, + { + name: "SingleCSVSucceededToSucceeded/OperatorGroupChanged", + initial: initial{ + csvs: []runtime.Object{ + withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonInstallSuccessful), + }, + clientObjs: []runtime.Object{ + &v1.OperatorGroup{ + TypeMeta: metav1.TypeMeta{ + Kind: "OperatorGroup", + APIVersion: v1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + Namespace: namespace, + }, + Spec: v1.OperatorGroupSpec{}, + Status: v1.OperatorGroupStatus{ + Namespaces: []string{namespace, "new-namespace"}, + }, + }, + }, + apis: []runtime.Object{}, + objs: []runtime.Object{ + deployment("a1", namespace, "sa", defaultTemplateAnnotations), + serviceAccount("sa", namespace), + }, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseSucceeded, reason: v1alpha1.CSVReasonInstallSuccessful}, + }, + }, + }, + { + name: "SingleCSVInstallReadyToFailed/BadStrategy", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + v1alpha1.NamedInstallStrategy{"deployment", json.RawMessage{}}, + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseInstallReady, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed}, + }, + }, + }, + { + name: "SingleCSVInstallingToSucceeded/UnmanagedDeploymentNotAffected", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseInstalling, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv1", namespace), + ), + deployment("extra-dep", namespace, "sa", nil), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + objs: []runtime.Object{ + deployment("extra-dep", namespace, "sa", nil), + }, + }, + }, + { + name: "SingleCSVSucceededToSucceeded/UnmanagedDeploymentInNamespace", + initial: initial{ + csvs: []runtime.Object{ + withConditionReason(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), v1alpha1.CSVReasonInstallSuccessful), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + map[string]string{ + ownerutil.OwnerKey: "csv1", + ownerutil.OwnerNamespaceKey: namespace, + ownerutil.OwnerKind: "ClusterServiceVersion", + }, + ), + deployment("extra-dep", namespace, "sa", nil), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + objs: []runtime.Object{ + deployment("extra-dep", namespace, "sa", nil), + }, + }, + }, + { + name: "SingleCSVSucceededToFailed/CRD", + initial: initial{ + csvs: []runtime.Object{ + withAPIServices(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("a1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), apis("a1.v1.a1Kind"), nil), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed}, + }, + }, + }, + { + name: "CSVSucceededToReplacing", + initial: initial{ + csvs: []runtime.Object{ + withAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "csv1", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseReplacing}, + "csv2": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + }, + }, + { + name: "CSVReplacingToDeleted", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseReplacing, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "csv1", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv1", namespace), + ), + withLabels( + deployment("csv2-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv2", namespace), + ), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseDeleting}, + "csv2": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + }, + }, + { + name: "CSVDeletedToGone", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseDeleting, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "csv1", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv1", namespace), + ), + withLabels( + deployment("csv2-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv2", namespace), + ), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: false, phase: v1alpha1.CSVPhaseNone}, + "csv2": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + }, + }, + { + name: "CSVMultipleReplacingToDeleted", + initial: initial{ + // order matters in this test case - we want to apply the latest CSV first to test the GC marking + csvs: []runtime.Object{ + csvWithLabels(csvWithAnnotations(csv("csv3", + namespace, + "0.0.0", + "csv2", + installStrategy("csv3-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), labels.Set{ + resolver.APILabelKeyPrefix + apiHash: "provided", + }), + csvWithLabels(csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseReplacing, + ), defaultTemplateAnnotations), labels.Set{ + resolver.APILabelKeyPrefix + apiHash: "provided", + }), + csvWithLabels(csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "csv1", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseReplacing, + ), defaultTemplateAnnotations), labels.Set{ + resolver.APILabelKeyPrefix + apiHash: "provided", + }), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv1", namespace), + ), + withLabels( + deployment("csv2-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv2", namespace), + ), + withLabels( + deployment("csv3-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv3", namespace), + ), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseReplacing}, + "csv2": {exists: true, phase: v1alpha1.CSVPhaseReplacing}, + "csv3": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + }, + }, + { + name: "CSVMultipleDeletedToGone", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv3", + namespace, + "0.0.0", + "csv2", + installStrategy("csv3-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseDeleting, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "csv1", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseReplacing, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv1", namespace), + ), + withLabels( + deployment("csv2-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv2", namespace), + ), + withLabels( + deployment("csv3-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv3", namespace), + ), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: false, phase: v1alpha1.CSVPhaseNone}, + "csv2": {exists: true, phase: v1alpha1.CSVPhaseDeleting}, + "csv3": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + }, + }, + { + name: "CSVMultipleDeletedToGone/AfterOneDeleted", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "csv1", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseReplacing, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv3", + namespace, + "0.0.0", + "csv2", + installStrategy("csv3-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv2-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv2", namespace), + ), + withLabels( + deployment("csv3-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv3", namespace), + ), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + + "csv1": {exists: false, phase: v1alpha1.CSVPhaseNone}, + "csv2": {exists: true, phase: v1alpha1.CSVPhaseDeleting}, + "csv3": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + }, + }, + { + name: "CSVMultipleDeletedToGone/AfterTwoDeleted", + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv2", + namespace, + "0.0.0", + "csv1", + installStrategy("csv2-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseDeleting, + ), defaultTemplateAnnotations), + csvWithAnnotations(csv("csv3", + namespace, + "0.0.0", + "csv2", + installStrategy("csv3-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseSucceeded, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + crds: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + objs: []runtime.Object{ + withLabels( + deployment("csv2-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv2", namespace), + ), + withLabels( + deployment("csv3-dep1", namespace, "sa", defaultTemplateAnnotations), + ownerLabelFromCSV("csv3", namespace), + ), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv2": {exists: false, phase: v1alpha1.CSVPhaseNone}, + "csv3": {exists: true, phase: v1alpha1.CSVPhaseSucceeded}, + }, + }, + }, + { + name: "SingleCSVNoneToFailed/InterOperatorGroupOwnerConflict", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.APIConflict)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonInterOperatorGroupOwnerConflict}, + }, + }, + }, + { + name: "SingleCSVNoneToNone/AddAPIs", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.AddAPIs)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseNone}, + }, + }, + }, + { + name: "SingleCSVNoneToNone/RemoveAPIs", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.RemoveAPIs)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseNone}, + }, + }, + }, + { + name: "SingleCSVNoneToFailed/StaticOperatorGroup/AddAPIs", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.AddAPIs)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{ + func() *v1.OperatorGroup { + // Make the default OperatorGroup static + static := defaultOperatorGroup.DeepCopy() + static.Spec.StaticProvidedAPIs = true + return static + }(), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs}, + }, + }, + }, + { + name: "SingleCSVNoneToFailed/StaticOperatorGroup/RemoveAPIs", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.RemoveAPIs)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{ + func() *v1.OperatorGroup { + // Make the default OperatorGroup static + static := defaultOperatorGroup.DeepCopy() + static.Spec.StaticProvidedAPIs = true + return static + }(), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs}, + }, + }, + }, + { + name: "SingleCSVNoneToPending/StaticOperatorGroup/NoAPIConflict", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.NoAPIConflict)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{ + func() *v1.OperatorGroup { + // Make the default OperatorGroup static + static := defaultOperatorGroup.DeepCopy() + static.Spec.StaticProvidedAPIs = true + return static + }(), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + }, + }, + { + name: "SingleCSVFailedToPending/InterOperatorGroupOwnerConflict/NoAPIConflict", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.NoAPIConflict)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csvWithStatusReason(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), v1alpha1.CSVReasonInterOperatorGroupOwnerConflict), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + }, + }, + { + name: "SingleCSVFailedToPending/StaticOperatorGroup/CannotModifyStaticOperatorGroupProvidedAPIs/NoAPIConflict", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.NoAPIConflict)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csvWithStatusReason(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{ + func() *v1.OperatorGroup { + // Make the default OperatorGroup static + static := defaultOperatorGroup.DeepCopy() + static.Spec.StaticProvidedAPIs = true + return static + }(), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhasePending}, + }, + }, + }, + { + name: "SingleCSVFailedToFailed/InterOperatorGroupOwnerConflict/APIConflict", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.APIConflict)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csvWithStatusReason(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), v1alpha1.CSVReasonInterOperatorGroupOwnerConflict), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{defaultOperatorGroup}, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonInterOperatorGroupOwnerConflict}, + }, + }, + }, + { + name: "SingleCSVFailedToFailed/StaticOperatorGroup/CannotModifyStaticOperatorGroupProvidedAPIs/AddAPIs", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.AddAPIs)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csvWithStatusReason(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{ + func() *v1.OperatorGroup { + // Make the default OperatorGroup static + static := defaultOperatorGroup.DeepCopy() + static.Spec.StaticProvidedAPIs = true + return static + }(), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs}, + }, + }, + }, + { + name: "SingleCSVFailedToFailed/StaticOperatorGroup/CannotModifyStaticOperatorGroupProvidedAPIs/RemoveAPIs", + config: operatorConfig{apiReconciler: buildFakeAPIIntersectionReconcilerThatReturns(resolver.RemoveAPIs)}, + initial: initial{ + csvs: []runtime.Object{ + csvWithAnnotations(csvWithStatusReason(csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseFailed, + ), v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs), defaultTemplateAnnotations), + }, + clientObjs: []runtime.Object{ + func() *v1.OperatorGroup { + // Make the default OperatorGroup static + static := defaultOperatorGroup.DeepCopy() + static.Spec.StaticProvidedAPIs = true + return static + }(), + }, + }, + expected: expected{ + csvStates: map[string]csvState{ + "csv1": {exists: true, phase: v1alpha1.CSVPhaseFailed, reason: v1alpha1.CSVReasonCannotModifyStaticOperatorGroupProvidedAPIs}, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // Create test operator + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + op, err := NewFakeOperator( + ctx, + withNamespaces(namespace, "kube-system"), + withClientObjs(append(tt.initial.csvs, tt.initial.clientObjs...)...), + withK8sObjs(tt.initial.objs...), + withExtObjs(tt.initial.crds...), + withRegObjs(tt.initial.apis...), + withOperatorNamespace(namespace), + withAPIReconciler(tt.config.apiReconciler), + withAPILabeler(tt.config.apiLabeler), + ) + require.NoError(t, err) + + // run csv sync for each CSV + for _, csv := range tt.initial.csvs { + err := op.syncClusterServiceVersion(csv) + expectedErr := tt.expected.err[csv.(*v1alpha1.ClusterServiceVersion).Name] + require.Equal(t, expectedErr, err) + } + + // get csvs in the cluster + outCSVMap := map[string]*v1alpha1.ClusterServiceVersion{} + outCSVs, err := op.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).List(metav1.ListOptions{}) + require.NoError(t, err) + for _, csv := range outCSVs.Items { + outCSVMap[csv.GetName()] = csv.DeepCopy() + } + + // verify expectations of csvs in cluster + for csvName, csvState := range tt.expected.csvStates { + csv, ok := outCSVMap[csvName] + require.Equal(t, ok, csvState.exists, "%s existence should be %t", csvName, csvState.exists) + if csvState.exists { + require.EqualValues(t, string(csvState.phase), string(csv.Status.Phase), "%s had incorrect phase", csvName) + if csvState.reason != "" { + require.EqualValues(t, string(csvState.reason), string(csv.Status.Reason), "%s had incorrect condition reason", csvName) + } + } + } + + // Verify other objects + if tt.expected.objs != nil { + RequireObjectsInNamespace(t, op.opClient, op.client, namespace, tt.expected.objs) + } + }) + } +} + +func TestUpdates(t *testing.T) { + // A - replacedby -> B - replacedby -> C + namespace := "ns" + defaultOperatorGroup := &v1.OperatorGroup{ + TypeMeta: metav1.TypeMeta{ + Kind: "OperatorGroup", + APIVersion: v1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + Namespace: namespace, + }, + Spec: v1.OperatorGroupSpec{ + TargetNamespaces: []string{namespace}, + }, + Status: v1.OperatorGroupStatus{ + Namespaces: []string{namespace}, + }, + } + defaultTemplateAnnotations := map[string]string{ + v1.OperatorGroupTargetsAnnotationKey: namespace, + v1.OperatorGroupNamespaceAnnotationKey: namespace, + v1.OperatorGroupAnnotationKey: defaultOperatorGroup.GetName(), + } + runningOperator := []runtime.Object{ + withLabels( + deployment("csv1-dep1", namespace, "sa", defaultTemplateAnnotations), + map[string]string{ + ownerutil.OwnerKey: "csv1", + ownerutil.OwnerNamespaceKey: namespace, + ownerutil.OwnerKind: "ClusterServiceVersion", + }, + ), + } + + deleted := v1alpha1.ClusterServiceVersionPhase("deleted") + noPrevious := v1alpha1.ClusterServiceVersionPhase("NoPrevious") + + crd := crd("c1", "v1", "g1") + a := csv("csvA", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone) + b := csv("csvB", + namespace, + "0.0.0", + "csvA", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone) + c := csv("csvC", + namespace, + "0.0.0", + "csvB", + installStrategy("csv1-dep1", nil, nil), + []*v1beta1.CustomResourceDefinition{crd}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone) + + type csvPhases map[string][]v1alpha1.ClusterServiceVersionPhase + tests := []struct { + name string + in []*v1alpha1.ClusterServiceVersion + expected map[string][]v1alpha1.ClusterServiceVersionPhase + }{ + { + name: "abc", + in: []*v1alpha1.ClusterServiceVersion{a, b, c}, + expected: csvPhases{ + "csvA": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseDeleting, + deleted, + deleted, + deleted, + }, + "csvB": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseDeleting, + deleted, + }, + "csvC": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseSucceeded, + }, + }, + }, + { + name: "bac", + in: []*v1alpha1.ClusterServiceVersion{b, a, c}, + expected: csvPhases{ + "csvB": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseDeleting, + deleted, + }, + "csvA": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseDeleting, + deleted, + deleted, + deleted, + deleted, + }, + "csvC": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseSucceeded, + }, + }, + }, + { + name: "cba", + in: []*v1alpha1.ClusterServiceVersion{c, a, b}, + expected: csvPhases{ + "csvC": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseSucceeded, + }, + "csvB": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseDeleting, + deleted, + deleted, + }, + "csvA": { + v1alpha1.CSVPhaseNone, + v1alpha1.CSVPhasePending, + v1alpha1.CSVPhaseInstallReady, + v1alpha1.CSVPhaseInstalling, + v1alpha1.CSVPhaseSucceeded, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseReplacing, + v1alpha1.CSVPhaseDeleting, + deleted, + deleted, + deleted, + deleted, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + t.Parallel() + + // Setup fake operator + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + op, err := NewFakeOperator( + ctx, + withExtObjs(crd), + withClientObjs(defaultOperatorGroup), + withK8sObjs(runningOperator...), + withNamespaces(namespace), + ) + require.NoError(t, err) + + // Create input CSV set + for _, csv := range tt.in { + _, err := op.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Create(csv) + require.NoError(t, err) + } + + for i := range tt.expected["csvA"] { + // sync all csvs once + for _, csv := range tt.in { + name := csv.GetName() + expectedCurrent := tt.expected[name][i] + var expectedPrevious v1alpha1.ClusterServiceVersionPhase + if i > 0 { + expectedPrevious = tt.expected[name][i-1] + } else { + expectedPrevious = noPrevious + } + + if expectedPrevious == deleted { + // don't sync previously deleted csvs + continue + } + + // Get the CSV from the cluster + fetched, err := op.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(name, metav1.GetOptions{}) + require.NoError(t, err) + + // Sync the CSV once + _ = op.syncClusterServiceVersion(fetched) + + // If the csv was deleted by the sync, we don't bother waiting for listers to sync + if expectedCurrent == deleted { + continue + } + + // If we expect a change, wait for listers to sync the change so that the next sync reflects the changes + if expectedCurrent != expectedPrevious { + err = wait.PollImmediate(1*time.Millisecond, 5*time.Second, func() (bool, error) { + updated, err := op.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(namespace).Get(csv.GetName()) + if k8serrors.IsNotFound(err) { + return false, nil + } + return !equality.Semantic.DeepEqual(updated, fetched), err + }) + require.NoError(t, err) + } + } + + // check that each csv is in the expected phase + for _, csv := range tt.in { + expectedPhase := tt.expected[csv.GetName()][i] + if expectedPhase != deleted { + fetched, err := op.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(csv.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + t.Logf("%s - %v", csv.GetName(), fetched.Status) + require.Equal(t, string(expectedPhase), string(fetched.Status.Phase), "incorrect phase for %s at index %d", csv.GetName(), i) + } else { + _, err := op.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(csv.GetName(), metav1.GetOptions{}) + require.Error(t, err) + } + } + } + }) + } +} + +func TestSyncOperatorGroups(t *testing.T) { + logrus.SetLevel(logrus.DebugLevel) + clockFake := utilclock.NewFakeClock(time.Date(2006, time.January, 2, 15, 4, 5, 0, time.FixedZone("MST", -7*3600))) + now := metav1.NewTime(clockFake.Now().UTC()) + + operatorNamespace := "operator-ns" + targetNamespace := "target-ns" + + serviceAccount := serviceAccount("sa", operatorNamespace) + + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: serviceAccount.GetName(), + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{"my.api.group"}, + Resources: []string{"apis"}, + }, + }, + }, + } + + crd := crd("c1", "v1", "fake.api.group") + operatorCSV := csvWithLabels(csv("csv1", + operatorNamespace, + "0.0.0", + "", + installStrategy("csv1-dep1", permissions, nil), + []*v1beta1.CustomResourceDefinition{crd}, + []*v1beta1.CustomResourceDefinition{}, + v1alpha1.CSVPhaseNone, + ), labels.Set{resolver.APILabelKeyPrefix + "9f4c46c37bdff8d0": "provided"}) + + serverVersion := version.Get().String() + // after state transitions from operatorgroups, this is the operator csv we expect + operatorCSVFinal := operatorCSV.DeepCopy() + operatorCSVFinal.Status.Phase = v1alpha1.CSVPhaseSucceeded + operatorCSVFinal.Status.Message = "install strategy completed with no errors" + operatorCSVFinal.Status.Reason = v1alpha1.CSVReasonInstallSuccessful + operatorCSVFinal.Status.LastUpdateTime = now + operatorCSVFinal.Status.LastTransitionTime = now + operatorCSVFinal.Status.RequirementStatus = []v1alpha1.RequirementStatus{ + { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + Message: "CSV minKubeVersion (0.0.0) less than server version (" + serverVersion + ")", + }, + { + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: crd.GetName(), + Status: v1alpha1.RequirementStatusReasonPresent, + Message: "CRD is present and Established condition is true", + }, + { + Group: "", + Version: "v1", + Kind: "ServiceAccount", + Name: serviceAccount.GetName(), + Status: v1alpha1.RequirementStatusReasonPresent, + Dependents: []v1alpha1.DependentStatus{ + { + Group: "rbac.authorization.k8s.io", + Version: "v1beta1", + Kind: "PolicyRule", + Status: "Satisfied", + Message: "namespaced rule:{\"verbs\":[\"get\"],\"apiGroups\":[\"my.api.group\"],\"resources\":[\"apis\"]}", + }, + }, + }, + } + operatorCSVFinal.Status.Conditions = []v1alpha1.ClusterServiceVersionCondition{ + { + Phase: v1alpha1.CSVPhasePending, + Reason: v1alpha1.CSVReasonRequirementsUnknown, + Message: "requirements not yet checked", + LastUpdateTime: now, + LastTransitionTime: now, + }, + { + Phase: v1alpha1.CSVPhaseInstallReady, + Reason: v1alpha1.CSVReasonRequirementsMet, + Message: "all requirements found, attempting install", + LastUpdateTime: now, + LastTransitionTime: now, + }, + { + Phase: v1alpha1.CSVPhaseInstalling, + Reason: v1alpha1.CSVReasonInstallSuccessful, + Message: "waiting for install components to report healthy", + LastUpdateTime: now, + LastTransitionTime: now, + }, + { + Phase: v1alpha1.CSVPhaseSucceeded, + Reason: v1alpha1.CSVReasonInstallSuccessful, + Message: "install strategy completed with no errors", + LastUpdateTime: now, + LastTransitionTime: now, + }, + } + + // Failed CSV due to operatorgroup namespace selector doesn't any existing namespaces + operatorCSVFailedNoTargetNS := operatorCSV.DeepCopy() + operatorCSVFailedNoTargetNS.Status.Phase = v1alpha1.CSVPhaseFailed + operatorCSVFailedNoTargetNS.Status.Message = "no targetNamespaces are matched operatorgroups namespace selection" + operatorCSVFailedNoTargetNS.Status.Reason = v1alpha1.CSVReasonNoTargetNamespaces + operatorCSVFailedNoTargetNS.Status.LastUpdateTime = now + operatorCSVFailedNoTargetNS.Status.LastTransitionTime = now + operatorCSVFailedNoTargetNS.Status.Conditions = []v1alpha1.ClusterServiceVersionCondition{ + { + Phase: v1alpha1.CSVPhaseFailed, + Reason: v1alpha1.CSVReasonNoTargetNamespaces, + Message: "no targetNamespaces are matched operatorgroups namespace selection", + LastUpdateTime: now, + LastTransitionTime: now, + }, + } + + targetCSV := operatorCSVFinal.DeepCopy() + targetCSV.SetNamespace(targetNamespace) + targetCSV.Status.Reason = v1alpha1.CSVReasonCopied + targetCSV.Status.Message = "The operator is running in operator-ns but is managing this namespace" + targetCSV.Status.LastUpdateTime = now + + ownerutil.AddNonBlockingOwner(serviceAccount, operatorCSV) + + ownedDeployment := deployment("csv1-dep1", operatorNamespace, serviceAccount.GetName(), nil) + ownerutil.AddNonBlockingOwner(ownedDeployment, operatorCSV) + + annotatedDeployment := ownedDeployment.DeepCopy() + annotatedDeployment.Spec.Template.SetAnnotations(map[string]string{v1.OperatorGroupTargetsAnnotationKey: operatorNamespace + "," + targetNamespace, v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}) + annotatedDeployment.SetLabels(map[string]string{ + "olm.owner": "csv1", + "olm.owner.namespace": "operator-ns", + "olm.owner.kind": "ClusterServiceVersion", + }) + + annotatedGlobalDeployment := ownedDeployment.DeepCopy() + annotatedGlobalDeployment.Spec.Template.SetAnnotations(map[string]string{v1.OperatorGroupTargetsAnnotationKey: "", v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}) + annotatedGlobalDeployment.SetLabels(map[string]string{ + "olm.owner": "csv1", + "olm.owner.namespace": "operator-ns", + "olm.owner.kind": "ClusterServiceVersion", + }) + + role := &rbacv1.Role{ + TypeMeta: metav1.TypeMeta{ + Kind: "Role", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "csv-role", + Namespace: operatorNamespace, + Labels: ownerutil.OwnerLabel(operatorCSV, v1alpha1.ClusterServiceVersionKind), + OwnerReferences: []metav1.OwnerReference{ownerutil.NonBlockingOwner(operatorCSV)}, + }, + Rules: permissions[0].Rules, + } + + roleBinding := &rbacv1.RoleBinding{ + TypeMeta: metav1.TypeMeta{ + Kind: "RoleBinding", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "csv-rolebinding", + Namespace: operatorNamespace, + Labels: ownerutil.OwnerLabel(operatorCSV, v1alpha1.ClusterServiceVersionKind), + OwnerReferences: []metav1.OwnerReference{ownerutil.NonBlockingOwner(operatorCSV)}, + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: serviceAccount.GetObjectKind().GroupVersionKind().Group, + Name: serviceAccount.GetName(), + Namespace: serviceAccount.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: rbacv1.GroupName, + Kind: role.GetObjectKind().GroupVersionKind().Kind, + Name: role.GetName(), + }, + } + + type initial struct { + operatorGroup *v1.OperatorGroup + clientObjs []runtime.Object + crds []runtime.Object + k8sObjs []runtime.Object + apis []runtime.Object + } + type final struct { + objects map[string][]runtime.Object + } + tests := []struct { + initial initial + name string + expectedEqual bool + expectedStatus v1.OperatorGroupStatus + final final + ignoreCopyError bool + }{ + { + name: "NoMatchingNamespace/NoCSVs", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + }, + Spec: v1.OperatorGroupSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{"a": "app-a"}, + }, + }, + }, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + }, + }, + }, + }, + expectedStatus: v1.OperatorGroupStatus{}, + }, + { + name: "NoMatchingNamespace/CSVPresent", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + }, + Spec: v1.OperatorGroupSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{"a": "app-a"}, + }, + }, + }, + clientObjs: []runtime.Object{operatorCSV}, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + }, + }, + ownedDeployment, + serviceAccount, + role, + roleBinding, + }, + crds: []runtime.Object{crd}, + }, + expectedStatus: v1.OperatorGroupStatus{}, + final: final{objects: map[string][]runtime.Object{ + operatorNamespace: { + withAnnotations(operatorCSVFailedNoTargetNS.DeepCopy(), map[string]string{v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + }, + }}, + ignoreCopyError: true, + }, + { + name: "MatchingNamespace/NoCSVs", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + }, + Spec: v1.OperatorGroupSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{"app": "app-a"}, + }, + }, + }, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + Labels: map[string]string{"app": "app-a"}, + }, + }, + }, + }, + expectedStatus: v1.OperatorGroupStatus{ + Namespaces: []string{targetNamespace}, + LastUpdated: now, + }, + }, + { + name: "MatchingNamespace/CSVPresent/Found", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + }, + Spec: v1.OperatorGroupSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{"app": "app-a"}, + }, + }, + }, + clientObjs: []runtime.Object{operatorCSV}, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + Labels: map[string]string{"app": "app-a"}, + }, + }, + ownedDeployment, + serviceAccount, + role, + roleBinding, + }, + crds: []runtime.Object{crd}, + }, + expectedStatus: v1.OperatorGroupStatus{ + Namespaces: []string{operatorNamespace, targetNamespace}, + LastUpdated: now, + }, + final: final{objects: map[string][]runtime.Object{ + operatorNamespace: { + withAnnotations(operatorCSVFinal.DeepCopy(), map[string]string{v1.OperatorGroupTargetsAnnotationKey: operatorNamespace + "," + targetNamespace, v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + annotatedDeployment, + }, + targetNamespace: { + withLabels( + withAnnotations(targetCSV.DeepCopy(), map[string]string{v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + labels.Merge(targetCSV.GetLabels(), map[string]string{v1alpha1.CopiedLabelKey: operatorNamespace}), + ), + &rbacv1.Role{ + TypeMeta: metav1.TypeMeta{ + Kind: "Role", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + ResourceVersion: "0", + Name: "csv-role", + Namespace: targetNamespace, + Labels: map[string]string{ + "olm.copiedFrom": "operator-ns", + "olm.owner": "csv1", + "olm.owner.namespace": "target-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerutil.NonBlockingOwner(targetCSV), + }, + }, + Rules: permissions[0].Rules, + }, + &rbacv1.RoleBinding{ + TypeMeta: metav1.TypeMeta{ + Kind: "RoleBinding", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + ResourceVersion: "0", + Name: "csv-rolebinding", + Namespace: targetNamespace, + Labels: map[string]string{ + "olm.copiedFrom": "operator-ns", + "olm.owner": "csv1", + "olm.owner.namespace": "target-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerutil.NonBlockingOwner(targetCSV), + }, + }, + Subjects: []rbacv1.Subject{ + { + Kind: rbacv1.ServiceAccountKind, + Name: serviceAccount.GetName(), + Namespace: operatorNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: rbacv1.GroupName, + Kind: role.GroupVersionKind().Kind, + Name: "csv-role", + }, + }, + }, + }}, + }, + { + name: "MatchingNamespace/CSVPresent/Found/ExplicitTargetNamespaces", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + }, + Spec: v1.OperatorGroupSpec{ + TargetNamespaces: []string{operatorNamespace, targetNamespace}, + }, + }, + clientObjs: []runtime.Object{operatorCSV}, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + }, + }, + ownedDeployment, + serviceAccount, + role, + roleBinding, + }, + crds: []runtime.Object{crd}, + }, + expectedStatus: v1.OperatorGroupStatus{ + Namespaces: []string{operatorNamespace, targetNamespace}, + LastUpdated: now, + }, + final: final{objects: map[string][]runtime.Object{ + operatorNamespace: { + withAnnotations(operatorCSVFinal.DeepCopy(), map[string]string{v1.OperatorGroupTargetsAnnotationKey: operatorNamespace + "," + targetNamespace, v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + annotatedDeployment, + }, + targetNamespace: { + withLabels( + withAnnotations(targetCSV.DeepCopy(), map[string]string{v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + labels.Merge(targetCSV.GetLabels(), map[string]string{v1alpha1.CopiedLabelKey: operatorNamespace}), + ), + &rbacv1.Role{ + TypeMeta: metav1.TypeMeta{ + Kind: "Role", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + ResourceVersion: "0", + Name: "csv-role", + Namespace: targetNamespace, + Labels: map[string]string{ + "olm.copiedFrom": "operator-ns", + "olm.owner": "csv1", + "olm.owner.namespace": "target-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerutil.NonBlockingOwner(targetCSV), + }, + }, + Rules: permissions[0].Rules, + }, + &rbacv1.RoleBinding{ + TypeMeta: metav1.TypeMeta{ + Kind: "RoleBinding", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + ResourceVersion: "0", + Name: "csv-rolebinding", + Namespace: targetNamespace, + Labels: map[string]string{ + "olm.copiedFrom": "operator-ns", + "olm.owner": "csv1", + "olm.owner.namespace": "target-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + OwnerReferences: []metav1.OwnerReference{ + ownerutil.NonBlockingOwner(targetCSV), + }, + }, + Subjects: []rbacv1.Subject{ + { + Kind: rbacv1.ServiceAccountKind, + Name: serviceAccount.GetName(), + Namespace: operatorNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: rbacv1.GroupName, + Kind: role.GroupVersionKind().Kind, + Name: "csv-role", + }, + }, + }, + }}, + }, + { + name: "AllNamespaces/CSVPresent/Found", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + }, + Spec: v1.OperatorGroupSpec{}, + }, + clientObjs: []runtime.Object{operatorCSV}, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{"test": "annotation"}, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{"test": "annotation"}, + }, + }, + ownedDeployment, + serviceAccount, + role, + roleBinding, + }, + crds: []runtime.Object{crd}, + }, + expectedStatus: v1.OperatorGroupStatus{ + Namespaces: []string{corev1.NamespaceAll}, + LastUpdated: now, + }, + final: final{objects: map[string][]runtime.Object{ + operatorNamespace: { + withAnnotations(operatorCSVFinal.DeepCopy(), map[string]string{v1.OperatorGroupTargetsAnnotationKey: "", v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + annotatedGlobalDeployment, + }, + "": { + &rbacv1.ClusterRole{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterRole", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "csv-role", + Labels: map[string]string{ + "olm.owner": "csv1", + "olm.owner.namespace": "operator-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + }, + Rules: append(permissions[0].Rules, rbacv1.PolicyRule{ + Verbs: ViewVerbs, + APIGroups: []string{corev1.GroupName}, + Resources: []string{"namespaces"}, + }), + }, + &rbacv1.ClusterRoleBinding{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterRoleBinding", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "csv-rolebinding", + Labels: map[string]string{ + "olm.owner": "csv1", + "olm.owner.namespace": "operator-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + }, + Subjects: []rbacv1.Subject{ + { + Kind: rbacv1.ServiceAccountKind, + Name: serviceAccount.GetName(), + Namespace: operatorNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: rbacv1.GroupName, + Kind: "ClusterRole", + Name: "csv-role", + }, + }, + }, + targetNamespace: { + withLabels( + withAnnotations(targetCSV.DeepCopy(), map[string]string{v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + labels.Merge(targetCSV.GetLabels(), map[string]string{v1alpha1.CopiedLabelKey: operatorNamespace}), + ), + }, + }}, + }, + { + name: "AllNamespaces/CSVPresent/Found/PruneMissingProvidedAPI", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{ + v1.OperatorGroupProvidedAPIsAnnotationKey: "c1.v1.fake.api.group,missing.v1.fake.api.group", + }, + }, + Spec: v1.OperatorGroupSpec{}, + }, + clientObjs: []runtime.Object{operatorCSV}, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{"test": "annotation"}, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{"test": "annotation"}, + }, + }, + ownedDeployment, + serviceAccount, + role, + roleBinding, + }, + crds: []runtime.Object{crd}, + }, + expectedStatus: v1.OperatorGroupStatus{ + Namespaces: []string{corev1.NamespaceAll}, + LastUpdated: now, + }, + final: final{objects: map[string][]runtime.Object{ + operatorNamespace: { + withAnnotations(operatorCSVFinal.DeepCopy(), map[string]string{v1.OperatorGroupTargetsAnnotationKey: "", v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + annotatedGlobalDeployment, + &v1.OperatorGroup{ + TypeMeta: metav1.TypeMeta{ + Kind: v1.OperatorGroupKind, + APIVersion: strings.Join([]string{v1.GroupName, v1.GroupVersion}, "/"), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{ + v1.OperatorGroupProvidedAPIsAnnotationKey: "c1.v1.fake.api.group", + }, + }, + Spec: v1.OperatorGroupSpec{}, + Status: v1.OperatorGroupStatus{ + Namespaces: []string{corev1.NamespaceAll}, + LastUpdated: now, + }, + }, + }, + "": { + &rbacv1.ClusterRole{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterRole", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "csv-role", + Labels: map[string]string{ + "olm.owner": "csv1", + "olm.owner.namespace": "operator-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + }, + Rules: append(permissions[0].Rules, rbacv1.PolicyRule{ + Verbs: ViewVerbs, + APIGroups: []string{corev1.GroupName}, + Resources: []string{"namespaces"}, + }), + }, + &rbacv1.ClusterRoleBinding{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterRoleBinding", + APIVersion: rbacv1.GroupName, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "csv-rolebinding", + Labels: map[string]string{ + "olm.owner": "csv1", + "olm.owner.namespace": "operator-ns", + "olm.owner.kind": "ClusterServiceVersion", + }, + }, + Subjects: []rbacv1.Subject{ + { + Kind: rbacv1.ServiceAccountKind, + Name: serviceAccount.GetName(), + Namespace: operatorNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: rbacv1.GroupName, + Kind: "ClusterRole", + Name: "csv-role", + }, + }, + }, + targetNamespace: { + withLabels( + withAnnotations(targetCSV.DeepCopy(), map[string]string{v1.OperatorGroupAnnotationKey: "operator-group-1", v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace}), + labels.Merge(targetCSV.GetLabels(), map[string]string{v1alpha1.CopiedLabelKey: operatorNamespace}), + ), + }, + }}, + }, + { + name: "AllNamespaces/CSVPresent/Found/PruneMissingProvidedAPI/StaticProvidedAPIs", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{ + v1.OperatorGroupProvidedAPIsAnnotationKey: "missing.fake.api.group", + }, + }, + Spec: v1.OperatorGroupSpec{ + StaticProvidedAPIs: true, + }, + }, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{"test": "annotation"}, + }, + }, + }, + }, + expectedStatus: v1.OperatorGroupStatus{ + Namespaces: []string{corev1.NamespaceAll}, + LastUpdated: now, + }, + final: final{objects: map[string][]runtime.Object{ + operatorNamespace: { + &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + Labels: map[string]string{"app": "app-a"}, + Annotations: map[string]string{ + v1.OperatorGroupProvidedAPIsAnnotationKey: "missing.fake.api.group", + }, + }, + Spec: v1.OperatorGroupSpec{ + StaticProvidedAPIs: true, + }, + Status: v1.OperatorGroupStatus{ + Namespaces: []string{corev1.NamespaceAll}, + LastUpdated: now, + }, + }, + }, + }}, + }, + { + name: "AllNamespaces/CSVPresent/InstallModeNotSupported", + expectedEqual: true, + initial: initial{ + operatorGroup: &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator-group-1", + Namespace: operatorNamespace, + }, + Spec: v1.OperatorGroupSpec{}, + }, + clientObjs: []runtime.Object{ + withInstallModes(operatorCSV.DeepCopy(), []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: false, + }, + }), + }, + k8sObjs: []runtime.Object{ + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: operatorNamespace, + Annotations: map[string]string{"test": "annotation"}, + }, + }, + &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: targetNamespace, + Annotations: map[string]string{"test": "annotation"}, + }, + }, + ownedDeployment, + serviceAccount, + role, + roleBinding, + }, + crds: []runtime.Object{crd}, + }, + expectedStatus: v1.OperatorGroupStatus{ + Namespaces: []string{corev1.NamespaceAll}, + LastUpdated: now, + }, + final: final{objects: map[string][]runtime.Object{ + operatorNamespace: { + withPhase( + withInstallModes( + withAnnotations(operatorCSV.DeepCopy(), map[string]string{ + v1.OperatorGroupTargetsAnnotationKey: "", + v1.OperatorGroupAnnotationKey: "operator-group-1", + v1.OperatorGroupNamespaceAnnotationKey: operatorNamespace, + }).(*v1alpha1.ClusterServiceVersion), + []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: false, + }, + }), v1alpha1.CSVPhaseFailed, + v1alpha1.CSVReasonUnsupportedOperatorGroup, + "AllNamespaces InstallModeType not supported, cannot configure to watch all namespaces", + now), + }, + "": {}, + targetNamespace: {}, + }}, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + namespaces := []string{} + // Pick out Namespaces + for _, obj := range tt.initial.k8sObjs { + if ns, ok := obj.(*corev1.Namespace); ok { + namespaces = append(namespaces, ns.GetName()) + } + } + + // Append operatorGroup to initialObjs + tt.initial.clientObjs = append(tt.initial.clientObjs, tt.initial.operatorGroup) + + // Create test operator + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + op, err := NewFakeOperator( + ctx, + withClock(clockFake), + withNamespaces(namespaces...), + withOperatorNamespace(operatorNamespace), + withClientObjs(tt.initial.clientObjs...), + withK8sObjs(tt.initial.k8sObjs...), + withExtObjs(tt.initial.crds...), + withRegObjs(tt.initial.apis...), + ) + require.NoError(t, err) + + err = op.syncOperatorGroups(tt.initial.operatorGroup) + require.NoError(t, err) + + // wait on operator group updated status to be in the cache as it is required for later CSV operations + err = wait.PollImmediate(1*time.Millisecond, 5*time.Second, func() (bool, error) { + operatorGroup, err := op.lister.OperatorsV1().OperatorGroupLister().OperatorGroups(tt.initial.operatorGroup.GetNamespace()).Get(tt.initial.operatorGroup.GetName()) + if err != nil { + return false, err + } + sort.Strings(tt.expectedStatus.Namespaces) + sort.Strings(operatorGroup.Status.Namespaces) + if !reflect.DeepEqual(tt.expectedStatus, operatorGroup.Status) { + return false, err + } + return true, nil + }) + require.NoError(t, err) + + // this must be done twice to have annotateCSVs run in syncOperatorGroups + // and to catch provided API changes + err = op.syncOperatorGroups(tt.initial.operatorGroup) + require.NoError(t, err) + + // Sync csvs enough to get them back to succeeded state + for i := 0; i < 8; i++ { + opGroupCSVs, err := op.client.OperatorsV1alpha1().ClusterServiceVersions(operatorNamespace).List(metav1.ListOptions{}) + require.NoError(t, err) + + for i, obj := range opGroupCSVs.Items { + + err = op.syncClusterServiceVersion(&obj) + require.NoError(t, err, "%#v", obj) + + err = op.syncCopyCSV(&obj) + if !tt.ignoreCopyError { + require.NoError(t, err, "%#v", obj) + } + + if i == 0 { + err = wait.PollImmediate(1*time.Millisecond, 5*time.Second, func() (bool, error) { + for namespace, objects := range tt.final.objects { + if err := RequireObjectsInCache(t, op.lister, namespace, objects, false); err != nil { + return false, nil + } + } + return true, nil + }) + require.NoError(t, err) + } + + if i == 8 { + err = wait.PollImmediate(1*time.Millisecond, 5*time.Second, func() (bool, error) { + for namespace, objects := range tt.final.objects { + if err := RequireObjectsInCache(t, op.lister, namespace, objects, true); err != nil { + return false, nil + } + } + return true, nil + }) + require.NoError(t, err) + } + } + } + + operatorGroup, err := op.client.OperatorsV1().OperatorGroups(tt.initial.operatorGroup.GetNamespace()).Get(tt.initial.operatorGroup.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + sort.Strings(tt.expectedStatus.Namespaces) + sort.Strings(operatorGroup.Status.Namespaces) + assert.Equal(t, tt.expectedStatus, operatorGroup.Status) + + for namespace, objects := range tt.final.objects { + RequireObjectsInNamespace(t, op.opClient, op.client, namespace, objects) + } + }) + } +} + +func RequireObjectsInCache(t *testing.T, lister operatorlister.OperatorLister, namespace string, objects []runtime.Object, doCompare bool) error { + for _, object := range objects { + var err error + var fetched runtime.Object + switch o := object.(type) { + case *appsv1.Deployment: + fetched, err = lister.AppsV1().DeploymentLister().Deployments(namespace).Get(o.GetName()) + case *rbacv1.ClusterRole: + fetched, err = lister.RbacV1().ClusterRoleLister().Get(o.GetName()) + case *rbacv1.Role: + fetched, err = lister.RbacV1().RoleLister().Roles(namespace).Get(o.GetName()) + case *rbacv1.ClusterRoleBinding: + fetched, err = lister.RbacV1().ClusterRoleBindingLister().Get(o.GetName()) + case *rbacv1.RoleBinding: + fetched, err = lister.RbacV1().RoleBindingLister().RoleBindings(namespace).Get(o.GetName()) + case *v1alpha1.ClusterServiceVersion: + fetched, err = lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(namespace).Get(o.GetName()) + case *v1.OperatorGroup: + fetched, err = lister.OperatorsV1().OperatorGroupLister().OperatorGroups(namespace).Get(o.GetName()) + default: + require.Failf(t, "couldn't find expected object", "%#v", object) + } + if err != nil { + return fmt.Errorf("namespace: %v, error: %v", namespace, err) + } + if doCompare { + if !reflect.DeepEqual(object, fetched) { + diff.ObjectDiff(object, fetched) + return fmt.Errorf("expected object didn't match %v", object) + } + } + } + return nil +} + +func RequireObjectsInNamespace(t *testing.T, opClient operatorclient.ClientInterface, client versioned.Interface, namespace string, objects []runtime.Object) { + for _, object := range objects { + var err error + var fetched runtime.Object + switch o := object.(type) { + case *appsv1.Deployment: + fetched, err = opClient.GetDeployment(namespace, o.GetName()) + case *rbacv1.ClusterRole: + fetched, err = opClient.GetClusterRole(o.GetName()) + case *rbacv1.Role: + fetched, err = opClient.GetRole(namespace, o.GetName()) + case *rbacv1.ClusterRoleBinding: + fetched, err = opClient.GetClusterRoleBinding(o.GetName()) + case *rbacv1.RoleBinding: + fetched, err = opClient.GetRoleBinding(namespace, o.GetName()) + case *v1alpha1.ClusterServiceVersion: + fetched, err = client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(o.GetName(), metav1.GetOptions{}) + case *v1.OperatorGroup: + fetched, err = client.OperatorsV1().OperatorGroups(namespace).Get(o.GetName(), metav1.GetOptions{}) + default: + require.Failf(t, "couldn't find expected object", "%#v", object) + } + require.NoError(t, err, "couldn't fetch %s %v", namespace, object) + require.True(t, reflect.DeepEqual(object, fetched), diff.ObjectDiff(object, fetched)) + } +} + +func TestIsReplacing(t *testing.T) { + logrus.SetLevel(logrus.DebugLevel) + namespace := "ns" + + type initial struct { + csvs []runtime.Object + } + tests := []struct { + name string + initial initial + in *v1alpha1.ClusterServiceVersion + expected *v1alpha1.ClusterServiceVersion + }{ + { + name: "QueryErr", + in: csv("name", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: []runtime.Object{}, + }, + expected: nil, + }, + { + name: "CSVInCluster/NotReplacing", + in: csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: []runtime.Object{ + csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + }, + expected: nil, + }, + { + name: "CSVInCluster/Replacing", + in: csv("csv2", namespace, "0.0.0", "csv1", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: []runtime.Object{ + csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + }, + expected: csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + { + name: "CSVInCluster/ReplacingNotFound", + in: csv("csv2", namespace, "0.0.0", "csv1", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: []runtime.Object{ + csv("csv3", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + }, + expected: nil, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // Create test operator + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + op, err := NewFakeOperator(ctx, withNamespaces(namespace), withClientObjs(tt.initial.csvs...)) + require.NoError(t, err) + + require.Equal(t, tt.expected, op.isReplacing(tt.in)) + }) + } +} + +func TestIsBeingReplaced(t *testing.T) { + namespace := "ns" + + type initial struct { + csvs map[string]*v1alpha1.ClusterServiceVersion + } + tests := []struct { + name string + initial initial + in *v1alpha1.ClusterServiceVersion + expected *v1alpha1.ClusterServiceVersion + }{ + { + name: "QueryErr", + in: csv("name", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + expected: nil, + }, + { + name: "CSVInCluster/NotReplacing", + in: csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: map[string]*v1alpha1.ClusterServiceVersion{ + "csv2": csv("csv2", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + }, + expected: nil, + }, + { + name: "CSVInCluster/Replacing", + in: csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: map[string]*v1alpha1.ClusterServiceVersion{ + "csv2": csv("csv2", namespace, "0.0.0", "csv1", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + }, + expected: csv("csv2", namespace, "0.0.0", "csv1", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + op, err := NewFakeOperator(ctx, withNamespaces(namespace)) + require.NoError(t, err) + + require.Equal(t, tt.expected, op.isBeingReplaced(tt.in, tt.initial.csvs)) + }) + } +} + +func TestCheckReplacement(t *testing.T) { + namespace := "ns" + + type initial struct { + csvs map[string]*v1alpha1.ClusterServiceVersion + } + tests := []struct { + name string + initial initial + in *v1alpha1.ClusterServiceVersion + expected *v1alpha1.ClusterServiceVersion + }{ + { + name: "QueryErr", + in: csv("name", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + expected: nil, + }, + { + name: "CSVInCluster/NotReplacing", + in: csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: map[string]*v1alpha1.ClusterServiceVersion{ + "csv2": csv("csv2", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + }, + expected: nil, + }, + { + name: "CSVInCluster/Replacing", + in: csv("csv1", namespace, "0.0.0", "", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + initial: initial{ + csvs: map[string]*v1alpha1.ClusterServiceVersion{ + "csv2": csv("csv2", namespace, "0.0.0", "csv1", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + }, + expected: csv("csv2", namespace, "0.0.0", "csv1", installStrategy("dep", nil, nil), nil, nil, v1alpha1.CSVPhaseSucceeded), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + op, err := NewFakeOperator(ctx, withNamespaces(namespace)) + require.NoError(t, err) + require.Equal(t, tt.expected, op.isBeingReplaced(tt.in, tt.initial.csvs)) + }) + } +} + +func TestAPIServiceResourceErrorActionable(t *testing.T) { + tests := []struct { + name string + errs []error + actionable bool + }{ + { + name: "Nil/Actionable", + errs: nil, + actionable: true, + }, + { + name: "Empty/Actionable", + errs: nil, + actionable: true, + }, + { + name: "Error/Actionable", + errs: []error{fmt.Errorf("err-a")}, + actionable: true, + }, + { + name: "Errors/Actionable", + errs: []error{fmt.Errorf("err-a"), fmt.Errorf("err-b")}, + actionable: true, + }, + { + name: "ContainsUnadoptable/NotActionable", + errs: []error{fmt.Errorf("err-a"), olmerrors.UnadoptableError{}}, + actionable: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + op := &Operator{} + aggregate := utilerrors.NewAggregate(tt.errs) + require.Equal(t, tt.actionable, op.apiServiceResourceErrorActionable(aggregate)) + }) + } + +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operatorgroup.go new file mode 100644 index 000000000..e1878a0ce --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/operatorgroup.go @@ -0,0 +1,867 @@ +package olm + +import ( + "fmt" + "reflect" + "strings" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/sirupsen/logrus" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/util/errors" + utillabels "k8s.io/kubernetes/pkg/util/labels" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +const ( + operatorGroupAggregrationKeyPrefix = "olm.opgroup.permissions/aggregate-to-" + kubeRBACAggregationKeyPrefix = "rbac.authorization.k8s.io/aggregate-to-" + AdminSuffix = "admin" + EditSuffix = "edit" + ViewSuffix = "view" +) + +var ( + AdminVerbs = []string{"*"} + EditVerbs = []string{"create", "update", "patch", "delete"} + ViewVerbs = []string{"get", "list", "watch"} + Suffices = []string{AdminSuffix, EditSuffix, ViewSuffix} + VerbsForSuffix = map[string][]string{ + AdminSuffix: AdminVerbs, + EditSuffix: EditVerbs, + ViewSuffix: ViewVerbs, + } +) + +func (a *Operator) syncOperatorGroups(obj interface{}) error { + op, ok := obj.(*v1.OperatorGroup) + if !ok { + a.logger.Debugf("wrong type: %#v\n", obj) + return fmt.Errorf("casting OperatorGroup failed") + } + + logger := a.logger.WithFields(logrus.Fields{ + "operatorGroup": op.GetName(), + "namespace": op.GetNamespace(), + }) + + targetNamespaces, err := a.updateNamespaceList(op) + if err != nil { + logger.WithError(err).Warn("issue getting operatorgroup target namespaces") + return err + } + logger.WithField("targetNamespaces", targetNamespaces).Debug("updated target namespaces") + + if namespacesChanged(targetNamespaces, op.Status.Namespaces) { + // Update operatorgroup target namespace selection + logger.WithField("targets", targetNamespaces).Debug("namespace change detected") + op.Status = v1.OperatorGroupStatus{ + Namespaces: targetNamespaces, + LastUpdated: a.now(), + } + + if _, err = a.client.OperatorsV1().OperatorGroups(op.GetNamespace()).UpdateStatus(op); err != nil && !k8serrors.IsNotFound(err) { + logger.WithError(err).Warn("operatorgroup update failed") + return err + } + logger.Debug("namespace change detected and operatorgroup status updated") + // CSV requeue is handled by the succeeding sync in `annotateCSVs` + return nil + } + + logger.Debug("check that operatorgroup has updated CSV anotations") + err = a.annotateCSVs(op, targetNamespaces, logger) + if err != nil { + logger.WithError(err).Warn("failed to annotate CSVs in operatorgroup after group change") + return err + } + logger.Debug("OperatorGroup CSV annotation completed") + + if err := a.ensureOpGroupClusterRoles(op); err != nil { + logger.WithError(err).Warn("failed to ensure operatorgroup clusterroles") + return err + } + logger.Debug("operatorgroup clusterroles ensured") + + // Requeue all CSVs that provide the same APIs (including those removed). This notifies conflicting CSVs in + // intersecting groups that their conflict has possibly been resolved, either through resizing or through + // deletion of the conflicting CSV. + groupSurface := resolver.NewOperatorGroup(op) + groupProvidedAPIs := groupSurface.ProvidedAPIs() + providedAPIsForCSVs := a.providedAPIsFromCSVs(op, logger) + providedAPIsForGroup := providedAPIsForCSVs.Union(groupProvidedAPIs) + + csvs, err := a.findCSVsThatProvideAnyOf(providedAPIsForGroup) + if err != nil { + logger.WithError(err).Warn("could not find csvs that provide group apis") + } + for _, csv := range csvs { + logger.WithFields(logrus.Fields{ + "csv": csv.GetName(), + "namespace": csv.GetNamespace(), + }).Debug("requeueing provider") + if err := a.csvQueueSet.Requeue(csv.GetNamespace(), csv.GetName()); err != nil { + logger.WithError(err).Warn("could not requeue provider") + } + } + + a.pruneProvidedAPIs(op, groupProvidedAPIs, providedAPIsForCSVs, logger) + return nil +} + +func (a *Operator) operatorGroupDeleted(obj interface{}) { + op, ok := obj.(*v1.OperatorGroup) + if !ok { + a.logger.Debugf("casting OperatorGroup failed, wrong type: %#v\n", obj) + return + } + + logger := a.logger.WithFields(logrus.Fields{ + "operatorGroup": op.GetName(), + "namespace": op.GetNamespace(), + }) + + clusterRoles, err := a.lister.RbacV1().ClusterRoleLister().List(labels.SelectorFromSet(ownerutil.OwnerLabel(op, "OperatorGroup"))) + if err != nil { + logger.WithError(err).Error("failed to list ClusterRoles for garbage collection") + return + } + for _, clusterRole := range clusterRoles { + err = a.opClient.KubernetesInterface().RbacV1().ClusterRoles().Delete(clusterRole.GetName(), &metav1.DeleteOptions{}) + if err != nil { + logger.WithError(err).Error("failed to delete ClusterRole during garbage collection") + } + } +} + +func (a *Operator) annotateCSVs(group *v1.OperatorGroup, targetNamespaces []string, logger *logrus.Entry) error { + updateErrs := []error{} + targetNamespaceSet := resolver.NewNamespaceSet(targetNamespaces) + + for _, csv := range a.csvSet(group.GetNamespace(), v1alpha1.CSVPhaseAny) { + logger := logger.WithField("csv", csv.GetName()) + + originalNamespacesAnnotation, _ := a.copyOperatorGroupAnnotations(&csv.ObjectMeta)[v1.OperatorGroupTargetsAnnotationKey] + originalNamespaceSet := resolver.NewNamespaceSetFromString(originalNamespacesAnnotation) + + if a.operatorGroupAnnotationsDiffer(&csv.ObjectMeta, group) { + a.setOperatorGroupAnnotations(&csv.ObjectMeta, group, true) + // CRDs don't support strategic merge patching, but in the future if they do this should be updated to patch + if _, err := a.client.OperatorsV1alpha1().ClusterServiceVersions(csv.GetNamespace()).Update(csv); err != nil && !k8serrors.IsNotFound(err) { + logger.WithError(err).Warnf("error adding operatorgroup annotations") + updateErrs = append(updateErrs, err) + continue + } + } + + // requeue csvs in original namespaces or in new target namespaces (to capture removed/added namespaces) + requeueNamespaces := originalNamespaceSet.Union(targetNamespaceSet) + if !requeueNamespaces.IsAllNamespaces() { + for ns := range requeueNamespaces { + if err := a.csvQueueSet.Requeue(ns, csv.GetName()); err != nil { + logger.WithError(err).Warn("could not requeue csv") + } + } + } + // have to requeue in all namespaces, previous or new targets were AllNamespaces + if namespaces, err := a.lister.CoreV1().NamespaceLister().List(labels.Everything()); err != nil { + for _, ns := range namespaces { + if err := a.csvQueueSet.Requeue(ns.GetName(), csv.GetName()); err != nil { + logger.WithError(err).Warn("could not requeue csv") + } + } + } + } + return errors.NewAggregate(updateErrs) +} + +func (a *Operator) providedAPIsFromCSVs(group *v1.OperatorGroup, logger *logrus.Entry) resolver.APISet { + set := a.csvSet(group.Namespace, v1alpha1.CSVPhaseAny) + providedAPIsFromCSVs := make(resolver.APISet) + for _, csv := range set { + // Don't union providedAPIsFromCSVs if the CSV is copied (member of another OperatorGroup) + if csv.IsCopied() { + logger.Debug("csv is copied. not updating annotations or including in operatorgroup's provided api set") + continue + } + + // TODO: Throw out CSVs that aren't members of the group due to group related failures? + + // Union the providedAPIsFromCSVs from existing members of the group + operatorSurface, err := resolver.NewOperatorFromV1Alpha1CSV(csv) + if err != nil { + logger.WithError(err).Warn("could not create OperatorSurface from csv") + continue + } + providedAPIsFromCSVs = providedAPIsFromCSVs.Union(operatorSurface.ProvidedAPIs().StripPlural()) + } + return providedAPIsFromCSVs +} + +func (a *Operator) pruneProvidedAPIs(group *v1.OperatorGroup, groupProvidedAPIs, providedAPIsFromCSVs resolver.APISet, logger *logrus.Entry) { + // Don't prune providedAPIsFromCSVs if static + if group.Spec.StaticProvidedAPIs { + a.logger.Debug("group has static provided apis. skipping provided api pruning") + return + } + + // Prune providedAPIs annotation if the cluster has fewer providedAPIs (handles CSV deletion) + if intersection := groupProvidedAPIs.Intersection(providedAPIsFromCSVs); len(intersection) < len(groupProvidedAPIs) { + difference := groupProvidedAPIs.Difference(intersection) + logger := logger.WithFields(logrus.Fields{ + "providedAPIsOnCluster": providedAPIsFromCSVs, + "providedAPIsAnnotation": groupProvidedAPIs, + "providedAPIDifference": difference, + "intersection": intersection, + }) + + // Don't need to check for nil annotations since we already know |annotations| > 0 + annotations := group.GetAnnotations() + annotations[v1.OperatorGroupProvidedAPIsAnnotationKey] = intersection.String() + group.SetAnnotations(annotations) + logger.Debug("removing provided apis from annotation to match cluster state") + if _, err := a.client.OperatorsV1().OperatorGroups(group.GetNamespace()).Update(group); err != nil && !k8serrors.IsNotFound(err) { + logger.WithError(err).Warn("could not update provided api annotations") + } + } + return +} + +// ensureProvidedAPIClusterRole ensures that a clusterrole exists (admin, edit, or view) for a single provided API Type +func (a *Operator) ensureProvidedAPIClusterRole(operatorGroup *v1.OperatorGroup, csv *v1alpha1.ClusterServiceVersion, namePrefix, suffix string, verbs []string, group, resource string, resourceNames []string) error { + clusterRole := &rbacv1.ClusterRole{ + ObjectMeta: metav1.ObjectMeta{ + Name: namePrefix + suffix, + Labels: map[string]string{ + kubeRBACAggregationKeyPrefix + suffix: "true", + operatorGroupAggregrationKeyPrefix + suffix: operatorGroup.GetName(), + }, + }, + Rules: []rbacv1.PolicyRule{{Verbs: verbs, APIGroups: []string{group}, Resources: []string{resource}, ResourceNames: resourceNames}}, + } + err := ownerutil.AddOwnerLabels(clusterRole, operatorGroup) + if err != nil { + return err + } + existingCR, err := a.opClient.KubernetesInterface().RbacV1().ClusterRoles().Create(clusterRole) + if k8serrors.IsAlreadyExists(err) { + if existingCR != nil && reflect.DeepEqual(existingCR.Labels, clusterRole.Labels) && reflect.DeepEqual(existingCR.Rules, clusterRole.Rules) { + return nil + } + if _, err = a.opClient.UpdateClusterRole(clusterRole); err != nil { + a.logger.WithError(err).Errorf("Update existing cluster role failed: %v", clusterRole) + return err + } + } else if err != nil { + a.logger.WithError(err).Errorf("Create cluster role failed: %v", clusterRole) + return err + } + return nil +} + +// ensureClusterRolesForCSV ensures that ClusterRoles for writing and reading provided APIs exist for each operator +func (a *Operator) ensureClusterRolesForCSV(csv *v1alpha1.ClusterServiceVersion, operatorGroup *v1.OperatorGroup) error { + for _, owned := range csv.Spec.CustomResourceDefinitions.Owned { + nameGroupPair := strings.SplitN(owned.Name, ".", 2) // -> etcdclusters etcd.database.coreos.com + if len(nameGroupPair) != 2 { + return fmt.Errorf("invalid parsing of name '%v', got %v", owned.Name, nameGroupPair) + } + plural := nameGroupPair[0] + group := nameGroupPair[1] + namePrefix := fmt.Sprintf("%s-%s-", owned.Name, owned.Version) + + for suffix, verbs := range VerbsForSuffix { + if err := a.ensureProvidedAPIClusterRole(operatorGroup, csv, namePrefix, suffix, verbs, group, plural, nil); err != nil { + return err + } + } + if err := a.ensureProvidedAPIClusterRole(operatorGroup, csv, namePrefix+"crd", ViewSuffix, []string{"get"}, "apiextensions.k8s.io", "customresourcedefinitions", []string{owned.Name}); err != nil { + return err + } + } + for _, owned := range csv.Spec.APIServiceDefinitions.Owned { + namePrefix := fmt.Sprintf("%s-%s-", owned.Name, owned.Version) + for suffix, verbs := range VerbsForSuffix { + if err := a.ensureProvidedAPIClusterRole(operatorGroup, csv, namePrefix, suffix, verbs, owned.Group, owned.Name, nil); err != nil { + return err + } + } + } + return nil +} + +func (a *Operator) ensureRBACInTargetNamespace(csv *v1alpha1.ClusterServiceVersion, operatorGroup *v1.OperatorGroup) error { + targetNamespaces := operatorGroup.Status.Namespaces + if targetNamespaces == nil { + return nil + } + + strategyResolver := install.StrategyResolver{} + strategy, err := strategyResolver.UnmarshalStrategy(csv.Spec.InstallStrategy) + if err != nil { + return err + } + strategyDetailsDeployment, ok := strategy.(*install.StrategyDetailsDeployment) + if !ok { + return fmt.Errorf("could not cast install strategy as type %T", strategyDetailsDeployment) + } + ruleChecker := install.NewCSVRuleChecker(a.lister.RbacV1().RoleLister(), a.lister.RbacV1().RoleBindingLister(), a.lister.RbacV1().ClusterRoleLister(), a.lister.RbacV1().ClusterRoleBindingLister(), csv) + + logger := a.logger.WithField("opgroup", operatorGroup.GetName()).WithField("csv", csv.GetName()) + + // if OperatorGroup is global (all namespaces) we generate cluster roles / cluster role bindings instead + if len(targetNamespaces) == 1 && targetNamespaces[0] == corev1.NamespaceAll { + logger.Debug("opgroup is global") + + // synthesize cluster permissions to verify rbac + for _, p := range strategyDetailsDeployment.Permissions { + strategyDetailsDeployment.ClusterPermissions = append(strategyDetailsDeployment.ClusterPermissions, p) + } + strategyDetailsDeployment.Permissions = nil + permMet, _, err := a.permissionStatus(strategyDetailsDeployment, ruleChecker, corev1.NamespaceAll, csv.GetNamespace()) + if err != nil { + return err + } + + // operator already has access at the cluster scope + if permMet { + logger.Debug("global operator has correct global permissions") + return nil + } + logger.Debug("lift roles/rolebindings to clusterroles/rolebindings") + if err := a.ensureSingletonRBAC(operatorGroup.GetNamespace(), csv); err != nil { + return err + } + + return nil + } + + return nil +} + +func (a *Operator) ensureSingletonRBAC(operatorNamespace string, csv *v1alpha1.ClusterServiceVersion) error { + ownerSelector := ownerutil.CSVOwnerSelector(csv) + ownedRoles, err := a.lister.RbacV1().RoleLister().Roles(operatorNamespace).List(ownerSelector) + if err != nil { + return err + } + if len(ownedRoles) == 0 { + return fmt.Errorf("no owned roles found") + } + + for _, r := range ownedRoles { + a.logger.Debug("processing role") + _, err := a.lister.RbacV1().ClusterRoleLister().Get(r.GetName()) + if err != nil { + clusterRole := &rbacv1.ClusterRole{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterRole", + APIVersion: r.APIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: r.GetName(), + Labels: r.GetLabels(), + }, + Rules: append(r.Rules, rbacv1.PolicyRule{ + Verbs: ViewVerbs, + APIGroups: []string{corev1.GroupName}, + Resources: []string{"namespaces"}, + }), + } + if _, err := a.opClient.CreateClusterRole(clusterRole); err != nil { + return err + } + a.logger.Debug("created cluster role") + } + } + + ownedRoleBindings, err := a.lister.RbacV1().RoleBindingLister().RoleBindings(operatorNamespace).List(ownerSelector) + if err != nil { + return err + } + if len(ownedRoleBindings) == 0 { + return fmt.Errorf("no owned rolebindings found") + } + + for _, r := range ownedRoleBindings { + _, err := a.lister.RbacV1().ClusterRoleBindingLister().Get(r.GetName()) + if err != nil { + clusterRoleBinding := &rbacv1.ClusterRoleBinding{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterRoleBinding", + APIVersion: r.APIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: r.GetName(), + Labels: r.GetLabels(), + }, + Subjects: r.Subjects, + RoleRef: rbacv1.RoleRef{ + APIGroup: r.RoleRef.APIGroup, + Kind: "ClusterRole", + Name: r.RoleRef.Name, + }, + } + if _, err := a.opClient.CreateClusterRoleBinding(clusterRoleBinding); err != nil { + return err + } + } + } + return nil +} + +func (a *Operator) ensureTenantRBAC(operatorNamespace, targetNamespace string, csv *v1alpha1.ClusterServiceVersion, targetCSV *v1alpha1.ClusterServiceVersion) error { + if operatorNamespace == targetNamespace { + return nil + } + + ownerSelector := ownerutil.CSVOwnerSelector(csv) + ownedRoles, err := a.lister.RbacV1().RoleLister().Roles(operatorNamespace).List(ownerSelector) + if err != nil { + return err + } + + if len(ownedRoles) == 0 { + return fmt.Errorf("owned roles not found in cache") + } + + targetRoles, err := a.lister.RbacV1().RoleLister().Roles(targetNamespace).List(ownerutil.CSVOwnerSelector(targetCSV)) + if err != nil { + return err + } + + targetRolesByName := map[string]*rbacv1.Role{} + for _, r := range targetRoles { + targetRolesByName[r.GetName()] = r + } + + for _, ownedRole := range ownedRoles { + // don't trust the owner label + // TODO: this can skip objects that have owner labels but different ownerreferences + if !ownerutil.IsOwnedBy(ownedRole, csv) { + continue + } + + existing, ok := targetRolesByName[ownedRole.GetName()] + + // role already exists, update the rules + if ok { + existing.Rules = ownedRole.Rules + if _, err := a.opClient.UpdateRole(existing); err != nil { + return err + } + continue + } + + // role doesn't exist, create it + // TODO: we can work around error cases here; if there's an un-owned role with a matching name we should generate instead + targetRole := ownedRole.DeepCopy() + targetRole.SetResourceVersion("0") + targetRole.SetNamespace(targetNamespace) + targetRole.SetOwnerReferences([]metav1.OwnerReference{ownerutil.NonBlockingOwner(targetCSV)}) + if err := ownerutil.AddOwnerLabels(targetRole, targetCSV); err != nil { + return err + } + targetRole.SetLabels(utillabels.AddLabel(targetRole.GetLabels(), v1alpha1.CopiedLabelKey, operatorNamespace)) + if _, err := a.opClient.CreateRole(targetRole); err != nil { + return err + } + } + + ownedRoleBindings, err := a.lister.RbacV1().RoleBindingLister().RoleBindings(operatorNamespace).List(ownerSelector) + if err != nil { + return err + } + + targetRoleBindings, err := a.lister.RbacV1().RoleBindingLister().RoleBindings(targetNamespace).List(ownerutil.CSVOwnerSelector(targetCSV)) + if err != nil { + return err + } + + targetRoleBindingsByName := map[string]*rbacv1.RoleBinding{} + for _, r := range targetRoleBindings { + targetRoleBindingsByName[r.GetName()] = r + } + + // role bindings + for _, ownedRoleBinding := range ownedRoleBindings { + // don't trust the owner label + if !ownerutil.IsOwnedBy(ownedRoleBinding, csv) { + continue + } + _, ok := targetRoleBindingsByName[ownedRoleBinding.GetName()] + + // role binding exists + if ok { + // TODO: we should check if SA/role has changed + continue + } + + // role binding doesn't exist + // TODO: we can work around error cases here; if there's an un-owned role with a matching name we should generate instead + ownedRoleBinding = ownedRoleBinding.DeepCopy() + ownedRoleBinding.SetNamespace(targetNamespace) + ownedRoleBinding.SetResourceVersion("0") + ownedRoleBinding.SetOwnerReferences([]metav1.OwnerReference{ownerutil.NonBlockingOwner(targetCSV)}) + if err := ownerutil.AddOwnerLabels(ownedRoleBinding, targetCSV); err != nil { + return err + } + ownedRoleBinding.SetLabels(utillabels.AddLabel(ownedRoleBinding.GetLabels(), v1alpha1.CopiedLabelKey, operatorNamespace)) + if _, err := a.opClient.CreateRoleBinding(ownedRoleBinding); err != nil { + return err + } + } + return nil +} + +func (a *Operator) ensureCSVsInNamespaces(csv *v1alpha1.ClusterServiceVersion, operatorGroup *v1.OperatorGroup, targets resolver.NamespaceSet) error { + namespaces, err := a.lister.CoreV1().NamespaceLister().List(labels.Everything()) + if err != nil { + return err + } + + strategyResolver := install.StrategyResolver{} + strategy, err := strategyResolver.UnmarshalStrategy(csv.Spec.InstallStrategy) + if err != nil { + return err + } + strategyDetailsDeployment, ok := strategy.(*install.StrategyDetailsDeployment) + if !ok { + return fmt.Errorf("could not cast install strategy as type %T", strategyDetailsDeployment) + } + ruleChecker := install.NewCSVRuleChecker(a.lister.RbacV1().RoleLister(), a.lister.RbacV1().RoleBindingLister(), a.lister.RbacV1().ClusterRoleLister(), a.lister.RbacV1().ClusterRoleBindingLister(), csv) + + logger := a.logger.WithField("opgroup", operatorGroup.GetName()).WithField("csv", csv.GetName()) + + targetCSVs := make(map[string]*v1alpha1.ClusterServiceVersion) + for _, ns := range namespaces { + if ns.GetName() == operatorGroup.Namespace { + continue + } + if targets.Contains(ns.GetName()) { + var targetCSV *v1alpha1.ClusterServiceVersion + if targetCSV, err = a.copyToNamespace(csv, ns.GetName()); err != nil { + a.logger.WithError(err).Debug("error copying to target") + continue + } + targetCSVs[ns.GetName()] = targetCSV + } else { + if err := a.pruneFromNamespace(operatorGroup.GetName(), ns.GetName()); err != nil { + a.logger.WithError(err).Debug("error pruning from old target") + } + } + } + + targetNamespaces := operatorGroup.Status.Namespaces + if targetNamespaces == nil { + a.logger.Errorf("operatorgroup '%v' should have non-nil status", operatorGroup.GetName()) + return nil + } + if len(targetNamespaces) == 1 && targetNamespaces[0] == corev1.NamespaceAll { + // global operator group handled by ensureRBACInTargetNamespace + return nil + } + for _, ns := range targetNamespaces { + // create roles/rolebindings for each target namespace + permMet, _, err := a.permissionStatus(strategyDetailsDeployment, ruleChecker, ns, csv.GetNamespace()) + if err != nil { + logger.WithError(err).Debug("permission status") + return err + } + logger.WithField("target", ns).WithField("permMet", permMet).Debug("permission status") + + // operator already has access in the target namespace + if permMet { + logger.Debug("operator has access") + continue + } else { + logger.Debug("operator needs access, going to create permissions") + } + + targetCSV, ok := targetCSVs[ns] + if !ok { + return fmt.Errorf("bug: no target CSV for namespace %v", ns) + } + if err := a.ensureTenantRBAC(operatorGroup.GetNamespace(), ns, csv, targetCSV); err != nil { + logger.WithError(err).Debug("ensuring tenant rbac") + return err + } + logger.Debug("permissions created") + } + + return nil +} + +func (a *Operator) copyToNamespace(csv *v1alpha1.ClusterServiceVersion, namespace string) (*v1alpha1.ClusterServiceVersion, error) { + if csv.GetNamespace() == namespace { + return nil, fmt.Errorf("bug: can not copy to active namespace %v", csv.GetNamespace()) + } + + logger := a.logger.WithField("operator-ns", csv.GetNamespace()).WithField("target-ns", namespace) + newCSV := csv.DeepCopy() + delete(newCSV.Annotations, v1.OperatorGroupTargetsAnnotationKey) + + fetchedCSV, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(namespace).Get(newCSV.GetName()) + + logger = logger.WithField("csv", csv.GetName()) + if fetchedCSV != nil { + logger.Debug("checking annotations") + + if !reflect.DeepEqual(a.copyOperatorGroupAnnotations(&fetchedCSV.ObjectMeta), a.copyOperatorGroupAnnotations(&newCSV.ObjectMeta)) { + // TODO: only copy over the opgroup annotations, not _all_ annotations + fetchedCSV.Annotations = newCSV.Annotations + fetchedCSV.SetLabels(utillabels.AddLabel(fetchedCSV.GetLabels(), v1alpha1.CopiedLabelKey, csv.GetNamespace())) + // CRs don't support strategic merge patching, but in the future if they do this should be updated to patch + logger.Debug("updating target CSV") + if fetchedCSV, err = a.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Update(fetchedCSV); err != nil { + logger.WithError(err).Error("update target CSV failed") + return nil, err + } + } + + logger.Debug("checking status") + newCSV.Status = csv.Status + newCSV.Status.Reason = v1alpha1.CSVReasonCopied + newCSV.Status.Message = fmt.Sprintf("The operator is running in %s but is managing this namespace", csv.GetNamespace()) + + if !reflect.DeepEqual(fetchedCSV.Status, newCSV.Status) { + logger.Debug("updating status") + // Must use fetchedCSV because UpdateStatus(...) checks resource UID. + fetchedCSV.Status = newCSV.Status + fetchedCSV.Status.LastUpdateTime = a.now() + if fetchedCSV, err = a.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).UpdateStatus(fetchedCSV); err != nil { + logger.WithError(err).Error("status update for target CSV failed") + return nil, err + } + } + + return fetchedCSV, nil + + } else if k8serrors.IsNotFound(err) { + newCSV.SetNamespace(namespace) + newCSV.SetResourceVersion("") + newCSV.SetLabels(utillabels.AddLabel(newCSV.GetLabels(), v1alpha1.CopiedLabelKey, csv.GetNamespace())) + + logger.Debug("copying CSV to target") + createdCSV, err := a.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).Create(newCSV) + if err != nil { + a.logger.Errorf("Create for new CSV failed: %v", err) + return nil, err + } + createdCSV.Status.Reason = v1alpha1.CSVReasonCopied + createdCSV.Status.Message = fmt.Sprintf("The operator is running in %s but is managing this namespace", csv.GetNamespace()) + createdCSV.Status.LastUpdateTime = a.now() + if _, err := a.client.OperatorsV1alpha1().ClusterServiceVersions(namespace).UpdateStatus(createdCSV); err != nil { + a.logger.Errorf("Status update for CSV failed: %v", err) + return nil, err + } + + return createdCSV, nil + + } else if err != nil { + logger.WithError(err).Error("couldn't get CSV") + return nil, err + } + + // this return shouldn't be hit + return nil, fmt.Errorf("unhandled code path") +} + +func (a *Operator) pruneFromNamespace(operatorGroupName, namespace string) error { + fetchedCSVs, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(namespace).List(labels.Everything()) + if err != nil { + return err + } + + for _, csv := range fetchedCSVs { + if csv.IsCopied() && csv.GetAnnotations()[v1.OperatorGroupAnnotationKey] == operatorGroupName { + a.logger.Debugf("Found CSV '%v' in namespace %v to delete", csv.GetName(), namespace) + a.csvGCQueueSet.Requeue(csv.GetNamespace(), csv.GetName()) + } + } + return nil +} + +func (a *Operator) setOperatorGroupAnnotations(obj *metav1.ObjectMeta, op *v1.OperatorGroup, addTargets bool) { + metav1.SetMetaDataAnnotation(obj, v1.OperatorGroupNamespaceAnnotationKey, op.GetNamespace()) + metav1.SetMetaDataAnnotation(obj, v1.OperatorGroupAnnotationKey, op.GetName()) + + if addTargets && op.Status.Namespaces != nil { + metav1.SetMetaDataAnnotation(obj, v1.OperatorGroupTargetsAnnotationKey, op.BuildTargetNamespaces()) + } +} + +func (a *Operator) operatorGroupAnnotationsDiffer(obj *metav1.ObjectMeta, op *v1.OperatorGroup) bool { + annotations := obj.GetAnnotations() + if annotations == nil { + return true + } + if operatorGroupNamespace, ok := annotations[v1.OperatorGroupNamespaceAnnotationKey]; !ok || operatorGroupNamespace != op.GetNamespace() { + return true + } + if operatorGroup, ok := annotations[v1.OperatorGroupAnnotationKey]; !ok || operatorGroup != op.GetName() { + return true + } + if targets, ok := annotations[v1.OperatorGroupTargetsAnnotationKey]; !ok || targets != op.BuildTargetNamespaces() { + a.logger.WithFields(logrus.Fields{ + "annotationTargets": annotations[v1.OperatorGroupTargetsAnnotationKey], + "opgroupTargets": op.BuildTargetNamespaces(), + }).Debug("annotations different") + return true + } + + a.logger.WithFields(logrus.Fields{ + "annotationTargets": annotations[v1.OperatorGroupTargetsAnnotationKey], + "opgroupTargets": op.BuildTargetNamespaces(), + }).Debug("annotations correct") + return false +} + +func (a *Operator) copyOperatorGroupAnnotations(obj *metav1.ObjectMeta) map[string]string { + copiedAnnotations := make(map[string]string) + for k, v := range obj.GetAnnotations() { + switch k { + case v1.OperatorGroupNamespaceAnnotationKey: + fallthrough + case v1.OperatorGroupAnnotationKey: + fallthrough + case v1.OperatorGroupTargetsAnnotationKey: + copiedAnnotations[k] = v + } + } + return copiedAnnotations +} + +func namespacesChanged(clusterNamespaces []string, statusNamespaces []string) bool { + if len(clusterNamespaces) != len(statusNamespaces) { + return true + } + + nsMap := map[string]struct{}{} + for _, v := range clusterNamespaces { + nsMap[v] = struct{}{} + } + for _, v := range statusNamespaces { + if _, ok := nsMap[v]; !ok { + return true + } + } + return false +} + +func (a *Operator) getOperatorGroupTargets(op *v1.OperatorGroup) (map[string]struct{}, error) { + selector, err := metav1.LabelSelectorAsSelector(op.Spec.Selector) + + if err != nil { + return nil, err + } + + namespaceSet := make(map[string]struct{}) + if op.Spec.TargetNamespaces != nil && len(op.Spec.TargetNamespaces) > 0 { + for _, ns := range op.Spec.TargetNamespaces { + if ns == corev1.NamespaceAll { + return nil, fmt.Errorf("TargetNamespaces cannot contain NamespaceAll: %v", op.Spec.TargetNamespaces) + } + namespaceSet[ns] = struct{}{} + } + } else if selector == nil || selector.Empty() || selector == labels.Nothing() { + namespaceSet[corev1.NamespaceAll] = struct{}{} + } else { + matchedNamespaces, err := a.lister.CoreV1().NamespaceLister().List(selector) + if err != nil { + return nil, err + } else if len(matchedNamespaces) == 0 { + a.logger.Debugf("No matched TargetNamespaces are found for given selector: %#v\n", selector) + } + + for _, ns := range matchedNamespaces { + namespaceSet[ns.GetName()] = struct{}{} + } + } + return namespaceSet, nil +} + +func (a *Operator) updateNamespaceList(op *v1.OperatorGroup) ([]string, error) { + namespaceSet, err := a.getOperatorGroupTargets(op) + if err != nil { + return nil, err + } + namespaceList := []string{} + for ns := range namespaceSet { + namespaceList = append(namespaceList, ns) + } + + return namespaceList, nil +} + +func (a *Operator) ensureOpGroupClusterRole(op *v1.OperatorGroup, suffix string) error { + clusterRole := &rbacv1.ClusterRole{ + ObjectMeta: metav1.ObjectMeta{ + Name: strings.Join([]string{op.GetName(), suffix}, "-"), + }, + AggregationRule: &rbacv1.AggregationRule{ + ClusterRoleSelectors: []metav1.LabelSelector{ + { + MatchLabels: map[string]string{ + operatorGroupAggregrationKeyPrefix + suffix: op.GetName(), + }, + }, + }, + }, + } + err := ownerutil.AddOwnerLabels(clusterRole, op) + if err != nil { + return err + } + _, err = a.opClient.KubernetesInterface().RbacV1().ClusterRoles().Create(clusterRole) + if k8serrors.IsAlreadyExists(err) { + return nil + } else if err != nil { + a.logger.WithError(err).Errorf("Create cluster role failed: %v", clusterRole) + return err + } + return nil +} + +func (a *Operator) ensureOpGroupClusterRoles(op *v1.OperatorGroup) error { + for _, suffix := range Suffices { + if err := a.ensureOpGroupClusterRole(op, suffix); err != nil { + return err + } + } + return nil +} + +func (a *Operator) findCSVsThatProvideAnyOf(provide resolver.APISet) ([]*v1alpha1.ClusterServiceVersion, error) { + csvs, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(metav1.NamespaceAll).List(labels.Everything()) + if err != nil { + return nil, err + } + + providers := []*v1alpha1.ClusterServiceVersion{} + for i := 0; i < len(csvs); i++ { + csv := csvs[i] + if csv.IsCopied() { + continue + } + + operatorSurface, err := resolver.NewOperatorFromV1Alpha1CSV(csv) + if err != nil { + continue + } + + if len(operatorSurface.ProvidedAPIs().StripPlural().Intersection(provide)) > 0 { + providers = append(providers, csv) + } + } + + return providers, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/requirements.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/requirements.go new file mode 100644 index 000000000..c0d2156f5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/requirements.go @@ -0,0 +1,405 @@ +package olm + +import ( + "encoding/json" + "fmt" + "strings" + + "github.com/sirupsen/logrus" + + "github.com/coreos/go-semver/semver" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + olmErrors "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/errors" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func (a *Operator) minKubeVersionStatus(name string, minKubeVersion string) (met bool, statuses []v1alpha1.RequirementStatus) { + status := v1alpha1.RequirementStatus{ + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: name, + } + + if minKubeVersion == "" { + status.Status = v1alpha1.RequirementStatusReasonNotPresent + status.Message = "CSV missing minimum kube version specification" + met = true + statuses = append(statuses, status) + return + } + + // Retrieve server k8s version + serverVersionInfo, err := a.opClient.KubernetesInterface().Discovery().ServerVersion() + if err != nil { + status.Status = v1alpha1.RequirementStatusReasonPresentNotSatisfied + status.Message = "Server version discovery error" + met = false + statuses = append(statuses, status) + return + } + + serverVersion, err := semver.NewVersion(strings.Split(strings.TrimPrefix(serverVersionInfo.String(), "v"), "-")[0]) + if err != nil { + status.Status = v1alpha1.RequirementStatusReasonPresentNotSatisfied + status.Message = "Server version parsing error" + met = false + statuses = append(statuses, status) + return + } + + csvVersionInfo, err := semver.NewVersion(strings.TrimPrefix(minKubeVersion, "v")) + if err != nil { + status.Status = v1alpha1.RequirementStatusReasonPresentNotSatisfied + status.Message = "CSV version parsing error" + met = false + statuses = append(statuses, status) + return + } + + if csvVersionInfo.Compare(*serverVersion) > 0 { + status.Status = v1alpha1.RequirementStatusReasonPresentNotSatisfied + status.Message = fmt.Sprintf("CSV version requirement not met: minKubeVersion (%s) > server version (%s)", minKubeVersion, serverVersion.String()) + met = false + statuses = append(statuses, status) + return + } + + status.Status = v1alpha1.RequirementStatusReasonPresent + status.Message = fmt.Sprintf("CSV minKubeVersion (%s) less than server version (%s)", minKubeVersion, serverVersionInfo.String()) + met = true + statuses = append(statuses, status) + return +} + +func (a *Operator) requirementStatus(strategyDetailsDeployment *install.StrategyDetailsDeployment, crdDescs []v1alpha1.CRDDescription, + ownedAPIServiceDescs []v1alpha1.APIServiceDescription, requiredAPIServiceDescs []v1alpha1.APIServiceDescription, + requiredNativeAPIs []metav1.GroupVersionKind) (met bool, statuses []v1alpha1.RequirementStatus) { + met = true + + // Check for CRDs + for _, r := range crdDescs { + status := v1alpha1.RequirementStatus{ + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: r.Name, + } + + // check if CRD exists - this verifies group, version, and kind, so no need for GVK check via discovery + crd, err := a.lister.APIExtensionsV1beta1().CustomResourceDefinitionLister().Get(r.Name) + if err != nil { + status.Status = v1alpha1.RequirementStatusReasonNotPresent + status.Message = "CRD is not present" + a.logger.Debugf("Setting 'met' to false, %v with status %v, with err: %v", r.Name, status, err) + met = false + statuses = append(statuses, status) + continue + } + + if crd.Spec.Version != r.Version { + served := false + for _, version := range crd.Spec.Versions { + if version.Name == r.Version { + if version.Served { + served = true + } + break + } + } + + if !served { + status.Status = v1alpha1.RequirementStatusReasonNotPresent + status.Message = "CRD version not served" + a.logger.Debugf("Setting 'met' to false, %v with status %v, CRD version %v not found", r.Name, status, r.Version) + met = false + statuses = append(statuses, status) + continue + } + } + + // Check if CRD has successfully registered with k8s API + established := false + namesAccepted := false + for _, cdt := range crd.Status.Conditions { + switch cdt.Type { + case v1beta1.Established: + if cdt.Status == v1beta1.ConditionTrue { + established = true + } + case v1beta1.NamesAccepted: + if cdt.Status == v1beta1.ConditionTrue { + namesAccepted = true + } + } + } + + if established && namesAccepted { + status.Status = v1alpha1.RequirementStatusReasonPresent + status.Message = "CRD is present and Established condition is true" + status.UUID = string(crd.GetUID()) + statuses = append(statuses, status) + } else { + status.Status = v1alpha1.RequirementStatusReasonNotAvailable + status.Message = "CRD is present but the Established condition is False (not available)" + met = false + a.logger.Debugf("Setting 'met' to false, %v with status %v, established=%v, namesAccepted=%v", r.Name, status, established, namesAccepted) + statuses = append(statuses, status) + } + } + + // Check for required API services + for _, r := range requiredAPIServiceDescs { + name := fmt.Sprintf("%s.%s", r.Version, r.Group) + status := v1alpha1.RequirementStatus{ + Group: "apiregistration.k8s.io", + Version: "v1", + Kind: "APIService", + Name: name, + } + + // Check if GVK exists + if err := a.isGVKRegistered(r.Group, r.Version, r.Kind); err != nil { + status.Status = "NotPresent" + met = false + statuses = append(statuses, status) + continue + } + + // Check if APIService is registered + apiService, err := a.lister.APIRegistrationV1().APIServiceLister().Get(name) + if err != nil { + status.Status = "NotPresent" + met = false + statuses = append(statuses, status) + continue + } + + // Check if API is available + if !a.isAPIServiceAvailable(apiService) { + status.Status = "NotPresent" + met = false + } else { + status.Status = "Present" + status.UUID = string(apiService.GetUID()) + } + statuses = append(statuses, status) + } + + // Check owned API services + for _, r := range ownedAPIServiceDescs { + name := fmt.Sprintf("%s.%s", r.Version, r.Group) + status := v1alpha1.RequirementStatus{ + Group: "apiregistration.k8s.io", + Version: "v1", + Kind: "APIService", + Name: name, + } + + found := false + for _, spec := range strategyDetailsDeployment.DeploymentSpecs { + if spec.Name == r.DeploymentName { + status.Status = "DeploymentFound" + statuses = append(statuses, status) + found = true + break + } + } + + if !found { + status.Status = "DeploymentNotFound" + statuses = append(statuses, status) + met = false + } + } + + for _, r := range requiredNativeAPIs { + name := fmt.Sprintf("%s.%s", r.Version, r.Group) + status := v1alpha1.RequirementStatus{ + Group: r.Group, + Version: r.Version, + Kind: r.Kind, + Name: name, + } + + if err := a.isGVKRegistered(r.Group, r.Version, r.Kind); err != nil { + status.Status = v1alpha1.RequirementStatusReasonNotPresent + status.Message = "Native API does not exist" + met = false + statuses = append(statuses, status) + continue + } else { + status.Status = v1alpha1.RequirementStatusReasonPresent + status.Message = "Native API exists" + statuses = append(statuses, status) + continue + } + } + + return +} + +// permissionStatus checks whether the given CSV's RBAC requirements are met in its namespace +func (a *Operator) permissionStatus(strategyDetailsDeployment *install.StrategyDetailsDeployment, ruleChecker install.RuleChecker, targetNamespace, serviceAccountNamespace string) (bool, []v1alpha1.RequirementStatus, error) { + statusesSet := map[string]v1alpha1.RequirementStatus{} + + checkPermissions := func(permissions []install.StrategyDeploymentPermissions, namespace string) (bool, error) { + met := true + for _, perm := range permissions { + saName := perm.ServiceAccountName + a.logger.Debugf("perm.ServiceAccountName: %s", saName) + + var status v1alpha1.RequirementStatus + if stored, ok := statusesSet[saName]; !ok { + status = v1alpha1.RequirementStatus{ + Group: "", + Version: "v1", + Kind: "ServiceAccount", + Name: saName, + Status: v1alpha1.RequirementStatusReasonPresent, + Dependents: []v1alpha1.DependentStatus{}, + } + } else { + status = stored + } + + // Ensure the ServiceAccount exists + sa, err := a.opClient.GetServiceAccount(serviceAccountNamespace, perm.ServiceAccountName) + if err != nil { + met = false + status.Status = v1alpha1.RequirementStatusReasonNotPresent + status.Message = "Service account does not exist" + statusesSet[saName] = status + continue + } + + // Check if PolicyRules are satisfied + for _, rule := range perm.Rules { + dependent := v1alpha1.DependentStatus{ + Group: "rbac.authorization.k8s.io", + Kind: "PolicyRule", + Version: "v1beta1", + } + + marshalled, err := json.Marshal(rule) + if err != nil { + dependent.Status = v1alpha1.DependentStatusReasonNotSatisfied + dependent.Message = "rule unmarshallable" + status.Dependents = append(status.Dependents, dependent) + continue + } + + var scope string + if namespace == metav1.NamespaceAll { + scope = "cluster" + } else { + scope = "namespaced" + } + dependent.Message = fmt.Sprintf("%s rule:%s", scope, marshalled) + + satisfied, err := ruleChecker.RuleSatisfied(sa, namespace, rule) + if err != nil { + return false, err + } else if !satisfied { + met = false + dependent.Status = v1alpha1.DependentStatusReasonNotSatisfied + status.Status = v1alpha1.RequirementStatusReasonPresentNotSatisfied + status.Message = "Policy rule not satisfied for service account" + } else { + dependent.Status = v1alpha1.DependentStatusReasonSatisfied + } + + status.Dependents = append(status.Dependents, dependent) + } + + statusesSet[saName] = status + } + + return met, nil + } + + permMet, err := checkPermissions(strategyDetailsDeployment.Permissions, targetNamespace) + if err != nil { + return false, nil, err + } + clusterPermMet, err := checkPermissions(strategyDetailsDeployment.ClusterPermissions, metav1.NamespaceAll) + if err != nil { + return false, nil, err + } + + statuses := []v1alpha1.RequirementStatus{} + for key, status := range statusesSet { + a.logger.WithField("key", key).WithField("status", status).Tracef("appending permission status") + statuses = append(statuses, status) + } + + return permMet && clusterPermMet, statuses, nil +} + +// requirementAndPermissionStatus returns the aggregate requirement and permissions statuses for the given CSV +func (a *Operator) requirementAndPermissionStatus(csv *v1alpha1.ClusterServiceVersion) (bool, []v1alpha1.RequirementStatus, error) { + // Use a StrategyResolver to unmarshal + strategyResolver := install.StrategyResolver{} + strategy, err := strategyResolver.UnmarshalStrategy(csv.Spec.InstallStrategy) + if err != nil { + return false, nil, err + } + + // Assume the strategy is for a deployment + strategyDetailsDeployment, ok := strategy.(*install.StrategyDetailsDeployment) + if !ok { + return false, nil, fmt.Errorf("could not cast install strategy as type %T", strategyDetailsDeployment) + } + + // Check kubernetes version requirement between CSV and server + minKubeMet, minKubeStatus := a.minKubeVersionStatus(csv.GetName(), csv.Spec.MinKubeVersion) + reqMet, reqStatuses := a.requirementStatus(strategyDetailsDeployment, csv.GetAllCRDDescriptions(), csv.GetOwnedAPIServiceDescriptions(), csv.GetRequiredAPIServiceDescriptions(), csv.Spec.NativeAPIs) + allReqStatuses := append(minKubeStatus, reqStatuses...) + + rbacLister := a.lister.RbacV1() + roleLister := rbacLister.RoleLister() + roleBindingLister := rbacLister.RoleBindingLister() + clusterRoleLister := rbacLister.ClusterRoleLister() + clusterRoleBindingLister := rbacLister.ClusterRoleBindingLister() + + ruleChecker := install.NewCSVRuleChecker(roleLister, roleBindingLister, clusterRoleLister, clusterRoleBindingLister, csv) + permMet, permStatuses, err := a.permissionStatus(strategyDetailsDeployment, ruleChecker, csv.GetNamespace(), csv.GetNamespace()) + if err != nil { + return false, nil, err + } + + // Aggregate requirement and permissions statuses + statuses := append(allReqStatuses, permStatuses...) + met := minKubeMet && reqMet && permMet + if !met { + a.logger.WithField("minKubeMet", minKubeMet).WithField("reqMet", reqMet).WithField("permMet", permMet).Debug("permissions/requirements not met") + } + + return met, statuses, nil +} + +func (a *Operator) isGVKRegistered(group, version, kind string) error { + logger := a.logger.WithFields(logrus.Fields{ + "group": group, + "version": version, + "kind": kind, + }) + + gv := metav1.GroupVersion{Group: group, Version: version} + resources, err := a.opClient.KubernetesInterface().Discovery().ServerResourcesForGroupVersion(gv.String()) + if err != nil { + logger.WithField("err", err).Info("could not query for GVK in api discovery") + return err + } + + for _, r := range resources.APIResources { + if r.Kind == kind { + return nil + } + } + + logger.Info("couldn't find GVK in api discovery") + return olmErrors.GroupVersionKindNotFoundError{group, version, kind} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/requirements_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/requirements_test.go new file mode 100644 index 000000000..80cf7b658 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/requirements_test.go @@ -0,0 +1,639 @@ +package olm + +import ( + "context" + "encoding/json" + "fmt" + "testing" + + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" +) + +func TestRequirementAndPermissionStatus(t *testing.T) { + namespace := "ns" + type gvkn struct { + group string + version string + kind string + name string + } + tests := []struct { + description string + csv *v1alpha1.ClusterServiceVersion + existingObjs []runtime.Object + existingExtObjs []runtime.Object + met bool + expectedRequirementStatuses map[gvkn]v1alpha1.RequirementStatus + expectedError error + }{ + { + description: "BadInstallStrategy", + csv: csv("csv1", + namespace, + "0.0.0", + "", + v1alpha1.NamedInstallStrategy{"deployment", json.RawMessage{}}, + nil, + nil, + v1alpha1.CSVPhasePending, + ), + existingObjs: nil, + existingExtObjs: nil, + met: false, + expectedRequirementStatuses: nil, + expectedError: fmt.Errorf("unexpected end of JSON input"), + }, + { + description: "AllPermissionsMet", + csv: csv("csv1", + namespace, + "0.0.0", + "", + installStrategy( + "csv1-dep", + []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: "sa", + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{""}, + Verbs: []string{"*"}, + Resources: []string{"donuts"}, + }, + }, + }, + }, + []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: "sa", + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + NonResourceURLs: []string{"/osbs"}, + }, + }, + }, + }, + ), + nil, + nil, + v1alpha1.CSVPhasePending, + ), + existingObjs: []runtime.Object{ + &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sa", + Namespace: namespace, + UID: types.UID("sa"), + }, + }, + &rbacv1.Role{ + ObjectMeta: metav1.ObjectMeta{ + Name: "role", + Namespace: namespace, + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{""}, + Verbs: []string{"*"}, + Resources: []string{"donuts"}, + }, + }, + }, + &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: "roleBinding", + Namespace: namespace, + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: "sa", + Namespace: namespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "role", + }, + }, + &rbacv1.ClusterRole{ + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterRole", + }, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + NonResourceURLs: []string{"/osbs"}, + }, + }, + }, + &rbacv1.ClusterRoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterRoleBinding", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: "sa", + Namespace: namespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: "clusterRole", + }, + }, + }, + existingExtObjs: nil, + met: true, + expectedRequirementStatuses: map[gvkn]v1alpha1.RequirementStatus{ + {"", "v1", "ServiceAccount", "sa"}: { + Group: "", + Version: "v1", + Kind: "ServiceAccount", + Name: "sa", + Status: v1alpha1.RequirementStatusReasonPresent, + Dependents: []v1alpha1.DependentStatus{ + { + Group: "rbac.authorization.k8s.io", + Kind: "PolicyRule", + Version: "v1beta1", + }, + { + Group: "rbac.authorization.k8s.io", + Kind: "PolicyRule", + Version: "v1beta1", + }, + }, + }, + {"operators.coreos.com", "v1alpha1", "ClusterServiceVersion", "csv1"}: { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + }, + expectedError: nil, + }, + { + description: "OnePermissionNotMet", + csv: csv("csv1", + namespace, + "0.0.0", + "", + installStrategy( + "csv1-dep", + []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: "sa", + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{""}, + Verbs: []string{"*"}, + Resources: []string{"donuts"}, + }, + }, + }, + }, + []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: "sa", + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + NonResourceURLs: []string{"/osbs"}, + }, + }, + }, + }, + ), + nil, + nil, + v1alpha1.CSVPhasePending, + ), + existingObjs: []runtime.Object{ + &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sa", + Namespace: namespace, + UID: types.UID("sa"), + }, + }, + &rbacv1.Role{ + ObjectMeta: metav1.ObjectMeta{ + Name: "role", + Namespace: namespace, + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{""}, + Verbs: []string{"*"}, + Resources: []string{"donuts"}, + }, + }, + }, + &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: "roleBinding", + Namespace: namespace, + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: "sa", + Namespace: namespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "role", + }, + }, + &rbacv1.ClusterRole{ + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterRole", + }, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + NonResourceURLs: []string{"/osbs/*"}, + }, + }, + }, + &rbacv1.ClusterRoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: "clusterRoleBinding", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: "sa", + Namespace: namespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: "clusterRole", + }, + }, + }, + existingExtObjs: nil, + met: false, + expectedRequirementStatuses: map[gvkn]v1alpha1.RequirementStatus{ + {"", "v1", "ServiceAccount", "sa"}: { + Group: "", + Version: "v1", + Kind: "ServiceAccount", + Name: "sa", + Status: v1alpha1.RequirementStatusReasonPresent, + Dependents: []v1alpha1.DependentStatus{ + { + Group: "rbac.authorization.k8s.io", + Kind: "PolicyRule", + Version: "v1beta1", + }, + { + Group: "rbac.authorization.k8s.io", + Kind: "PolicyRule", + Version: "v1beta1", + }, + }, + }, + {"operators.coreos.com", "v1alpha1", "ClusterServiceVersion", "csv1"}: { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + }, + expectedError: nil, + }, + { + description: "AllRequirementsMet", + csv: csv("csv1", + namespace, + "0.0.0", + "", + installStrategy( + "csv1-dep", + []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: "sa", + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{""}, + Verbs: []string{"*"}, + Resources: []string{"donuts"}, + }, + }, + }, + }, + nil, + ), + []*v1beta1.CustomResourceDefinition{crd("c1", "v1", "g1")}, + []*v1beta1.CustomResourceDefinition{crd("c2", "v1", "g2")}, + v1alpha1.CSVPhasePending, + ), + existingObjs: []runtime.Object{ + &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sa", + Namespace: namespace, + UID: types.UID("sa"), + }, + }, + &rbacv1.Role{ + ObjectMeta: metav1.ObjectMeta{ + Name: "role", + Namespace: namespace, + }, + Rules: []rbacv1.PolicyRule{ + { + APIGroups: []string{""}, + Verbs: []string{"*"}, + Resources: []string{"donuts"}, + }, + }, + }, + &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: "roleBinding", + Namespace: namespace, + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: "sa", + Namespace: namespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: "role", + }, + }, + }, + existingExtObjs: []runtime.Object{ + crd("c1", "v1", "g1"), + crd("c2", "v1", "g2"), + }, + met: true, + expectedRequirementStatuses: map[gvkn]v1alpha1.RequirementStatus{ + {"", "v1", "ServiceAccount", "sa"}: { + Group: "", + Version: "v1", + Kind: "ServiceAccount", + Name: "sa", + Status: v1alpha1.RequirementStatusReasonPresent, + Dependents: []v1alpha1.DependentStatus{ + { + Group: "rbac.authorization.k8s.io", + Kind: "PolicyRule", + Version: "v1beta1", + }, + }, + }, + {"", "v1", "ServiceAccount", "sa"}: { + Group: "", + Version: "v1", + Kind: "ServiceAccount", + Name: "sa", + Status: v1alpha1.RequirementStatusReasonPresent, + Dependents: []v1alpha1.DependentStatus{ + { + Group: "rbac.authorization.k8s.io", + Kind: "PolicyRule", + Version: "v1beta1", + }, + }, + }, + {"apiextensions.k8s.io", "v1beta1", "CustomResourceDefinition", "c1.g1"}: { + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: "c1.g1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + {"apiextensions.k8s.io", "v1beta1", "CustomResourceDefinition", "c2.g2"}: { + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: "c2.g2", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + {"operators.coreos.com", "v1alpha1", "ClusterServiceVersion", "csv1"}: { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + }, + expectedError: nil, + }, + { + description: "RequirementNotMet/NonServedCRDVersion", + csv: csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v2", "g1")}, + nil, + v1alpha1.CSVPhasePending, + ), + existingObjs: nil, + existingExtObjs: []runtime.Object{ + crd("c1", "v1", "g1"), + }, + met: false, + expectedRequirementStatuses: map[gvkn]v1alpha1.RequirementStatus{ + {"apiextensions.k8s.io", "v1beta1", "CustomResourceDefinition", "c1.g1"}: { + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: "c1.g1", + Status: v1alpha1.RequirementStatusReasonNotPresent, + }, + {"operators.coreos.com", "v1alpha1", "ClusterServiceVersion", "csv1"}: { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + }, + expectedError: nil, + }, + { + description: "RequirementNotMet/NotEstablishedCRDVersion", + csv: csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "version-not-found", "g1")}, + nil, + v1alpha1.CSVPhasePending, + ), + existingObjs: nil, + existingExtObjs: []runtime.Object{ + crd("c1", "v2", "g1"), + }, + met: false, + expectedRequirementStatuses: map[gvkn]v1alpha1.RequirementStatus{ + {"apiextensions.k8s.io", "v1beta1", "CustomResourceDefinition", "c1.g1"}: { + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: "c1.g1", + Status: v1alpha1.RequirementStatusReasonNotAvailable, + }, + {"operators.coreos.com", "v1alpha1", "ClusterServiceVersion", "csv1"}: { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + }, + expectedError: nil, + }, + { + description: "RequirementNotMet/NamesConflictedCRD", + csv: csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v2", "g1")}, + nil, + v1alpha1.CSVPhasePending, + ), + existingObjs: nil, + existingExtObjs: []runtime.Object{ + func() *v1beta1.CustomResourceDefinition { + newCRD := crd("c1", "v2", "g1") + // condition order: established, name accepted + newCRD.Status.Conditions[0].Status = v1beta1.ConditionTrue + newCRD.Status.Conditions[1].Status = v1beta1.ConditionFalse + return newCRD + }(), + }, + met: false, + expectedRequirementStatuses: map[gvkn]v1alpha1.RequirementStatus{ + {"apiextensions.k8s.io", "v1beta1", "CustomResourceDefinition", "c1.g1"}: { + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: "c1.g1", + Status: v1alpha1.RequirementStatusReasonNotAvailable, + }, + {"operators.coreos.com", "v1alpha1", "ClusterServiceVersion", "csv1"}: { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + }, + expectedError: nil, + }, + { + description: "RequirementNotMet/CRDResourceInactive", + csv: csv("csv1", + namespace, + "0.0.0", + "", + installStrategy("csv1-dep", nil, nil), + []*v1beta1.CustomResourceDefinition{crd("c1", "v2", "g1")}, + nil, + v1alpha1.CSVPhasePending, + ), + existingObjs: nil, + existingExtObjs: []runtime.Object{ + func() *v1beta1.CustomResourceDefinition { + newCRD := crd("c1", "v2", "g1") + // condition order: established, name accepted + newCRD.Status.Conditions[0].Status = v1beta1.ConditionFalse + newCRD.Status.Conditions[1].Status = v1beta1.ConditionTrue + return newCRD + }(), + }, + met: false, + expectedRequirementStatuses: map[gvkn]v1alpha1.RequirementStatus{ + {"apiextensions.k8s.io", "v1beta1", "CustomResourceDefinition", "c1.g1"}: { + Group: "apiextensions.k8s.io", + Version: "v1beta1", + Kind: "CustomResourceDefinition", + Name: "c1.g1", + Status: v1alpha1.RequirementStatusReasonNotAvailable, + }, + {"operators.coreos.com", "v1alpha1", "ClusterServiceVersion", "csv1"}: { + Group: "operators.coreos.com", + Version: "v1alpha1", + Kind: "ClusterServiceVersion", + Name: "csv1", + Status: v1alpha1.RequirementStatusReasonPresent, + }, + }, + expectedError: nil, + }, + } + + for _, test := range tests { + t.Run(test.description, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + op, err := NewFakeOperator(ctx, withNamespaces(namespace), withOperatorNamespace(namespace), withClientObjs(test.csv), withK8sObjs(test.existingObjs...), withExtObjs(test.existingExtObjs...)) + require.NoError(t, err) + + // Get the permission status + met, statuses, err := op.requirementAndPermissionStatus(test.csv) + if test.expectedError != nil { + require.EqualError(t, test.expectedError, err.Error()) + } + require.Equal(t, test.met, met) + + for _, status := range statuses { + key := gvkn{ + group: status.Group, + version: status.Version, + kind: status.Kind, + name: status.Name, + } + + expected, ok := test.expectedRequirementStatuses[key] + require.True(t, ok, fmt.Sprintf("permission requirement status %+v found but not expected", key)) + require.Len(t, status.Dependents, len(expected.Dependents), "number of dependents is not what was expected") + + // Delete the requirement status to mark as found + delete(test.expectedRequirementStatuses, key) + } + + require.Len(t, test.expectedRequirementStatuses, 0, "not all expected permission requirement statuses were found") + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/configmap.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/configmap.go new file mode 100644 index 000000000..47f74014d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/configmap.go @@ -0,0 +1,461 @@ +//go:generate counterfeiter -o ../../../fakes/fake_reconciler.go . RegistryReconciler +package reconciler + +import ( + "fmt" + + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + v1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/util/intstr" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +// configMapCatalogSourceDecorator wraps CatalogSource to add additional methods +type configMapCatalogSourceDecorator struct { + *v1alpha1.CatalogSource +} + +const ( + // ConfigMapServerPostfix is a postfix appended to the names of resources generated for a ConfigMap server. + ConfigMapServerPostfix string = "-configmap-server" +) + +func (s *configMapCatalogSourceDecorator) serviceAccountName() string { + return s.GetName() + ConfigMapServerPostfix +} + +func (s *configMapCatalogSourceDecorator) roleName() string { + return s.GetName() + "-configmap-reader" +} + +func (s *configMapCatalogSourceDecorator) Selector() map[string]string { + return map[string]string{ + CatalogSourceLabelKey: s.GetName(), + } +} + +const ( + // ConfigMapRVLabelKey is the key for a label used to track the resource version of a related ConfigMap. + ConfigMapRVLabelKey string = "olm.configMapResourceVersion" +) + +func (s *configMapCatalogSourceDecorator) Labels() map[string]string { + labels := map[string]string{ + CatalogSourceLabelKey: s.GetName(), + } + if s.Spec.SourceType == v1alpha1.SourceTypeInternal || s.Spec.SourceType == v1alpha1.SourceTypeConfigmap { + labels[ConfigMapRVLabelKey] = s.Status.ConfigMapResource.ResourceVersion + } + return labels +} + +func (s *configMapCatalogSourceDecorator) ConfigMapChanges(configMap *v1.ConfigMap) bool { + if s.Status.ConfigMapResource == nil { + return true + } + if s.Status.ConfigMapResource.ResourceVersion == configMap.GetResourceVersion() { + return false + } + return true +} + +func (s *configMapCatalogSourceDecorator) Service() *v1.Service { + svc := &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: s.GetName(), + Namespace: s.GetNamespace(), + }, + Spec: v1.ServiceSpec{ + Ports: []v1.ServicePort{ + { + Name: "grpc", + Port: 50051, + TargetPort: intstr.FromInt(50051), + }, + }, + Selector: s.Selector(), + }, + } + ownerutil.AddOwner(svc, s.CatalogSource, false, false) + return svc +} + +func (s *configMapCatalogSourceDecorator) Pod(image string) *v1.Pod { + pod := &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + GenerateName: s.GetName() + "-", + Namespace: s.GetNamespace(), + Labels: s.Labels(), + }, + Spec: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: "configmap-registry-server", + Image: image, + Command: []string{"configmap-server", "-c", s.Spec.ConfigMap, "-n", s.GetNamespace()}, + Ports: []v1.ContainerPort{ + { + Name: "grpc", + ContainerPort: 50051, + }, + }, + ReadinessProbe: &v1.Probe{ + Handler: v1.Handler{ + Exec: &v1.ExecAction{ + Command: []string{"grpc_health_probe", "-addr=localhost:50051"}, + }, + }, + InitialDelaySeconds: 1, + }, + LivenessProbe: &v1.Probe{ + Handler: v1.Handler{ + Exec: &v1.ExecAction{ + Command: []string{"grpc_health_probe", "-addr=localhost:50051"}, + }, + }, + InitialDelaySeconds: 2, + }, + }, + }, + Tolerations: []v1.Toleration{ + { + Operator: v1.TolerationOpExists, + }, + }, + ServiceAccountName: s.GetName() + ConfigMapServerPostfix, + }, + } + ownerutil.AddOwner(pod, s.CatalogSource, false, false) + return pod +} + +func (s *configMapCatalogSourceDecorator) ServiceAccount() *v1.ServiceAccount { + sa := &v1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: s.serviceAccountName(), + Namespace: s.GetNamespace(), + }, + } + ownerutil.AddOwner(sa, s.CatalogSource, false, false) + return sa +} + +func (s *configMapCatalogSourceDecorator) Role() *rbacv1.Role { + role := &rbacv1.Role{ + ObjectMeta: metav1.ObjectMeta{ + Name: s.roleName(), + Namespace: s.GetNamespace(), + }, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + ResourceNames: []string{s.Spec.ConfigMap}, + }, + }, + } + ownerutil.AddOwner(role, s.CatalogSource, false, false) + return role +} + +func (s *configMapCatalogSourceDecorator) RoleBinding() *rbacv1.RoleBinding { + rb := &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: s.GetName() + "-server-configmap-reader", + Namespace: s.GetNamespace(), + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + Name: s.serviceAccountName(), + Namespace: s.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: s.roleName(), + }, + } + ownerutil.AddOwner(rb, s.CatalogSource, false, false) + return rb +} + +type ConfigMapRegistryReconciler struct { + now nowFunc + Lister operatorlister.OperatorLister + OpClient operatorclient.ClientInterface + Image string +} + +var _ RegistryEnsurer = &ConfigMapRegistryReconciler{} +var _ RegistryChecker = &ConfigMapRegistryReconciler{} +var _ RegistryReconciler = &ConfigMapRegistryReconciler{} + +func (c *ConfigMapRegistryReconciler) currentService(source configMapCatalogSourceDecorator) *v1.Service { + serviceName := source.Service().GetName() + service, err := c.Lister.CoreV1().ServiceLister().Services(source.GetNamespace()).Get(serviceName) + if err != nil { + logrus.WithField("service", serviceName).Debug("couldn't find service in cache") + return nil + } + return service +} + +func (c *ConfigMapRegistryReconciler) currentServiceAccount(source configMapCatalogSourceDecorator) *v1.ServiceAccount { + serviceAccountName := source.ServiceAccount().GetName() + serviceAccount, err := c.Lister.CoreV1().ServiceAccountLister().ServiceAccounts(source.GetNamespace()).Get(serviceAccountName) + if err != nil { + logrus.WithField("serviceAccouint", serviceAccountName).WithError(err).Debug("couldn't find service account in cache") + return nil + } + return serviceAccount +} + +func (c *ConfigMapRegistryReconciler) currentRole(source configMapCatalogSourceDecorator) *rbacv1.Role { + roleName := source.Role().GetName() + role, err := c.Lister.RbacV1().RoleLister().Roles(source.GetNamespace()).Get(roleName) + if err != nil { + logrus.WithField("role", roleName).WithError(err).Debug("couldn't find role in cache") + return nil + } + return role +} + +func (c *ConfigMapRegistryReconciler) currentRoleBinding(source configMapCatalogSourceDecorator) *rbacv1.RoleBinding { + roleBindingName := source.RoleBinding().GetName() + roleBinding, err := c.Lister.RbacV1().RoleBindingLister().RoleBindings(source.GetNamespace()).Get(roleBindingName) + if err != nil { + logrus.WithField("roleBinding", roleBindingName).WithError(err).Debug("couldn't find role binding in cache") + return nil + } + return roleBinding +} + +func (c *ConfigMapRegistryReconciler) currentPods(source configMapCatalogSourceDecorator, image string) []*v1.Pod { + podName := source.Pod(image).GetName() + pods, err := c.Lister.CoreV1().PodLister().Pods(source.GetNamespace()).List(labels.SelectorFromSet(source.Selector())) + if err != nil { + logrus.WithField("pod", podName).WithError(err).Debug("couldn't find pod in cache") + return nil + } + if len(pods) > 1 { + logrus.WithField("selector", source.Selector()).Debug("multiple pods found for selector") + } + return pods +} + +func (c *ConfigMapRegistryReconciler) currentPodsWithCorrectResourceVersion(source configMapCatalogSourceDecorator, image string) []*v1.Pod { + podName := source.Pod(image).GetName() + pods, err := c.Lister.CoreV1().PodLister().Pods(source.GetNamespace()).List(labels.SelectorFromValidatedSet(source.Labels())) + if err != nil { + logrus.WithField("pod", podName).WithError(err).Debug("couldn't find pod in cache") + return nil + } + if len(pods) > 1 { + logrus.WithField("selector", source.Labels()).Debug("multiple pods found for selector") + } + return pods +} + +// EnsureRegistryServer ensures that all components of registry server are up to date. +func (c *ConfigMapRegistryReconciler) EnsureRegistryServer(catalogSource *v1alpha1.CatalogSource) error { + source := configMapCatalogSourceDecorator{catalogSource} + + image := c.Image + if source.Spec.SourceType == "grpc" { + image = source.Spec.Image + } + if image == "" { + return fmt.Errorf("no image for registry") + } + + // if service status is nil, we force create every object to ensure they're created the first time + overwrite := source.Status.RegistryServiceStatus == nil + overwritePod := overwrite + + if source.Spec.SourceType == v1alpha1.SourceTypeConfigmap || source.Spec.SourceType == v1alpha1.SourceTypeInternal { + // fetch configmap first, exit early if we can't find it + configMap, err := c.Lister.CoreV1().ConfigMapLister().ConfigMaps(source.GetNamespace()).Get(source.Spec.ConfigMap) + if err != nil { + return fmt.Errorf("unable to get configmap %s/%s from cache", source.GetNamespace(), source.Spec.ConfigMap) + } + + if source.ConfigMapChanges(configMap) { + catalogSource.Status.ConfigMapResource = &v1alpha1.ConfigMapResourceReference{ + Name: configMap.GetName(), + Namespace: configMap.GetNamespace(), + UID: configMap.GetUID(), + ResourceVersion: configMap.GetResourceVersion(), + } + + // recreate the pod if there are configmap changes; this causes the db to be rebuilt + overwritePod = true + } + + // recreate the pod if no existing pod is serving the latest image + if len(c.currentPodsWithCorrectResourceVersion(source, image)) == 0 { + overwritePod = true + } + } + + //TODO: if any of these error out, we should write a status back (possibly set RegistryServiceStatus to nil so they get recreated) + if err := c.ensureServiceAccount(source, overwrite); err != nil { + return errors.Wrapf(err, "error ensuring service account: %s", source.serviceAccountName()) + } + if err := c.ensureRole(source, overwrite); err != nil { + return errors.Wrapf(err, "error ensuring role: %s", source.roleName()) + } + if err := c.ensureRoleBinding(source, overwrite); err != nil { + return errors.Wrapf(err, "error ensuring rolebinding: %s", source.RoleBinding().GetName()) + } + if err := c.ensurePod(source, overwritePod); err != nil { + return errors.Wrapf(err, "error ensuring pod: %s", source.Pod(image).GetName()) + } + if err := c.ensureService(source, overwrite); err != nil { + return errors.Wrapf(err, "error ensuring service: %s", source.Service().GetName()) + } + + if overwritePod { + now := c.now() + catalogSource.Status.RegistryServiceStatus = &v1alpha1.RegistryServiceStatus{ + CreatedAt: now, + Protocol: "grpc", + ServiceName: source.Service().GetName(), + ServiceNamespace: source.GetNamespace(), + Port: fmt.Sprintf("%d", source.Service().Spec.Ports[0].Port), + } + catalogSource.Status.LastSync = now + } + return nil +} + +func (c *ConfigMapRegistryReconciler) ensureServiceAccount(source configMapCatalogSourceDecorator, overwrite bool) error { + serviceAccount := source.ServiceAccount() + if c.currentServiceAccount(source) != nil { + if !overwrite { + return nil + } + if err := c.OpClient.DeleteServiceAccount(serviceAccount.GetNamespace(), serviceAccount.GetName(), metav1.NewDeleteOptions(0)); err != nil { + return err + } + } + _, err := c.OpClient.CreateServiceAccount(serviceAccount) + return err +} + +func (c *ConfigMapRegistryReconciler) ensureRole(source configMapCatalogSourceDecorator, overwrite bool) error { + role := source.Role() + if c.currentRole(source) != nil { + if !overwrite { + return nil + } + if err := c.OpClient.DeleteRole(role.GetNamespace(), role.GetName(), metav1.NewDeleteOptions(0)); err != nil { + return err + } + } + _, err := c.OpClient.CreateRole(role) + return err +} + +func (c *ConfigMapRegistryReconciler) ensureRoleBinding(source configMapCatalogSourceDecorator, overwrite bool) error { + roleBinding := source.RoleBinding() + if c.currentRoleBinding(source) != nil { + if !overwrite { + return nil + } + if err := c.OpClient.DeleteRoleBinding(roleBinding.GetNamespace(), roleBinding.GetName(), metav1.NewDeleteOptions(0)); err != nil { + return err + } + } + _, err := c.OpClient.CreateRoleBinding(roleBinding) + return err +} + +func (c *ConfigMapRegistryReconciler) ensurePod(source configMapCatalogSourceDecorator, overwrite bool) error { + pod := source.Pod(c.Image) + currentPods := c.currentPods(source, c.Image) + if len(currentPods) > 0 { + if !overwrite { + return nil + } + for _, p := range currentPods { + if err := c.OpClient.KubernetesInterface().CoreV1().Pods(pod.GetNamespace()).Delete(p.GetName(), metav1.NewDeleteOptions(0)); err != nil { + return errors.Wrapf(err, "error deleting old pod: %s", p.GetName()) + } + } + } + _, err := c.OpClient.KubernetesInterface().CoreV1().Pods(pod.GetNamespace()).Create(pod) + if err == nil { + return nil + } + return errors.Wrapf(err, "error creating new pod: %s", pod.GetGenerateName()) +} + +func (c *ConfigMapRegistryReconciler) ensureService(source configMapCatalogSourceDecorator, overwrite bool) error { + service := source.Service() + if c.currentService(source) != nil { + if !overwrite { + return nil + } + if err := c.OpClient.DeleteService(service.GetNamespace(), service.GetName(), metav1.NewDeleteOptions(0)); err != nil { + return err + } + } + _, err := c.OpClient.CreateService(service) + return err +} + +// CheckRegistryServer returns true if the given CatalogSource is considered healthy; false otherwise. +func (c *ConfigMapRegistryReconciler) CheckRegistryServer(catalogSource *v1alpha1.CatalogSource) (healthy bool, err error) { + source := configMapCatalogSourceDecorator{catalogSource} + + image := c.Image + if source.Spec.SourceType == "grpc" { + image = source.Spec.Image + } + if image == "" { + err = fmt.Errorf("no image for registry") + return + } + + if source.Spec.SourceType == v1alpha1.SourceTypeConfigmap || source.Spec.SourceType == v1alpha1.SourceTypeInternal { + configMap, err := c.Lister.CoreV1().ConfigMapLister().ConfigMaps(source.GetNamespace()).Get(source.Spec.ConfigMap) + if err != nil { + return false, fmt.Errorf("unable to get configmap %s/%s from cache", source.GetNamespace(), source.Spec.ConfigMap) + } + + if source.ConfigMapChanges(configMap) { + return false, nil + } + + // recreate the pod if no existing pod is serving the latest image + if len(c.currentPodsWithCorrectResourceVersion(source, image)) == 0 { + return false, nil + } + } + + // Check on registry resources + // TODO: more complex checks for resources + // TODO: add gRPC health check + if c.currentServiceAccount(source) == nil || + c.currentRole(source) == nil || + c.currentRoleBinding(source) == nil || + c.currentService(source) == nil || + len(c.currentPods(source, c.Image)) < 1 { + healthy = false + return + } + + healthy = true + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/configmap_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/configmap_test.go new file mode 100644 index 000000000..f23149fe4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/configmap_test.go @@ -0,0 +1,472 @@ +package reconciler + +import ( + "fmt" + "reflect" + "testing" + "time" + + "github.com/ghodss/yaml" + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + "k8s.io/client-go/informers" + "k8s.io/client-go/tools/cache" + k8slabels "k8s.io/kubernetes/pkg/util/labels" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +const ( + registryImageName = "test:image" + testNamespace = "testns" +) + +type fakeReconcilerConfig struct { + now nowFunc + k8sObjs []runtime.Object + k8sClientOptions []clientfake.Option + configMapServerImage string +} + +type fakeReconcilerOption func(*fakeReconcilerConfig) + +func withNow(now nowFunc) fakeReconcilerOption { + return func(config *fakeReconcilerConfig) { + config.now = now + } +} + +func withK8sObjs(k8sObjs ...runtime.Object) fakeReconcilerOption { + return func(config *fakeReconcilerConfig) { + config.k8sObjs = k8sObjs + } +} + +func withK8sClientOptions(options ...clientfake.Option) fakeReconcilerOption { + return func(config *fakeReconcilerConfig) { + config.k8sClientOptions = options + } +} + +func withConfigMapServerImage(configMapServerImage string) fakeReconcilerOption { + return func(config *fakeReconcilerConfig) { + config.configMapServerImage = configMapServerImage + } +} + +func fakeReconcilerFactory(t *testing.T, stopc <-chan struct{}, options ...fakeReconcilerOption) (RegistryReconcilerFactory, operatorclient.ClientInterface) { + config := &fakeReconcilerConfig{ + now: metav1.Now, + configMapServerImage: registryImageName, + } + + // Apply all config options + for _, option := range options { + option(config) + } + + opClientFake := operatorclient.NewClient(clientfake.NewReactionForwardingClientsetDecorator(config.k8sObjs, config.k8sClientOptions...), nil, nil) + + // Creates registry pods in response to configmaps + informerFactory := informers.NewSharedInformerFactory(opClientFake.KubernetesInterface(), 5*time.Second) + roleInformer := informerFactory.Rbac().V1().Roles() + roleBindingInformer := informerFactory.Rbac().V1().RoleBindings() + serviceAccountInformer := informerFactory.Core().V1().ServiceAccounts() + serviceInformer := informerFactory.Core().V1().Services() + podInformer := informerFactory.Core().V1().Pods() + configMapInformer := informerFactory.Core().V1().ConfigMaps() + + registryInformers := []cache.SharedIndexInformer{ + roleInformer.Informer(), + roleBindingInformer.Informer(), + serviceAccountInformer.Informer(), + serviceInformer.Informer(), + podInformer.Informer(), + configMapInformer.Informer(), + } + + lister := operatorlister.NewLister() + lister.RbacV1().RegisterRoleLister(testNamespace, roleInformer.Lister()) + lister.RbacV1().RegisterRoleBindingLister(testNamespace, roleBindingInformer.Lister()) + lister.CoreV1().RegisterServiceAccountLister(testNamespace, serviceAccountInformer.Lister()) + lister.CoreV1().RegisterServiceLister(testNamespace, serviceInformer.Lister()) + lister.CoreV1().RegisterPodLister(testNamespace, podInformer.Lister()) + lister.CoreV1().RegisterConfigMapLister(testNamespace, configMapInformer.Lister()) + + rec := ®istryReconcilerFactory{ + now: config.now, + OpClient: opClientFake, + Lister: lister, + ConfigMapServerImage: config.configMapServerImage, + } + + var hasSyncedCheckFns []cache.InformerSynced + for _, informer := range registryInformers { + hasSyncedCheckFns = append(hasSyncedCheckFns, informer.HasSynced) + go informer.Run(stopc) + } + + require.True(t, cache.WaitForCacheSync(stopc, hasSyncedCheckFns...), "caches failed to sync") + + return rec, opClientFake +} + +func crd(name string) v1beta1.CustomResourceDefinition { + return v1beta1.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: v1beta1.CustomResourceDefinitionSpec{ + Group: name + "group", + Versions: []v1beta1.CustomResourceDefinitionVersion{ + { + Name: "v1", + Served: true, + Storage: true, + }, + }, + Names: v1beta1.CustomResourceDefinitionNames{ + Kind: name, + }, + }, + } +} + +func validConfigMap() *corev1.ConfigMap { + data := make(map[string]string) + dataYaml, _ := yaml.Marshal([]v1beta1.CustomResourceDefinition{crd("fake-crd")}) + data["customResourceDefinitions"] = string(dataYaml) + return &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-configmap", + Namespace: testNamespace, + UID: types.UID("configmap-uid"), + ResourceVersion: "resource-version", + }, + Data: data, + } +} + +func TestValidConfigMap(t *testing.T) { + cm := validConfigMap() + require.NotNil(t, cm) + require.Contains(t, cm.Data[registry.ConfigMapCRDName], "fake") +} + +func validConfigMapCatalogSource(configMap *corev1.ConfigMap) *v1alpha1.CatalogSource { + return &v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cool-catalog", + Namespace: testNamespace, + UID: types.UID("catalog-uid"), + }, + Spec: v1alpha1.CatalogSourceSpec{ + ConfigMap: "cool-configmap", + SourceType: v1alpha1.SourceTypeConfigmap, + }, + Status: v1alpha1.CatalogSourceStatus{ + ConfigMapResource: &v1alpha1.ConfigMapResourceReference{ + Name: configMap.GetName(), + Namespace: configMap.GetNamespace(), + UID: configMap.GetUID(), + ResourceVersion: configMap.GetResourceVersion(), + }, + }, + } +} + +func objectsForCatalogSource(catsrc *v1alpha1.CatalogSource) []runtime.Object { + var objs []runtime.Object + switch catsrc.Spec.SourceType { + case v1alpha1.SourceTypeInternal, v1alpha1.SourceTypeConfigmap: + decorated := configMapCatalogSourceDecorator{catsrc} + objs = clientfake.AddSimpleGeneratedNames( + clientfake.AddSimpleGeneratedName(decorated.Pod(registryImageName)), + decorated.Service(), + decorated.ServiceAccount(), + decorated.Role(), + decorated.RoleBinding(), + ) + case v1alpha1.SourceTypeGrpc: + if catsrc.Spec.Image != "" { + decorated := grpcCatalogSourceDecorator{catsrc} + objs = clientfake.AddSimpleGeneratedNames( + decorated.Pod(), + decorated.Service(), + ) + } + } + + blockOwnerDeletion := false + isController := false + for _, o := range objs { + mo := o.(metav1.Object) + mo.SetOwnerReferences([]metav1.OwnerReference{{ + APIVersion: "operators.coreos.com/v1alpha1", + Kind: "CatalogSource", + Name: catsrc.GetName(), + UID: catsrc.GetUID(), + BlockOwnerDeletion: &blockOwnerDeletion, + Controller: &isController, + }}) + } + return objs +} + +func modifyObjName(objs []runtime.Object, kind runtime.Object, newName string) []runtime.Object { + out := []runtime.Object{} + t := reflect.TypeOf(kind) + for _, obj := range objs { + o := obj.DeepCopyObject() + if reflect.TypeOf(o) == t { + if accessor, err := meta.Accessor(o); err == nil { + accessor.SetName(newName) + } + } + out = append(out, o) + } + return out +} + +func setLabel(objs []runtime.Object, kind runtime.Object, label, value string) []runtime.Object { + out := []runtime.Object{} + t := reflect.TypeOf(kind) + for _, obj := range objs { + o := obj.DeepCopyObject() + if reflect.TypeOf(o) == t { + if accessor, err := meta.Accessor(o); err == nil { + k8slabels.AddLabel(accessor.GetLabels(), label, value) + } + } + out = append(out, o) + } + return out +} + +func TestConfigMapRegistryReconciler(t *testing.T) { + now := func() metav1.Time { return metav1.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC) } + + validConfigMap := validConfigMap() + validCatalogSource := validConfigMapCatalogSource(validConfigMap) + outdatedCatalogSource := validCatalogSource.DeepCopy() + outdatedCatalogSource.Status.ConfigMapResource.ResourceVersion = "old" + type cluster struct { + k8sObjs []runtime.Object + } + type in struct { + cluster cluster + catsrc *v1alpha1.CatalogSource + } + type out struct { + status *v1alpha1.RegistryServiceStatus + err error + } + tests := []struct { + testName string + in in + out out + }{ + { + testName: "NoConfigMap", + in: in{ + cluster: cluster{}, + catsrc: &v1alpha1.CatalogSource{ + Spec: v1alpha1.CatalogSourceSpec{ + SourceType: v1alpha1.SourceTypeConfigmap, + }, + }, + }, + out: out{ + err: fmt.Errorf("unable to get configmap / from cache"), + }, + }, + { + testName: "NoExistingRegistry/CreateSuccessful", + in: in{ + cluster: cluster{ + k8sObjs: []runtime.Object{validConfigMap}, + }, + catsrc: validCatalogSource, + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "ExistingRegistry/BadServiceAccount", + in: in{ + cluster: cluster{ + k8sObjs: append(modifyObjName(objectsForCatalogSource(validCatalogSource), &corev1.ServiceAccount{}, "badName"), validConfigMap), + }, + catsrc: validCatalogSource, + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "ExistingRegistry/BadService", + in: in{ + cluster: cluster{ + k8sObjs: append(modifyObjName(objectsForCatalogSource(validCatalogSource), &corev1.Service{}, "badName"), validConfigMap), + }, + catsrc: validCatalogSource, + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "ExistingRegistry/BadPod", + in: in{ + cluster: cluster{ + k8sObjs: append(setLabel(objectsForCatalogSource(validCatalogSource), &corev1.Pod{}, CatalogSourceLabelKey, "badValue"), validConfigMap), + }, + catsrc: validCatalogSource, + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "ExistingRegistry/BadRole", + in: in{ + cluster: cluster{ + k8sObjs: append(modifyObjName(objectsForCatalogSource(validCatalogSource), &rbacv1.Role{}, "badName"), validConfigMap), + }, + catsrc: validCatalogSource, + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "ExistingRegistry/BadRoleBinding", + in: in{ + cluster: cluster{ + k8sObjs: append(modifyObjName(objectsForCatalogSource(validCatalogSource), &rbacv1.RoleBinding{}, "badName"), validConfigMap), + }, + catsrc: validCatalogSource, + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "ExistingRegistry/OldPod", + in: in{ + cluster: cluster{ + k8sObjs: append(objectsForCatalogSource(validCatalogSource), validConfigMap), + }, + catsrc: outdatedCatalogSource, + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "cool-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.testName, func(t *testing.T) { + stopc := make(chan struct{}) + defer close(stopc) + + factory, client := fakeReconcilerFactory(t, stopc, withNow(now), withK8sObjs(tt.in.cluster.k8sObjs...), withK8sClientOptions(clientfake.WithNameGeneration(t))) + rec := factory.ReconcilerForSource(tt.in.catsrc) + + err := rec.EnsureRegistryServer(tt.in.catsrc) + + require.Equal(t, tt.out.err, err) + require.Equal(t, tt.out.status, tt.in.catsrc.Status.RegistryServiceStatus) + + if tt.out.err != nil { + return + } + + // if no error, the reconciler should create the same set of kube objects every time + decorated := configMapCatalogSourceDecorator{tt.in.catsrc} + + pod := decorated.Pod(registryImageName) + listOptions := metav1.ListOptions{LabelSelector: labels.SelectorFromSet(labels.Set{CatalogSourceLabelKey: tt.in.catsrc.GetName()}).String()} + outPods, err := client.KubernetesInterface().CoreV1().Pods(pod.GetNamespace()).List(listOptions) + require.NoError(t, err) + require.Len(t, outPods.Items, 1) + outPod := outPods.Items[0] + require.Equal(t, pod.GetGenerateName(), outPod.GetGenerateName()) + require.Equal(t, pod.GetLabels(), outPod.GetLabels()) + require.Equal(t, pod.Spec, outPod.Spec) + + service := decorated.Service() + outService, err := client.KubernetesInterface().CoreV1().Services(service.GetNamespace()).Get(service.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, service, outService) + + serviceAccount := decorated.ServiceAccount() + outServiceAccount, err := client.KubernetesInterface().CoreV1().ServiceAccounts(serviceAccount.GetNamespace()).Get(serviceAccount.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, serviceAccount, outServiceAccount) + + role := decorated.Role() + outRole, err := client.KubernetesInterface().RbacV1().Roles(role.GetNamespace()).Get(role.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, role, outRole) + + roleBinding := decorated.RoleBinding() + outRoleBinding, err := client.KubernetesInterface().RbacV1().RoleBindings(roleBinding.GetNamespace()).Get(roleBinding.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, roleBinding, outRoleBinding) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc.go new file mode 100644 index 000000000..01aa1abd1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc.go @@ -0,0 +1,227 @@ +package reconciler + +import ( + "fmt" + + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/util/intstr" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +// grpcCatalogSourceDecorator wraps CatalogSource to add additional methods +type grpcCatalogSourceDecorator struct { + *v1alpha1.CatalogSource +} + +func (s *grpcCatalogSourceDecorator) Selector() labels.Selector { + return labels.SelectorFromValidatedSet(map[string]string{ + CatalogSourceLabelKey: s.GetName(), + }) +} + +func (s *grpcCatalogSourceDecorator) Labels() map[string]string { + return map[string]string{ + CatalogSourceLabelKey: s.GetName(), + } +} + +func (s *grpcCatalogSourceDecorator) Service() *v1.Service { + svc := &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: s.GetName(), + Namespace: s.GetNamespace(), + }, + Spec: v1.ServiceSpec{ + Ports: []v1.ServicePort{ + { + Name: "grpc", + Port: 50051, + TargetPort: intstr.FromInt(50051), + }, + }, + Selector: s.Labels(), + }, + } + ownerutil.AddOwner(svc, s.CatalogSource, false, false) + return svc +} + +func (s *grpcCatalogSourceDecorator) Pod() *v1.Pod { + pod := &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + GenerateName: s.GetName() + "-", + Namespace: s.GetNamespace(), + Labels: s.Labels(), + }, + Spec: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: "registry-server", + Image: s.Spec.Image, + Ports: []v1.ContainerPort{ + { + Name: "grpc", + ContainerPort: 50051, + }, + }, + ReadinessProbe: &v1.Probe{ + Handler: v1.Handler{ + Exec: &v1.ExecAction{ + Command: []string{"grpc_health_probe", "-addr=localhost:50051"}, + }, + }, + InitialDelaySeconds: 5, + }, + LivenessProbe: &v1.Probe{ + Handler: v1.Handler{ + Exec: &v1.ExecAction{ + Command: []string{"grpc_health_probe", "-addr=localhost:50051"}, + }, + }, + InitialDelaySeconds: 10, + }, + }, + }, + Tolerations: []v1.Toleration{ + { + Operator: v1.TolerationOpExists, + }, + }, + }, + } + ownerutil.AddOwner(pod, s.CatalogSource, false, false) + return pod +} + +type GrpcRegistryReconciler struct { + now nowFunc + Lister operatorlister.OperatorLister + OpClient operatorclient.ClientInterface +} + +var _ RegistryReconciler = &GrpcRegistryReconciler{} + +func (c *GrpcRegistryReconciler) currentService(source grpcCatalogSourceDecorator) *v1.Service { + serviceName := source.Service().GetName() + service, err := c.Lister.CoreV1().ServiceLister().Services(source.GetNamespace()).Get(serviceName) + if err != nil { + logrus.WithField("service", serviceName).Warn("couldn't find service in cache") + return nil + } + return service +} + +func (c *GrpcRegistryReconciler) currentPods(source grpcCatalogSourceDecorator) []*v1.Pod { + pods, err := c.Lister.CoreV1().PodLister().Pods(source.GetNamespace()).List(source.Selector()) + if err != nil { + logrus.WithError(err).Warn("couldn't find pod in cache") + return nil + } + if len(pods) > 1 { + logrus.WithField("selector", source.Selector()).Warn("multiple pods found for selector") + } + return pods +} + +func (c *GrpcRegistryReconciler) currentPodsWithCorrectImage(source grpcCatalogSourceDecorator) []*v1.Pod { + pods, err := c.Lister.CoreV1().PodLister().Pods(source.GetNamespace()).List(labels.SelectorFromValidatedSet(source.Labels())) + if err != nil { + logrus.WithError(err).Warn("couldn't find pod in cache") + return nil + } + found := []*v1.Pod{} + for _, p := range pods { + if p.Spec.Containers[0].Image == source.Spec.Image { + found = append(found, p) + } + } + return found +} + +// EnsureRegistryServer ensures that all components of registry server are up to date. +func (c *GrpcRegistryReconciler) EnsureRegistryServer(catalogSource *v1alpha1.CatalogSource) error { + source := grpcCatalogSourceDecorator{catalogSource} + + // if service status is nil, we force create every object to ensure they're created the first time + overwrite := source.Status.RegistryServiceStatus == nil + // recreate the pod if no existing pod is serving the latest image + overwritePod := overwrite || len(c.currentPodsWithCorrectImage(source)) == 0 + + //TODO: if any of these error out, we should write a status back (possibly set RegistryServiceStatus to nil so they get recreated) + if err := c.ensurePod(source, overwritePod); err != nil { + return errors.Wrapf(err, "error ensuring pod: %s", source.Pod().GetName()) + } + if err := c.ensureService(source, overwrite); err != nil { + return errors.Wrapf(err, "error ensuring service: %s", source.Service().GetName()) + } + + if overwritePod { + now := c.now() + catalogSource.Status.RegistryServiceStatus = &v1alpha1.RegistryServiceStatus{ + CreatedAt: now, + Protocol: "grpc", + ServiceName: source.Service().GetName(), + ServiceNamespace: source.GetNamespace(), + Port: fmt.Sprintf("%d", source.Service().Spec.Ports[0].Port), + } + catalogSource.Status.LastSync = now + } + return nil +} + +func (c *GrpcRegistryReconciler) ensurePod(source grpcCatalogSourceDecorator, overwrite bool) error { + currentPods := c.currentPods(source) + if len(currentPods) > 0 { + if !overwrite { + return nil + } + for _, p := range currentPods { + if err := c.OpClient.KubernetesInterface().CoreV1().Pods(source.GetNamespace()).Delete(p.GetName(), metav1.NewDeleteOptions(0)); err != nil { + return errors.Wrapf(err, "error deleting old pod: %s", p.GetName()) + } + } + } + _, err := c.OpClient.KubernetesInterface().CoreV1().Pods(source.GetNamespace()).Create(source.Pod()) + if err == nil { + return nil + } + return errors.Wrapf(err, "error creating new pod: %s", source.Pod().GetGenerateName()) +} + +func (c *GrpcRegistryReconciler) ensureService(source grpcCatalogSourceDecorator, overwrite bool) error { + service := source.Service() + if c.currentService(source) != nil { + if !overwrite { + return nil + } + if err := c.OpClient.DeleteService(service.GetNamespace(), service.GetName(), metav1.NewDeleteOptions(0)); err != nil { + return err + } + } + _, err := c.OpClient.CreateService(service) + return err +} + +// CheckRegistryServer returns true if the given CatalogSource is considered healthy; false otherwise. +func (c *GrpcRegistryReconciler) CheckRegistryServer(catalogSource *v1alpha1.CatalogSource) (healthy bool, err error) { + source := grpcCatalogSourceDecorator{catalogSource} + + // Check on registry resources + // TODO: add gRPC health check + if len(c.currentPodsWithCorrectImage(source)) < 1 || + c.currentService(source) == nil { + healthy = false + return + } + + healthy = true + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc_address.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc_address.go new file mode 100644 index 000000000..2d8aad5e9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc_address.go @@ -0,0 +1,32 @@ +package reconciler + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" +) + +type GrpcAddressRegistryReconciler struct { + now nowFunc +} + +var _ RegistryEnsurer = &GrpcAddressRegistryReconciler{} +var _ RegistryChecker = &GrpcAddressRegistryReconciler{} +var _ RegistryReconciler = &GrpcAddressRegistryReconciler{} + +// EnsureRegistryServer ensures a registry server exists for the given CatalogSource. +func (g *GrpcAddressRegistryReconciler) EnsureRegistryServer(catalogSource *v1alpha1.CatalogSource) error { + now := g.now() + catalogSource.Status.RegistryServiceStatus = &v1alpha1.RegistryServiceStatus{ + CreatedAt: now, + Protocol: "grpc", + } + catalogSource.Status.LastSync = now + + return nil +} + +// CheckRegistryServer returns true if the given CatalogSource is considered healthy; false otherwise. +func (g *GrpcAddressRegistryReconciler) CheckRegistryServer(catalogSource *v1alpha1.CatalogSource) (healthy bool, err error) { + // TODO: add gRPC health check + healthy = true + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc_test.go new file mode 100644 index 000000000..efc9f18bf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/grpc_test.go @@ -0,0 +1,367 @@ +package reconciler + +import ( + "testing" + "time" + + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake" +) + +func validGrpcCatalogSource(image, address string) *v1alpha1.CatalogSource { + return &v1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "img-catalog", + Namespace: testNamespace, + UID: types.UID("catalog-uid"), + }, + Spec: v1alpha1.CatalogSourceSpec{ + Image: image, + Address: address, + SourceType: v1alpha1.SourceTypeGrpc, + }, + } +} + +func TestGrpcRegistryReconciler(t *testing.T) { + now := func() metav1.Time { return metav1.Date(2018, time.January, 26, 20, 40, 0, 0, time.UTC) } + + type cluster struct { + k8sObjs []runtime.Object + } + type in struct { + cluster cluster + catsrc *v1alpha1.CatalogSource + } + type out struct { + status *v1alpha1.RegistryServiceStatus + err error + } + tests := []struct { + testName string + in in + out out + }{ + { + testName: "Grpc/NoExistingRegistry/CreateSuccessful", + in: in{ + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "img-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "Grpc/ExistingRegistry/CreateSuccessful", + in: in{ + cluster: cluster{ + k8sObjs: objectsForCatalogSource(validGrpcCatalogSource("test-img", "")), + }, + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "img-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "Grpc/Address/CreateSuccessful", + in: in{ + cluster: cluster{}, + catsrc: validGrpcCatalogSource("", "catalog.svc.cluster.local:50001"), + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + }, + }, + }, + { + testName: "Grpc/AddressAndImage/CreateSuccessful", + in: in{ + cluster: cluster{}, + catsrc: validGrpcCatalogSource("img-catalog", "catalog.svc.cluster.local:50001"), + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "img-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "Grpc/ExistingRegistry/BadService", + in: in{ + cluster: cluster{ + k8sObjs: modifyObjName(objectsForCatalogSource(validGrpcCatalogSource("test-img", "")), &corev1.Service{}, "badName"), + }, + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "img-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "Grpc/ExistingRegistry/BadPod", + in: in{ + cluster: cluster{ + k8sObjs: setLabel(objectsForCatalogSource(validGrpcCatalogSource("test-img", "")), &corev1.Pod{}, CatalogSourceLabelKey, ""), + }, + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "img-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + { + testName: "Grpc/ExistingRegistry/OldPod", + in: in{ + cluster: cluster{ + k8sObjs: objectsForCatalogSource(validGrpcCatalogSource("old-img", "")), + }, + catsrc: validGrpcCatalogSource("new-img", ""), + }, + out: out{ + status: &v1alpha1.RegistryServiceStatus{ + CreatedAt: now(), + Protocol: "grpc", + ServiceName: "img-catalog", + ServiceNamespace: testNamespace, + Port: "50051", + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.testName, func(t *testing.T) { + stopc := make(chan struct{}) + defer close(stopc) + + factory, client := fakeReconcilerFactory(t, stopc, withNow(now), withK8sObjs(tt.in.cluster.k8sObjs...), withK8sClientOptions(clientfake.WithNameGeneration(t))) + rec := factory.ReconcilerForSource(tt.in.catsrc) + + err := rec.EnsureRegistryServer(tt.in.catsrc) + + require.Equal(t, tt.out.err, err) + require.Equal(t, tt.out.status, tt.in.catsrc.Status.RegistryServiceStatus) + + if tt.out.err != nil { + return + } + + // Check for resource existence + decorated := grpcCatalogSourceDecorator{tt.in.catsrc} + pod := decorated.Pod() + service := decorated.Service() + listOptions := metav1.ListOptions{LabelSelector: labels.SelectorFromSet(labels.Set{CatalogSourceLabelKey: tt.in.catsrc.GetName()}).String()} + outPods, podErr := client.KubernetesInterface().CoreV1().Pods(pod.GetNamespace()).List(listOptions) + outService, serviceErr := client.KubernetesInterface().CoreV1().Services(service.GetNamespace()).Get(service.GetName(), metav1.GetOptions{}) + + switch rec.(type) { + case *GrpcRegistryReconciler: + // Should be created by a GrpcRegistryReconciler + require.NoError(t, podErr) + require.Len(t, outPods.Items, 1) + outPod := outPods.Items[0] + require.Equal(t, pod.GetGenerateName(), outPod.GetGenerateName()) + require.Equal(t, pod.GetLabels(), outPod.GetLabels()) + require.Equal(t, pod.Spec, outPod.Spec) + require.NoError(t, serviceErr) + require.Equal(t, service, outService) + case *GrpcAddressRegistryReconciler: + // Should not be created by a GrpcAddressRegistryReconciler + require.NoError(t, podErr) + require.Len(t, outPods.Items, 0) + require.NoError(t, err) + require.True(t, k8serrors.IsNotFound(serviceErr)) + } + + }) + } +} + +func TestGrpcRegistryChecker(t *testing.T) { + type cluster struct { + k8sObjs []runtime.Object + } + type in struct { + cluster cluster + catsrc *v1alpha1.CatalogSource + } + type out struct { + healthy bool + err error + } + tests := []struct { + testName string + in in + out out + }{ + { + testName: "Grpc/ExistingRegistry/Image/Healthy", + in: in{ + cluster: cluster{ + k8sObjs: objectsForCatalogSource(validGrpcCatalogSource("test-img", "")), + }, + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + healthy: true, + }, + }, + { + testName: "Grpc/NoExistingRegistry/Image/NotHealthy", + in: in{ + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + healthy: false, + }, + }, + { + testName: "Grpc/ExistingRegistry/Image/BadService", + in: in{ + cluster: cluster{ + k8sObjs: modifyObjName(objectsForCatalogSource(validGrpcCatalogSource("test-img", "")), &corev1.Service{}, "badName"), + }, + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + healthy: false, + }, + }, + { + testName: "Grpc/ExistingRegistry/Image/BadPod", + in: in{ + cluster: cluster{ + k8sObjs: setLabel(objectsForCatalogSource(validGrpcCatalogSource("test-img", "")), &corev1.Pod{}, CatalogSourceLabelKey, ""), + }, + catsrc: validGrpcCatalogSource("test-img", ""), + }, + out: out{ + healthy: false, + }, + }, + { + testName: "Grpc/ExistingRegistry/Image/OldPod/NotHealthy", + in: in{ + cluster: cluster{ + k8sObjs: objectsForCatalogSource(validGrpcCatalogSource("old-img", "")), + }, + catsrc: validGrpcCatalogSource("new-img", ""), + }, + out: out{ + healthy: false, + }, + }, + { + testName: "Grpc/NoExistingRegistry/Address/Healthy", + in: in{ + catsrc: validGrpcCatalogSource("", "catalog.svc.cluster.local:50001"), + }, + out: out{ + healthy: true, + }, + }, + { + testName: "Grpc/ExistingRegistry/AddressAndImage/Healthy", + in: in{ + cluster: cluster{ + k8sObjs: objectsForCatalogSource(validGrpcCatalogSource("img-catalog", "catalog.svc.cluster.local:50001")), + }, + catsrc: validGrpcCatalogSource("img-catalog", "catalog.svc.cluster.local:50001"), + }, + out: out{ + healthy: true, + }, + }, + { + testName: "Grpc/NoExistingRegistry/AddressAndImage/NotHealthy", + in: in{ + cluster: cluster{}, + catsrc: validGrpcCatalogSource("img-catalog", "catalog.svc.cluster.local:50001"), + }, + out: out{ + healthy: false, + }, + }, + { + testName: "Grpc/ExistingRegistry/AddressAndImage/BadService/NotHealthy", + in: in{ + cluster: cluster{ + k8sObjs: modifyObjName(objectsForCatalogSource(validGrpcCatalogSource("test-img", "catalog.svc.cluster.local:50001")), &corev1.Service{}, "badName"), + }, + catsrc: validGrpcCatalogSource("test-img", "catalog.svc.cluster.local:50001"), + }, + out: out{ + healthy: false, + }, + }, + { + testName: "Grpc/ExistingRegistry/AddressAndImage/OldPod/NotHealthy", + in: in{ + cluster: cluster{ + k8sObjs: objectsForCatalogSource(validGrpcCatalogSource("old-img", "catalog.svc.cluster.local:50001")), + }, + catsrc: validGrpcCatalogSource("new-img", "catalog.svc.cluster.local:50001"), + }, + out: out{ + healthy: false, + }, + }, + } + for _, tt := range tests { + t.Run(tt.testName, func(t *testing.T) { + stopc := make(chan struct{}) + defer close(stopc) + + factory, _ := fakeReconcilerFactory(t, stopc, withK8sObjs(tt.in.cluster.k8sObjs...)) + rec := factory.ReconcilerForSource(tt.in.catsrc) + + healthy, err := rec.CheckRegistryServer(tt.in.catsrc) + + require.Equal(t, tt.out.err, err) + if tt.out.err != nil { + return + } + + require.Equal(t, tt.out.healthy, healthy) + + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/reconciler.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/reconciler.go new file mode 100644 index 000000000..2a1855ecb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler/reconciler.go @@ -0,0 +1,85 @@ +//go:generate counterfeiter -o ../../../fakes/fake_reconciler_factory.go . RegistryReconcilerFactory +package reconciler + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +type nowFunc func() metav1.Time + +const ( + // CatalogSourceLabelKey is the key for a label containing a CatalogSource name. + CatalogSourceLabelKey string = "olm.catalogSource" +) + +// RegistryEnsurer describes methods for ensuring a registry exists. +type RegistryEnsurer interface { + // EnsureRegistryServer ensures a registry server exists for the given CatalogSource. + EnsureRegistryServer(catalogSource *v1alpha1.CatalogSource) error +} + +// RegistryChecker describes methods for checking a registry. +type RegistryChecker interface { + // CheckRegistryServer returns true if the given CatalogSource is considered healthy; false otherwise. + CheckRegistryServer(catalogSource *v1alpha1.CatalogSource) (healthy bool, err error) +} + +// RegistryReconciler knows how to reconcile a registry. +type RegistryReconciler interface { + RegistryChecker + RegistryEnsurer +} + +// RegistryReconcilerFactory describes factory methods for RegistryReconcilers. +type RegistryReconcilerFactory interface { + ReconcilerForSource(source *v1alpha1.CatalogSource) RegistryReconciler +} + +// RegistryReconcilerFactory is a factory for RegistryReconcilers. +type registryReconcilerFactory struct { + now nowFunc + Lister operatorlister.OperatorLister + OpClient operatorclient.ClientInterface + ConfigMapServerImage string +} + +// ReconcilerForSource returns a RegistryReconciler based on the configuration of the given CatalogSource. +func (r *registryReconcilerFactory) ReconcilerForSource(source *v1alpha1.CatalogSource) RegistryReconciler { + // TODO: add memoization by source type + switch source.Spec.SourceType { + case v1alpha1.SourceTypeInternal, v1alpha1.SourceTypeConfigmap: + return &ConfigMapRegistryReconciler{ + now: r.now, + Lister: r.Lister, + OpClient: r.OpClient, + Image: r.ConfigMapServerImage, + } + case v1alpha1.SourceTypeGrpc: + if source.Spec.Image != "" { + return &GrpcRegistryReconciler{ + now: r.now, + Lister: r.Lister, + OpClient: r.OpClient, + } + } else if source.Spec.Address != "" { + return &GrpcAddressRegistryReconciler{ + now: r.now, + } + } + } + return nil +} + +// NewRegistryReconcilerFactory returns an initialized RegistryReconcilerFactory. +func NewRegistryReconcilerFactory(lister operatorlister.OperatorLister, opClient operatorclient.ClientInterface, configMapServerImage string, now nowFunc) RegistryReconcilerFactory { + return ®istryReconcilerFactory{ + now: now, + Lister: lister, + OpClient: opClient, + ConfigMapServerImage: configMapServerImage, + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/evolver.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/evolver.go new file mode 100644 index 000000000..77265c1ae --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/evolver.go @@ -0,0 +1,138 @@ +package resolver + +import ( + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/pkg/errors" +) + +// TODO: this should take a cancellable context for killing long resolution +// TODO: return a set of errors or warnings of unusual states to know about (we expect evolve to always succeed, because it can be a no-op) + +// Evolvers modify a generation to a new state +type Evolver interface { + Evolve(add map[OperatorSourceInfo]struct{}) error +} + +type NamespaceGenerationEvolver struct { + querier SourceQuerier + gen Generation +} + +func NewNamespaceGenerationEvolver(querier SourceQuerier, gen Generation) Evolver { + return &NamespaceGenerationEvolver{querier: querier, gen: gen} +} + +// Evolve takes new requested operators, adds them to the generation, and attempts to resolve dependencies with querier +func (e *NamespaceGenerationEvolver) Evolve(add map[OperatorSourceInfo]struct{}) error { + if err := e.querier.Queryable(); err != nil { + return err + } + + // check for updates to existing operators + if err := e.checkForUpdates(); err != nil { + return err + } + + // fetch bundles for new operators (aren't yet tracked) + if err := e.addNewOperators(add); err != nil { + return err + } + + // attempt to resolve any missing apis as a result expanding the generation of operators + if err := e.queryForRequiredAPIs(); err != nil { + return err + } + + // for any remaining missing APIs, attempt to downgrade the operator that required them + // this may contract the generation back to the original set! + e.downgradeAPIs() + return nil +} + +func (e *NamespaceGenerationEvolver) checkForUpdates() error { + // take a snapshot of the current generation so that we don't update the same operator twice in one resolution + for _, op := range e.gen.Operators().Snapshot() { + // only check for updates if we have sourceinfo + if op.SourceInfo() == &ExistingOperator { + continue + } + + bundle, key, err := e.querier.FindReplacement(op.Version(), op.Identifier(), op.SourceInfo().Package, op.SourceInfo().Channel, op.SourceInfo().Catalog) + if err != nil || bundle == nil { + continue + } + + o, err := NewOperatorFromBundle(bundle, op.Identifier(), op.SourceInfo().StartingCSV, *key) + if err != nil { + return errors.Wrap(err, "error parsing bundle") + } + if err := e.gen.AddOperator(o); err != nil { + return errors.Wrap(err, "error calculating generation changes due to new bundle") + } + e.gen.RemoveOperator(op) + } + return nil +} + +func (e *NamespaceGenerationEvolver) addNewOperators(add map[OperatorSourceInfo]struct{}) error { + for s := range add { + var bundle *opregistry.Bundle + var key *CatalogKey + var err error + if s.StartingCSV != "" { + bundle, key, err = e.querier.FindBundle(s.Package, s.Channel, s.StartingCSV, s.Catalog) + } else { + bundle, key, err = e.querier.FindLatestBundle(s.Package, s.Channel, s.Catalog) + } + if err != nil { + // TODO: log or collect warnings + return errors.Wrapf(err, "%s not found", s) + } + + o, err := NewOperatorFromBundle(bundle, "", s.StartingCSV, *key) + if err != nil { + return errors.Wrap(err, "error parsing bundle") + } + if err := e.gen.AddOperator(o); err != nil { + if err != nil { + return errors.Wrap(err, "error calculating generation changes due to new bundle") + } + } + } + return nil +} + +func (e *NamespaceGenerationEvolver) queryForRequiredAPIs() error { + e.gen.ResetUnchecked() + + for { + api := e.gen.UncheckedAPIs().PopAPIKey() + if api == nil { + break + } + e.gen.MarkAPIChecked(*api) + + // attempt to find a bundle that provides that api + if bundle, key, err := e.querier.FindProvider(*api); err == nil { + // add a bundle that provides the api to the generation + o, err := NewOperatorFromBundle(bundle, "", "", *key) + if err != nil { + return errors.Wrap(err, "error parsing bundle") + } + if err := e.gen.AddOperator(o); err != nil { + return errors.Wrap(err, "error calculating generation changes due to new bundle") + } + } + } + return nil +} + +func (e *NamespaceGenerationEvolver) downgradeAPIs() { + e.gen.ResetUnchecked() + for missingAPIs := e.gen.MissingAPIs(); len(missingAPIs) > 0; { + requirers := missingAPIs.PopAPIRequirers() + for _, op := range requirers { + e.gen.RemoveOperator(op) + } + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/evolver_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/evolver_test.go new file mode 100644 index 000000000..d7cabf401 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/evolver_test.go @@ -0,0 +1,427 @@ +package resolver + +import ( + "fmt" + "testing" + + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" +) + +func TestNamespaceGenerationEvolver(t *testing.T) { + type fields struct { + querier SourceQuerier + gen Generation + } + type args struct { + add map[OperatorSourceInfo]struct{} + } + tests := []struct { + name string + fields fields + args args + wantErr error + wantGen Generation + }{ + { + name: "NotQueryable", + fields: fields{ + querier: NewFakeSourceQuerier(nil), + gen: NewEmptyGeneration(), + }, + args: args{nil}, + wantErr: fmt.Errorf("no catalog sources available"), + wantGen: NewEmptyGeneration(), + }, + { + name: "NoRequiredAPIs", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("csv1", "p", "c", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewEmptyGeneration(), + }, + wantGen: NewEmptyGeneration(), + }, + { + name: "NoNewRequiredAPIs", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("csv1", "p", "c", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + bundle("nothing.v1", "nothing", "channel", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "nothing", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + NewFakeOperatorSurface("nothing.v1", "nothing", "channel", "", "catsrc", "", nil, nil, nil, nil), + ), + }, + { + name: "NoNewRequiredAPIs/StartingCSV", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("csv1", "p", "c", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + bundle("nothing.v1", "nothing", "channel", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + bundle("nothing.v2", "nothing", "channel", "nothing.v1", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "nothing", + Channel: "channel", + StartingCSV: "nothing.v1", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + NewFakeOperatorSurface("nothing.v1", "nothing", "channel", "", "catsrc", "nothing.v1", nil, nil, nil, nil), + ), + }, + { + name: "NoNewRequiredAPIs/StartingCSV/NotFound", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("csv1", "p", "c", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + bundle("nothing.v2", "nothing", "channel", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "nothing", + Channel: "channel", + StartingCSV: "nothing.v1", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + wantErr: fmt.Errorf("{nothing channel nothing.v1 {catsrc catsrc-namespace}} not found: no bundle found"), + }, + { + // the incoming subscription requires apis that can't be found + // this should contract back to the original set + name: "NewRequiredAPIs/NoProviderFound", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewEmptyGeneration(), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewEmptyGeneration(), + }, + { + // the incoming subscription requires apis that can't be found + // this should contract back to the original set + name: "NewRequiredAPIs/NoProviderFound/NonEmptyStartingGeneration", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}, EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("op1", "pkgA", "c", "", "s", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + }, + { + // the incoming subscription requires apis that can be found + // this should produce a set with the new provider + name: "NewRequiredAPIs/FoundProvider", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider.v1", "provider", "channel", "", APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewEmptyGeneration(), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("depender.v1", "depender", "channel", "", "catsrc", "", nil, []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil), + NewFakeOperatorSurface("provider.v1", "provider", "channel", "", "catsrc", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + }, + { + // the incoming subscription requires apis that can be found + // but the provider subscription also requires apis that can't be found + // this should contract back to the original set + name: "NewRequiredAPIs/FoundProvider/ProviderRequired/NoSecondaryProvider", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider.v1", "provider", "channel", "", + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, + APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}, EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewEmptyGeneration(), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewEmptyGeneration(), + }, + { + // the incoming subscription requires apis that can be found + // and the provider also requires apis that can be found + // this should produce a set with three new providers + name: "NewRequiredAPIs/FoundProvider/ProviderRequired/SecondaryProviderFound", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider.v1", "provider", "channel", "", + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, + APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider2.v1", "provider2", "channel", "", + APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}, + EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewEmptyGeneration(), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("depender.v1", "depender", "channel", "", "catsrc", "", nil, []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil), + NewFakeOperatorSurface("provider.v1", "provider", "channel", "", "catsrc", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, []opregistry.APIKey{{"g2", "v2", "k2", "k2s"}}, nil, nil), + NewFakeOperatorSurface("provider2.v1", "provider2", "channel", "", "catsrc", "", []opregistry.APIKey{{"g2", "v2", "k2", "k2s"}}, nil, nil, nil), + ), + }, + { + // the incoming subscription requires apis that can be found + // and the provider also requires apis that can be found + // this should produce a set with three new providers + // tests dependency between crd and apiservice provided apis as a sanity check - evolver shouldn't care + name: "NewRequiredCRDAPIs/FoundCRDProvider/ProviderAPIRequired/SecondaryAPIProviderFound", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider.v1", "provider", "channel", "", + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), + EmptyAPISet(), APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}), + bundle("provider2.v1", "provider2", "channel", "", + EmptyAPISet(), EmptyAPISet(), + APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}, EmptyAPISet()), + }, + }), + gen: NewEmptyGeneration(), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("depender.v1", "depender", "channel", "", "catsrc", "", nil, []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil), + NewFakeOperatorSurface("provider.v1", "provider", "channel", "", "catsrc", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, []opregistry.APIKey{{"g2", "v2", "k2", "k2s"}}), + NewFakeOperatorSurface("provider2.v1", "provider2", "channel", "", "catsrc", "", nil, nil, []opregistry.APIKey{{"g2", "v2", "k2", "k2s"}}, nil), + ), + }, + { + name: "NewRequiredAPIs/FoundProvider/ProviderRequired/SecondaryProviderFound/RequiresAlreadyProvidedAPIs", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", + EmptyAPISet(), + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider.v1", "provider", "channel", "", + APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, + APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider2.v1", "provider2", "channel", "", + APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: {}}, + APISet{opregistry.APIKey{"g3", "v3", "k3", "k3s"}: {}}, EmptyAPISet(), EmptyAPISet()), + }, + }), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("original", "o", "c", "", "s", "", []opregistry.APIKey{{"g3", "v3", "k3", "k3s"}}, nil, nil, nil), + ), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("original", "o", "c", "", "s", "", []opregistry.APIKey{{"g3", "v3", "k3", "k3s"}}, nil, nil, nil), + NewFakeOperatorSurface("depender.v1", "depender", "channel", "", "catsrc", "", nil, []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil), + NewFakeOperatorSurface("provider.v1", "provider", "channel", "", "catsrc", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, []opregistry.APIKey{{"g2", "v2", "k2", "k2s"}}, nil, nil), + NewFakeOperatorSurface("provider2.v1", "provider2", "channel", "", "catsrc", "", []opregistry.APIKey{{"g2", "v2", "k2", "k2s"}}, []opregistry.APIKey{{"g3", "v3", "k3", "k3s"}}, nil, nil), + ), + }, + { + // the incoming subscription requires apis that can be found + // and an existing operator has an update + // this should produce a set with the new provider + name: "UpdateRequired/NewRequiredAPIs/FoundProvider", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + bundle("provider.v1", "provider", "channel", "", APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + bundle("updated", "o", "c", "original", nil, nil, nil, nil), + }, + }), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("original", "o", "c", "", "catsrc", "", nil, nil, nil, nil), + ), + }, + args: args{ + add: map[OperatorSourceInfo]struct{}{ + OperatorSourceInfo{ + Package: "depender", + Channel: "channel", + Catalog: CatalogKey{"catsrc", "catsrc-namespace"}, + }: {}, + }, + }, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("updated", "o", "c", "original", "catsrc", "", nil, nil, nil, nil), + NewFakeOperatorSurface("depender.v1", "depender", "channel", "", "catsrc", "", nil, []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil), + NewFakeOperatorSurface("provider.v1", "provider", "channel", "", "catsrc", "", []opregistry.APIKey{{"g", "v", "k", "ks"}}, nil, nil, nil), + ), + }, + { + // an existing operator has multiple updates available + // a single evolution should update to next, not latest + name: "UpdateRequired/MultipleUpdates", + fields: fields{ + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + CatalogKey{"catsrc", "catsrc-namespace"}: { + bundle("updated", "o", "c", "original", nil, nil, nil, nil), + bundle("updated.v2", "o", "c", "updated", nil, nil, nil, nil), + bundle("updated.v3", "o", "c", "updated.v2", nil, nil, nil, nil), + }, + }), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("original", "o", "c", "", "catsrc", "", nil, nil, nil, nil), + ), + }, + args: args{}, + wantGen: NewGenerationFromOperators( + NewFakeOperatorSurface("updated", "o", "c", "original", "catsrc", "", nil, nil, nil, nil), + ), + }, + { + // an existing operator has an update available and skips previous versions via channel head annotations + name: "UpdateRequired/SkipVersions", + fields: fields{ + querier: NewFakeSourceQuerierCustomReplacement(CatalogKey{"catsrc", "catsrc-namespace"}, bundle("updated.v3", "o", "c", "updated.v2", nil, nil, nil, nil)), + gen: NewGenerationFromOperators( + NewFakeOperatorSurface("original", "o", "c", "", "catsrc", "", nil, nil, nil, nil), + ), + }, + args: args{}, + wantGen: NewGenerationFromOperators( + // the csv in the bundle still has the original replaces field, but the surface has the value overridden + withReplaces(NewFakeOperatorSurface("updated.v3", "o", "c", "updated.v2", "catsrc", "", nil, nil, nil, nil), + "original"), + ), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + e := NewNamespaceGenerationEvolver(tt.fields.querier, tt.fields.gen) + err := e.Evolve(tt.args.add) + if tt.wantErr != nil { + require.EqualError(t, tt.wantErr, err.Error()) + } else { + // if there was no error, then the generation should have "evolved" to a new good set + require.EqualValues(t, EmptyAPIMultiOwnerSet(), tt.fields.gen.MissingAPIs()) + } + require.EqualValues(t, tt.wantGen, tt.fields.gen) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/fakes/fake_registry_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/fakes/fake_registry_client.go new file mode 100644 index 000000000..0959de10c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/fakes/fake_registry_client.go @@ -0,0 +1,518 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + context "context" + sync "sync" + time "time" + + client "github.com/operator-framework/operator-registry/pkg/client" + registry "github.com/operator-framework/operator-registry/pkg/registry" +) + +type FakeInterface struct { + CloseStub func() error + closeMutex sync.RWMutex + closeArgsForCall []struct { + } + closeReturns struct { + result1 error + } + closeReturnsOnCall map[int]struct { + result1 error + } + GetBundleStub func(context.Context, string, string, string) (*registry.Bundle, error) + getBundleMutex sync.RWMutex + getBundleArgsForCall []struct { + arg1 context.Context + arg2 string + arg3 string + arg4 string + } + getBundleReturns struct { + result1 *registry.Bundle + result2 error + } + getBundleReturnsOnCall map[int]struct { + result1 *registry.Bundle + result2 error + } + GetBundleInPackageChannelStub func(context.Context, string, string) (*registry.Bundle, error) + getBundleInPackageChannelMutex sync.RWMutex + getBundleInPackageChannelArgsForCall []struct { + arg1 context.Context + arg2 string + arg3 string + } + getBundleInPackageChannelReturns struct { + result1 *registry.Bundle + result2 error + } + getBundleInPackageChannelReturnsOnCall map[int]struct { + result1 *registry.Bundle + result2 error + } + GetBundleThatProvidesStub func(context.Context, string, string, string) (*registry.Bundle, error) + getBundleThatProvidesMutex sync.RWMutex + getBundleThatProvidesArgsForCall []struct { + arg1 context.Context + arg2 string + arg3 string + arg4 string + } + getBundleThatProvidesReturns struct { + result1 *registry.Bundle + result2 error + } + getBundleThatProvidesReturnsOnCall map[int]struct { + result1 *registry.Bundle + result2 error + } + GetReplacementBundleInPackageChannelStub func(context.Context, string, string, string) (*registry.Bundle, error) + getReplacementBundleInPackageChannelMutex sync.RWMutex + getReplacementBundleInPackageChannelArgsForCall []struct { + arg1 context.Context + arg2 string + arg3 string + arg4 string + } + getReplacementBundleInPackageChannelReturns struct { + result1 *registry.Bundle + result2 error + } + getReplacementBundleInPackageChannelReturnsOnCall map[int]struct { + result1 *registry.Bundle + result2 error + } + HealthCheckStub func(context.Context, time.Duration) (bool, error) + healthCheckMutex sync.RWMutex + healthCheckArgsForCall []struct { + arg1 context.Context + arg2 time.Duration + } + healthCheckReturns struct { + result1 bool + result2 error + } + healthCheckReturnsOnCall map[int]struct { + result1 bool + result2 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeInterface) Close() error { + fake.closeMutex.Lock() + ret, specificReturn := fake.closeReturnsOnCall[len(fake.closeArgsForCall)] + fake.closeArgsForCall = append(fake.closeArgsForCall, struct { + }{}) + fake.recordInvocation("Close", []interface{}{}) + fake.closeMutex.Unlock() + if fake.CloseStub != nil { + return fake.CloseStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.closeReturns + return fakeReturns.result1 +} + +func (fake *FakeInterface) CloseCallCount() int { + fake.closeMutex.RLock() + defer fake.closeMutex.RUnlock() + return len(fake.closeArgsForCall) +} + +func (fake *FakeInterface) CloseCalls(stub func() error) { + fake.closeMutex.Lock() + defer fake.closeMutex.Unlock() + fake.CloseStub = stub +} + +func (fake *FakeInterface) CloseReturns(result1 error) { + fake.closeMutex.Lock() + defer fake.closeMutex.Unlock() + fake.CloseStub = nil + fake.closeReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeInterface) CloseReturnsOnCall(i int, result1 error) { + fake.closeMutex.Lock() + defer fake.closeMutex.Unlock() + fake.CloseStub = nil + if fake.closeReturnsOnCall == nil { + fake.closeReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.closeReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeInterface) GetBundle(arg1 context.Context, arg2 string, arg3 string, arg4 string) (*registry.Bundle, error) { + fake.getBundleMutex.Lock() + ret, specificReturn := fake.getBundleReturnsOnCall[len(fake.getBundleArgsForCall)] + fake.getBundleArgsForCall = append(fake.getBundleArgsForCall, struct { + arg1 context.Context + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + fake.recordInvocation("GetBundle", []interface{}{arg1, arg2, arg3, arg4}) + fake.getBundleMutex.Unlock() + if fake.GetBundleStub != nil { + return fake.GetBundleStub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getBundleReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInterface) GetBundleCallCount() int { + fake.getBundleMutex.RLock() + defer fake.getBundleMutex.RUnlock() + return len(fake.getBundleArgsForCall) +} + +func (fake *FakeInterface) GetBundleCalls(stub func(context.Context, string, string, string) (*registry.Bundle, error)) { + fake.getBundleMutex.Lock() + defer fake.getBundleMutex.Unlock() + fake.GetBundleStub = stub +} + +func (fake *FakeInterface) GetBundleArgsForCall(i int) (context.Context, string, string, string) { + fake.getBundleMutex.RLock() + defer fake.getBundleMutex.RUnlock() + argsForCall := fake.getBundleArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeInterface) GetBundleReturns(result1 *registry.Bundle, result2 error) { + fake.getBundleMutex.Lock() + defer fake.getBundleMutex.Unlock() + fake.GetBundleStub = nil + fake.getBundleReturns = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) GetBundleReturnsOnCall(i int, result1 *registry.Bundle, result2 error) { + fake.getBundleMutex.Lock() + defer fake.getBundleMutex.Unlock() + fake.GetBundleStub = nil + if fake.getBundleReturnsOnCall == nil { + fake.getBundleReturnsOnCall = make(map[int]struct { + result1 *registry.Bundle + result2 error + }) + } + fake.getBundleReturnsOnCall[i] = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) GetBundleInPackageChannel(arg1 context.Context, arg2 string, arg3 string) (*registry.Bundle, error) { + fake.getBundleInPackageChannelMutex.Lock() + ret, specificReturn := fake.getBundleInPackageChannelReturnsOnCall[len(fake.getBundleInPackageChannelArgsForCall)] + fake.getBundleInPackageChannelArgsForCall = append(fake.getBundleInPackageChannelArgsForCall, struct { + arg1 context.Context + arg2 string + arg3 string + }{arg1, arg2, arg3}) + fake.recordInvocation("GetBundleInPackageChannel", []interface{}{arg1, arg2, arg3}) + fake.getBundleInPackageChannelMutex.Unlock() + if fake.GetBundleInPackageChannelStub != nil { + return fake.GetBundleInPackageChannelStub(arg1, arg2, arg3) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getBundleInPackageChannelReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInterface) GetBundleInPackageChannelCallCount() int { + fake.getBundleInPackageChannelMutex.RLock() + defer fake.getBundleInPackageChannelMutex.RUnlock() + return len(fake.getBundleInPackageChannelArgsForCall) +} + +func (fake *FakeInterface) GetBundleInPackageChannelCalls(stub func(context.Context, string, string) (*registry.Bundle, error)) { + fake.getBundleInPackageChannelMutex.Lock() + defer fake.getBundleInPackageChannelMutex.Unlock() + fake.GetBundleInPackageChannelStub = stub +} + +func (fake *FakeInterface) GetBundleInPackageChannelArgsForCall(i int) (context.Context, string, string) { + fake.getBundleInPackageChannelMutex.RLock() + defer fake.getBundleInPackageChannelMutex.RUnlock() + argsForCall := fake.getBundleInPackageChannelArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeInterface) GetBundleInPackageChannelReturns(result1 *registry.Bundle, result2 error) { + fake.getBundleInPackageChannelMutex.Lock() + defer fake.getBundleInPackageChannelMutex.Unlock() + fake.GetBundleInPackageChannelStub = nil + fake.getBundleInPackageChannelReturns = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) GetBundleInPackageChannelReturnsOnCall(i int, result1 *registry.Bundle, result2 error) { + fake.getBundleInPackageChannelMutex.Lock() + defer fake.getBundleInPackageChannelMutex.Unlock() + fake.GetBundleInPackageChannelStub = nil + if fake.getBundleInPackageChannelReturnsOnCall == nil { + fake.getBundleInPackageChannelReturnsOnCall = make(map[int]struct { + result1 *registry.Bundle + result2 error + }) + } + fake.getBundleInPackageChannelReturnsOnCall[i] = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) GetBundleThatProvides(arg1 context.Context, arg2 string, arg3 string, arg4 string) (*registry.Bundle, error) { + fake.getBundleThatProvidesMutex.Lock() + ret, specificReturn := fake.getBundleThatProvidesReturnsOnCall[len(fake.getBundleThatProvidesArgsForCall)] + fake.getBundleThatProvidesArgsForCall = append(fake.getBundleThatProvidesArgsForCall, struct { + arg1 context.Context + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + fake.recordInvocation("GetBundleThatProvides", []interface{}{arg1, arg2, arg3, arg4}) + fake.getBundleThatProvidesMutex.Unlock() + if fake.GetBundleThatProvidesStub != nil { + return fake.GetBundleThatProvidesStub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getBundleThatProvidesReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInterface) GetBundleThatProvidesCallCount() int { + fake.getBundleThatProvidesMutex.RLock() + defer fake.getBundleThatProvidesMutex.RUnlock() + return len(fake.getBundleThatProvidesArgsForCall) +} + +func (fake *FakeInterface) GetBundleThatProvidesCalls(stub func(context.Context, string, string, string) (*registry.Bundle, error)) { + fake.getBundleThatProvidesMutex.Lock() + defer fake.getBundleThatProvidesMutex.Unlock() + fake.GetBundleThatProvidesStub = stub +} + +func (fake *FakeInterface) GetBundleThatProvidesArgsForCall(i int) (context.Context, string, string, string) { + fake.getBundleThatProvidesMutex.RLock() + defer fake.getBundleThatProvidesMutex.RUnlock() + argsForCall := fake.getBundleThatProvidesArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeInterface) GetBundleThatProvidesReturns(result1 *registry.Bundle, result2 error) { + fake.getBundleThatProvidesMutex.Lock() + defer fake.getBundleThatProvidesMutex.Unlock() + fake.GetBundleThatProvidesStub = nil + fake.getBundleThatProvidesReturns = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) GetBundleThatProvidesReturnsOnCall(i int, result1 *registry.Bundle, result2 error) { + fake.getBundleThatProvidesMutex.Lock() + defer fake.getBundleThatProvidesMutex.Unlock() + fake.GetBundleThatProvidesStub = nil + if fake.getBundleThatProvidesReturnsOnCall == nil { + fake.getBundleThatProvidesReturnsOnCall = make(map[int]struct { + result1 *registry.Bundle + result2 error + }) + } + fake.getBundleThatProvidesReturnsOnCall[i] = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) GetReplacementBundleInPackageChannel(arg1 context.Context, arg2 string, arg3 string, arg4 string) (*registry.Bundle, error) { + fake.getReplacementBundleInPackageChannelMutex.Lock() + ret, specificReturn := fake.getReplacementBundleInPackageChannelReturnsOnCall[len(fake.getReplacementBundleInPackageChannelArgsForCall)] + fake.getReplacementBundleInPackageChannelArgsForCall = append(fake.getReplacementBundleInPackageChannelArgsForCall, struct { + arg1 context.Context + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + fake.recordInvocation("GetReplacementBundleInPackageChannel", []interface{}{arg1, arg2, arg3, arg4}) + fake.getReplacementBundleInPackageChannelMutex.Unlock() + if fake.GetReplacementBundleInPackageChannelStub != nil { + return fake.GetReplacementBundleInPackageChannelStub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getReplacementBundleInPackageChannelReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInterface) GetReplacementBundleInPackageChannelCallCount() int { + fake.getReplacementBundleInPackageChannelMutex.RLock() + defer fake.getReplacementBundleInPackageChannelMutex.RUnlock() + return len(fake.getReplacementBundleInPackageChannelArgsForCall) +} + +func (fake *FakeInterface) GetReplacementBundleInPackageChannelCalls(stub func(context.Context, string, string, string) (*registry.Bundle, error)) { + fake.getReplacementBundleInPackageChannelMutex.Lock() + defer fake.getReplacementBundleInPackageChannelMutex.Unlock() + fake.GetReplacementBundleInPackageChannelStub = stub +} + +func (fake *FakeInterface) GetReplacementBundleInPackageChannelArgsForCall(i int) (context.Context, string, string, string) { + fake.getReplacementBundleInPackageChannelMutex.RLock() + defer fake.getReplacementBundleInPackageChannelMutex.RUnlock() + argsForCall := fake.getReplacementBundleInPackageChannelArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeInterface) GetReplacementBundleInPackageChannelReturns(result1 *registry.Bundle, result2 error) { + fake.getReplacementBundleInPackageChannelMutex.Lock() + defer fake.getReplacementBundleInPackageChannelMutex.Unlock() + fake.GetReplacementBundleInPackageChannelStub = nil + fake.getReplacementBundleInPackageChannelReturns = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) GetReplacementBundleInPackageChannelReturnsOnCall(i int, result1 *registry.Bundle, result2 error) { + fake.getReplacementBundleInPackageChannelMutex.Lock() + defer fake.getReplacementBundleInPackageChannelMutex.Unlock() + fake.GetReplacementBundleInPackageChannelStub = nil + if fake.getReplacementBundleInPackageChannelReturnsOnCall == nil { + fake.getReplacementBundleInPackageChannelReturnsOnCall = make(map[int]struct { + result1 *registry.Bundle + result2 error + }) + } + fake.getReplacementBundleInPackageChannelReturnsOnCall[i] = struct { + result1 *registry.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) HealthCheck(arg1 context.Context, arg2 time.Duration) (bool, error) { + fake.healthCheckMutex.Lock() + ret, specificReturn := fake.healthCheckReturnsOnCall[len(fake.healthCheckArgsForCall)] + fake.healthCheckArgsForCall = append(fake.healthCheckArgsForCall, struct { + arg1 context.Context + arg2 time.Duration + }{arg1, arg2}) + fake.recordInvocation("HealthCheck", []interface{}{arg1, arg2}) + fake.healthCheckMutex.Unlock() + if fake.HealthCheckStub != nil { + return fake.HealthCheckStub(arg1, arg2) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.healthCheckReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeInterface) HealthCheckCallCount() int { + fake.healthCheckMutex.RLock() + defer fake.healthCheckMutex.RUnlock() + return len(fake.healthCheckArgsForCall) +} + +func (fake *FakeInterface) HealthCheckCalls(stub func(context.Context, time.Duration) (bool, error)) { + fake.healthCheckMutex.Lock() + defer fake.healthCheckMutex.Unlock() + fake.HealthCheckStub = stub +} + +func (fake *FakeInterface) HealthCheckArgsForCall(i int) (context.Context, time.Duration) { + fake.healthCheckMutex.RLock() + defer fake.healthCheckMutex.RUnlock() + argsForCall := fake.healthCheckArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeInterface) HealthCheckReturns(result1 bool, result2 error) { + fake.healthCheckMutex.Lock() + defer fake.healthCheckMutex.Unlock() + fake.HealthCheckStub = nil + fake.healthCheckReturns = struct { + result1 bool + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) HealthCheckReturnsOnCall(i int, result1 bool, result2 error) { + fake.healthCheckMutex.Lock() + defer fake.healthCheckMutex.Unlock() + fake.HealthCheckStub = nil + if fake.healthCheckReturnsOnCall == nil { + fake.healthCheckReturnsOnCall = make(map[int]struct { + result1 bool + result2 error + }) + } + fake.healthCheckReturnsOnCall[i] = struct { + result1 bool + result2 error + }{result1, result2} +} + +func (fake *FakeInterface) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.closeMutex.RLock() + defer fake.closeMutex.RUnlock() + fake.getBundleMutex.RLock() + defer fake.getBundleMutex.RUnlock() + fake.getBundleInPackageChannelMutex.RLock() + defer fake.getBundleInPackageChannelMutex.RUnlock() + fake.getBundleThatProvidesMutex.RLock() + defer fake.getBundleThatProvidesMutex.RUnlock() + fake.getReplacementBundleInPackageChannelMutex.RLock() + defer fake.getReplacementBundleInPackageChannelMutex.RUnlock() + fake.healthCheckMutex.RLock() + defer fake.healthCheckMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeInterface) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ client.Interface = new(FakeInterface) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/generation.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/generation.go new file mode 100644 index 000000000..cc4262490 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/generation.go @@ -0,0 +1,149 @@ +package resolver + +import ( + "fmt" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-registry/pkg/registry" +) + +// Generation represents a set of operators and their required/provided API surfaces at a point in time. +type Generation interface { + AddOperator(o OperatorSurface) error + RemoveOperator(o OperatorSurface) + ResetUnchecked() + MissingAPIs() APIMultiOwnerSet + Operators() OperatorSet + MarkAPIChecked(key registry.APIKey) + UncheckedAPIs() APISet +} + +// NamespaceGeneration represents a generation of operators in a single namespace with methods for managing api checks +type NamespaceGeneration struct { + providedAPIs APIOwnerSet // only allow one provider of any api + requiredAPIs APIMultiOwnerSet // multiple operators may require the same api + uncheckedAPIs APISet // required apis that haven't been checked yet + missingAPIs APIMultiOwnerSet + operators OperatorSet +} + +func NewEmptyGeneration() *NamespaceGeneration { + return &NamespaceGeneration{ + providedAPIs: EmptyAPIOwnerSet(), + requiredAPIs: EmptyAPIMultiOwnerSet(), + uncheckedAPIs: EmptyAPISet(), + missingAPIs: EmptyAPIMultiOwnerSet(), + operators: EmptyOperatorSet(), + } +} + +func NewGenerationFromCluster(csvs []*v1alpha1.ClusterServiceVersion, subs []*v1alpha1.Subscription) (*NamespaceGeneration, error) { + g := NewEmptyGeneration() + + subMap := map[string]*v1alpha1.Subscription{} + for _, s := range subs { + if s.Status.CurrentCSV != "" { + subMap[s.Status.CurrentCSV] = s.DeepCopy() + } + } + for _, csv := range csvs { + op, err := NewOperatorFromV1Alpha1CSV(csv) + if err != nil { + return nil, err + } + // If there's a subscription for this CSV, we add the sourceinfo for the subscription + if sub, ok := subMap[op.Identifier()]; ok { + // No need to enable starting csv search since a csv already exists. + op.sourceInfo = &OperatorSourceInfo{ + Package: sub.Spec.Package, + Channel: sub.Spec.Channel, + Catalog: CatalogKey{Name: sub.Spec.CatalogSource, Namespace: sub.Spec.CatalogSourceNamespace}, + } + } + if err := g.AddOperator(op); err != nil { + return nil, err + } + } + return g, nil +} + +func (g *NamespaceGeneration) AddOperator(o OperatorSurface) error { + // add provided apis, error if two owners (that isn't a replacement) + for api := range o.ProvidedAPIs() { + if provider, ok := g.providedAPIs[api]; ok && provider.Identifier() != o.Identifier() && o.Replaces() != provider.Identifier() { + return fmt.Errorf("%v already provided by %s", api, provider.Identifier()) + } + g.providedAPIs[api] = o + + // mark any missing apis that are now provided + delete(g.missingAPIs, api) + delete(g.uncheckedAPIs, api) + } + + // add all requirers of apis + for api := range o.RequiredAPIs() { + if _, ok := g.requiredAPIs[api]; !ok { + g.requiredAPIs[api] = EmptyOperatorSet() + } + g.requiredAPIs[api][o.Identifier()] = o + } + for api := range o.RequiredAPIs() { + if _, ok := g.providedAPIs[api]; !ok { + if _, ok := g.missingAPIs[api]; !ok { + g.missingAPIs[api] = EmptyOperatorSet() + } + // mark new requirements as missing and unchecked + g.missingAPIs[api][o.Identifier()] = o + g.uncheckedAPIs[api] = struct{}{} + } else { + // required api already satisfied + delete(g.missingAPIs, api) + delete(g.uncheckedAPIs, api) + } + } + g.operators[o.Identifier()] = o + return nil +} + +func (g *NamespaceGeneration) RemoveOperator(o OperatorSurface) { + for api := range o.ProvidedAPIs() { + delete(g.providedAPIs, api) + + // if the operator provided apis that others were depending on, mark them as missing + if requirers, ok := g.requiredAPIs[api]; ok && len(requirers) > 0 { + g.missingAPIs[api] = requirers + } + } + for api := range o.RequiredAPIs() { + delete(g.requiredAPIs[api], o.Identifier()) + if len(g.requiredAPIs[api]) == 0 { + delete(g.requiredAPIs, api) + delete(g.missingAPIs, api) + delete(g.uncheckedAPIs, api) + } + } + delete(g.operators, o.Identifier()) +} + +func (g *NamespaceGeneration) MarkAPIChecked(key registry.APIKey) { + delete(g.uncheckedAPIs, key) +} + +func (g *NamespaceGeneration) ResetUnchecked() { + g.uncheckedAPIs = EmptyAPISet() + for api := range g.missingAPIs { + g.uncheckedAPIs[api] = struct{}{} + } +} + +func (g *NamespaceGeneration) MissingAPIs() APIMultiOwnerSet { + return g.missingAPIs +} + +func (g *NamespaceGeneration) UncheckedAPIs() APISet { + return g.uncheckedAPIs +} + +func (g *NamespaceGeneration) Operators() OperatorSet { + return g.operators +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/generation_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/generation_test.go new file mode 100644 index 000000000..c927710da --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/generation_test.go @@ -0,0 +1,694 @@ +package resolver + +import ( + "fmt" + "testing" + + "github.com/blang/semver" + "github.com/operator-framework/operator-registry/pkg/registry" + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" +) + +var NoVersion = semver.MustParse("0.0.0") + +func TestNewGenerationFromCSVs(t *testing.T) { + type args struct { + csvs []*v1alpha1.ClusterServiceVersion + } + tests := []struct { + name string + args args + want *NamespaceGeneration + wantErr error + }{ + { + name: "SingleCSV/NoProvided/NoRequired", + args: args{ + csvs: []*v1alpha1.ClusterServiceVersion{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + }, + }, + }, + want: &NamespaceGeneration{ + providedAPIs: EmptyAPIOwnerSet(), + requiredAPIs: EmptyAPIMultiOwnerSet(), + uncheckedAPIs: EmptyAPISet(), + missingAPIs: EmptyAPIMultiOwnerSet(), + }, + }, + { + name: "SingleCSV/Provided/NoRequired", + args: args{ + csvs: []*v1alpha1.ClusterServiceVersion{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: "crdkinds.g", + Version: "v1", + Kind: "CRDKind", + }, + }, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: []v1alpha1.APIServiceDescription{ + { + Name: "apikinds", + Group: "g", + Version: "v1", + Kind: "APIKind", + }, + }, + }, + }, + }, + }, + }, + want: &NamespaceGeneration{ + providedAPIs: map[opregistry.APIKey]OperatorSurface{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: &Operator{ + name: "operator.v1", + providedAPIs: map[registry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + requiredAPIs: EmptyAPISet(), + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: &Operator{ + name: "operator.v1", + providedAPIs: map[registry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + requiredAPIs: EmptyAPISet(), + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + requiredAPIs: EmptyAPIMultiOwnerSet(), + uncheckedAPIs: EmptyAPISet(), + missingAPIs: EmptyAPIMultiOwnerSet(), + }, + }, + { + name: "SingleCSV/NoProvided/Required", + args: args{ + csvs: []*v1alpha1.ClusterServiceVersion{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Required: []v1alpha1.CRDDescription{ + { + Name: "crdkinds.g", + Version: "v1", + Kind: "CRDKind", + }, + }, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Required: []v1alpha1.APIServiceDescription{ + { + Name: "apikinds", + Group: "g", + Version: "v1", + Kind: "APIKind", + }, + }, + }, + }, + }, + }, + }, + want: &NamespaceGeneration{ + providedAPIs: EmptyAPIOwnerSet(), + requiredAPIs: map[opregistry.APIKey]OperatorSet{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: EmptyAPISet(), + requiredAPIs: map[registry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: EmptyAPISet(), + requiredAPIs: map[registry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + }, + uncheckedAPIs: map[registry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + missingAPIs: map[opregistry.APIKey]OperatorSet{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: EmptyAPISet(), + requiredAPIs: map[registry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: EmptyAPISet(), + requiredAPIs: map[registry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + }, + }, + }, + { + name: "SingleCSV/Provided/Required/Missing", + args: args{ + csvs: []*v1alpha1.ClusterServiceVersion{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: "crdownedkinds.g", + Version: "v1", + Kind: "CRDOwnedKind", + }, + }, + Required: []v1alpha1.CRDDescription{ + { + Name: "crdreqkinds.g2", + Version: "v1", + Kind: "CRDReqKind", + }, + }, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: []v1alpha1.APIServiceDescription{ + { + Name: "apiownedkinds", + Group: "g", + Version: "v1", + Kind: "APIOwnedKind", + }, + }, + Required: []v1alpha1.APIServiceDescription{ + { + Name: "apireqkinds", + Group: "g2", + Version: "v1", + Kind: "APIReqKind", + }, + }, + }, + }, + }, + }, + }, + want: &NamespaceGeneration{ + providedAPIs: map[opregistry.APIKey]OperatorSurface{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + requiredAPIs: map[opregistry.APIKey]OperatorSet{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + }, + uncheckedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + missingAPIs: map[opregistry.APIKey]OperatorSet{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: map[string]OperatorSurface{ + "operator.v1": &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &NoVersion, + }, + }, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + + // calculate expected operator set from input csvs + operatorSet := EmptyOperatorSet() + for _, csv := range tt.args.csvs { + // there's a separate unit test for this constructor + op, err := NewOperatorFromV1Alpha1CSV(csv) + require.NoError(t, err) + operatorSet[op.Identifier()] = op + } + tt.want.operators = operatorSet + + got, err := NewGenerationFromCluster(tt.args.csvs, nil) + require.Equal(t, tt.wantErr, err) + require.EqualValues(t, tt.want, got) + }) + } +} + +func TestNamespaceGeneration_AddOperator(t *testing.T) { + type args struct { + o OperatorSurface + } + tests := []struct { + name string + initialOperators []Operator + args args + wantMissingAPIs APIMultiOwnerSet + wantUncheckedAPIs APISet + wantErr error + }{ + { + name: "APIAlreadyProvided", + initialOperators: []Operator{ + { + name: "existing", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{ + o: &Operator{ + name: "new", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + wantMissingAPIs: EmptyAPIMultiOwnerSet(), + wantUncheckedAPIs: EmptyAPISet(), + wantErr: fmt.Errorf("g/v/k (ks) already provided by existing"), + }, + { + name: "SatisfyWantedAPI", + initialOperators: []Operator{ + { + name: "existing", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "wg", Version: "wv", Kind: "wk", Plural: "wks"}: {}, + }, + }, + }, + args: args{ + o: &Operator{ + name: "new", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "wg", Version: "wv", Kind: "wk", Plural: "wks"}: {}, + }, + }, + }, + wantMissingAPIs: EmptyAPIMultiOwnerSet(), + wantUncheckedAPIs: EmptyAPISet(), + }, + { + name: "NewRequiredAPI", + initialOperators: []Operator{ + { + name: "existing", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{ + o: &Operator{ + name: "new", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "wg", Version: "wv", Kind: "wk", Plural: "wks"}: {}, + }, + }, + }, + wantMissingAPIs: APIMultiOwnerSet{ + registry.APIKey{Group: "wg", Version: "wv", Kind: "wk", Plural: "wks"}: OperatorSet{ + "new": &Operator{ + name: "new", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "wg", Version: "wv", Kind: "wk", Plural: "wks"}: {}, + }, + }, + }, + }, + wantUncheckedAPIs: APISet{registry.APIKey{Group: "wg", Version: "wv", Kind: "wk", Plural: "wks"}: {}}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + g := NewEmptyGeneration() + for _, o := range tt.initialOperators { + err := g.AddOperator(&o) + require.NoError(t, err, "expected initial operators to be valid") + } + err := g.AddOperator(tt.args.o) + require.Equal(t, tt.wantErr, err) + require.Equal(t, tt.wantMissingAPIs, g.MissingAPIs()) + }) + } +} + +func TestNamespaceGeneration_RemoveOperator(t *testing.T) { + type args struct { + o OperatorSurface + } + tests := []struct { + name string + initialOperators []Operator + args args + wantMissingAPIs APIMultiOwnerSet + wantUncheckedAPIs APISet + }{ + { + name: "RemoveOneOfTwoRequirers", + initialOperators: []Operator{ + { + name: "provider", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + { + name: "requirer1", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + { + name: "requirer2", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{ + o: &Operator{ + name: "requirer2", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + wantMissingAPIs: EmptyAPIMultiOwnerSet(), + wantUncheckedAPIs: EmptyAPISet(), + }, + { + name: "RemoveOnlyRequirer", + initialOperators: []Operator{ + { + name: "provider", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + { + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{ + o: &Operator{ + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + wantMissingAPIs: EmptyAPIMultiOwnerSet(), + wantUncheckedAPIs: EmptyAPISet(), + }, + { + name: "RemoveProvider", + initialOperators: []Operator{ + { + name: "provider", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + { + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{ + o: &Operator{ + name: "provider", + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + wantMissingAPIs: APIMultiOwnerSet{ + registry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: OperatorSet{ + "requirer": &Operator{ + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + }, + wantUncheckedAPIs: APISet{ + registry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + g := NewEmptyGeneration() + for _, o := range tt.initialOperators { + err := g.AddOperator(&o) + require.NoError(t, err, "expected initial operators to be valid") + } + g.RemoveOperator(tt.args.o) + require.Equal(t, tt.wantMissingAPIs, g.MissingAPIs()) + }) + } +} + +func TestNamespaceGeneration_MarkAPIChecked(t *testing.T) { + type args struct { + key registry.APIKey + } + tests := []struct { + name string + initialOperators []Operator + args args + wantUncheckedAPIs APISet + }{ + { + name: "MarkRequiredAPI", + initialOperators: []Operator{ + { + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{key: opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}}, + wantUncheckedAPIs: EmptyAPISet(), + }, + { + name: "MarkOtherAPI", + initialOperators: []Operator{ + { + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{key: opregistry.APIKey{Group: "g2", Version: "v2", Kind: "k2", Plural: "ks2"}}, + wantUncheckedAPIs: APISet{opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + g := NewEmptyGeneration() + for _, o := range tt.initialOperators { + err := g.AddOperator(&o) + require.NoError(t, err, "expected initial operators to be valid") + } + g.MarkAPIChecked(tt.args.key) + require.Equal(t, tt.wantUncheckedAPIs, g.UncheckedAPIs()) + }) + } +} + +func TestNamespaceGeneration_ResetUnchecked(t *testing.T) { + type args struct { + key registry.APIKey + } + tests := []struct { + name string + initialOperators []Operator + args args + wantUncheckedAPIs APISet + }{ + { + name: "UncheckAfterMarkRequiredAPI", + initialOperators: []Operator{ + { + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{key: opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}}, + wantUncheckedAPIs: APISet{opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}}, + }, + { + name: "UncheckAfterMarkOtherAPI", + initialOperators: []Operator{ + { + name: "requirer", + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}, + }, + }, + }, + args: args{key: opregistry.APIKey{Group: "g2", Version: "v2", Kind: "k2", Plural: "ks2"}}, + wantUncheckedAPIs: APISet{opregistry.APIKey{Group: "g", Version: "v", Kind: "k", Plural: "ks"}: {}}, + }, + { + name: "UncheckAfterNothing", + wantUncheckedAPIs: EmptyAPISet(), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + g := NewEmptyGeneration() + for _, o := range tt.initialOperators { + err := g.AddOperator(&o) + require.NoError(t, err, "expected initial operators to be valid") + } + g.MarkAPIChecked(tt.args.key) + g.ResetUnchecked() + require.Equal(t, tt.wantUncheckedAPIs, g.UncheckedAPIs()) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/groups.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/groups.go new file mode 100644 index 000000000..53c4020f9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/groups.go @@ -0,0 +1,209 @@ +//go:generate counterfeiter -o ../../../fakes/fake_api_intersection_reconciler.go . APIIntersectionReconciler +package resolver + +import ( + "strings" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" +) + +type NamespaceSet map[string]struct{} + +func NewNamespaceSet(namespaces []string) NamespaceSet { + set := make(NamespaceSet) + for _, namespace := range namespaces { + set[namespace] = struct{}{} + } + + return set +} + +// NewNamespaceSetFromString creates a namespace set from a comma-delimited list of namespaces +func NewNamespaceSetFromString(namespaces string) NamespaceSet { + return NewNamespaceSet(strings.Split(namespaces, ",")) +} + +func (n NamespaceSet) Peek() string { + for namespace := range n { + return namespace + } + + return "" +} + +func (n NamespaceSet) Intersection(set NamespaceSet) NamespaceSet { + intersection := make(NamespaceSet) + // Handle special NamespaceAll cases + if n.IsAllNamespaces() { + for namespace := range set { + intersection[namespace] = struct{}{} + } + return intersection + } + if set.IsAllNamespaces() { + for namespace := range n { + intersection[namespace] = struct{}{} + } + return intersection + } + + for namespace := range n { + if _, ok := set[namespace]; ok { + intersection[namespace] = struct{}{} + } + } + + return intersection +} + +func (n NamespaceSet) Union(set NamespaceSet) NamespaceSet { + // Handle special NamespaceAll cases + if n.IsAllNamespaces() { + return n + } + if set.IsAllNamespaces() { + return set + } + union := make(NamespaceSet) + for namespace := range n { + union[namespace] = struct{}{} + } + for namespace := range set { + union[namespace] = struct{}{} + } + return union +} + +func (n NamespaceSet) Contains(namespace string) bool { + if n.IsAllNamespaces() { + return true + } + _, ok := n[namespace] + return ok +} + +func (n NamespaceSet) IsAllNamespaces() bool { + if len(n) == 1 && n.Peek() == "" { + return true + } + return false +} + +type OperatorGroupSurface interface { + Identifier() string + Namespace() string + Targets() NamespaceSet + ProvidedAPIs() APISet + GroupIntersection(groups ...OperatorGroupSurface) []OperatorGroupSurface +} + +var _ OperatorGroupSurface = &OperatorGroup{} + +type OperatorGroup struct { + namespace string + name string + targets NamespaceSet + providedAPIs APISet +} + +func NewOperatorGroup(group *v1.OperatorGroup) *OperatorGroup { + // Add operatorgroup namespace if not NamespaceAll + namespaces := group.Status.Namespaces + if len(namespaces) >= 1 && namespaces[0] != "" { + namespaces = append(namespaces, group.GetNamespace()) + } + // TODO: Sanitize OperatorGroup if len(namespaces) > 1 and contains "" + gvksStr := group.GetAnnotations()[v1.OperatorGroupProvidedAPIsAnnotationKey] + + return &OperatorGroup{ + namespace: group.GetNamespace(), + name: group.GetName(), + targets: NewNamespaceSet(namespaces), + providedAPIs: GVKStringToProvidedAPISet(gvksStr), + } +} + +func NewOperatorGroupSurfaces(groups ...v1.OperatorGroup) []OperatorGroupSurface { + operatorGroups := make([]OperatorGroupSurface, len(groups)) + for i, group := range groups { + operatorGroups[i] = NewOperatorGroup(&group) + } + + return operatorGroups +} + +func (g *OperatorGroup) Identifier() string { + return g.name + "/" + g.namespace +} + +func (g *OperatorGroup) Namespace() string { + return g.namespace +} + +func (g *OperatorGroup) Targets() NamespaceSet { + return g.targets +} + +func (g *OperatorGroup) ProvidedAPIs() APISet { + return g.providedAPIs +} + +func (g *OperatorGroup) GroupIntersection(groups ...OperatorGroupSurface) []OperatorGroupSurface { + intersection := []OperatorGroupSurface{} + for _, group := range groups { + if group.Identifier() == g.Identifier() { + // Skip self if present + continue + } + if len(g.targets.Intersection(group.Targets())) > 0 { + // TODO: This uses tons of space - maps are copied every time + intersection = append(intersection, group) + } + } + + return intersection +} + +type APIReconciliationResult int + +const ( + RemoveAPIs APIReconciliationResult = iota + AddAPIs + APIConflict + NoAPIConflict +) + +type APIIntersectionReconciler interface { + Reconcile(add APISet, group OperatorGroupSurface, otherGroups ...OperatorGroupSurface) APIReconciliationResult +} + +type APIIntersectionReconcileFunc func(add APISet, group OperatorGroupSurface, otherGroups ...OperatorGroupSurface) APIReconciliationResult + +func (a APIIntersectionReconcileFunc) Reconcile(add APISet, group OperatorGroupSurface, otherGroups ...OperatorGroupSurface) APIReconciliationResult { + return a(add, group, otherGroups...) +} + +func ReconcileAPIIntersection(add APISet, group OperatorGroupSurface, otherGroups ...OperatorGroupSurface) APIReconciliationResult { + groupIntersection := group.GroupIntersection(otherGroups...) + providedAPIIntersection := make(APISet) + for _, g := range groupIntersection { + providedAPIIntersection = providedAPIIntersection.Union(g.ProvidedAPIs()) + } + + intersecting := len(add.Intersection(providedAPIIntersection)) > 0 + subset := add.IsSubset(group.ProvidedAPIs()) + + if subset && intersecting { + return RemoveAPIs + } + + if !subset && intersecting { + return APIConflict + } + + if !subset { + return AddAPIs + } + + return NoAPIConflict +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/groups_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/groups_test.go new file mode 100644 index 000000000..b6bd0f29c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/groups_test.go @@ -0,0 +1,1118 @@ +package resolver + +import ( + "strings" + "testing" + + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" +) + +func buildAPIOperatorGroup(namespace, name string, targets []string, gvks []string) *v1.OperatorGroup { + return &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + Annotations: map[string]string{ + v1.OperatorGroupProvidedAPIsAnnotationKey: strings.Join(gvks, ","), + }, + }, + Status: v1.OperatorGroupStatus{ + Namespaces: targets, + }, + } +} +func TestNewOperatorGroup(t *testing.T) { + tests := []struct { + name string + in *v1.OperatorGroup + want *OperatorGroup + }{ + { + name: "NoTargetNamespaces/NoProvidedAPIs", + in: buildAPIOperatorGroup("ns", "empty-group", nil, nil), + want: &OperatorGroup{ + namespace: "ns", + name: "empty-group", + targets: make(NamespaceSet), + providedAPIs: make(APISet), + }, + }, + { + name: "OneTargetNamespace/NoProvidedAPIs", + in: buildAPIOperatorGroup("ns", "empty-group", []string{"ns-1"}, nil), + want: &OperatorGroup{ + namespace: "ns", + name: "empty-group", + targets: NamespaceSet{ + "ns": {}, + "ns-1": {}, + }, + providedAPIs: make(APISet), + }, + }, + { + name: "OwnTargetNamespace/NoProvidedAPIs", + in: buildAPIOperatorGroup("ns", "empty-group", []string{"ns"}, nil), + want: &OperatorGroup{ + namespace: "ns", + name: "empty-group", + targets: NamespaceSet{ + "ns": {}, + }, + providedAPIs: make(APISet), + }, + }, + { + name: "MultipleTargetNamespaces/NoProvidedAPIs", + in: buildAPIOperatorGroup("ns", "empty-group", []string{"ns-1", "ns-2"}, nil), + want: &OperatorGroup{ + namespace: "ns", + name: "empty-group", + targets: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + providedAPIs: make(APISet), + }, + }, + { + name: "AllTargetNamespaces/NoProvidedAPIs", + in: buildAPIOperatorGroup("ns", "empty-group", []string{metav1.NamespaceAll}, nil), + want: &OperatorGroup{ + namespace: "ns", + name: "empty-group", + targets: NamespaceSet{ + metav1.NamespaceAll: {}, + }, + providedAPIs: make(APISet), + }, + }, + { + name: "OneTargetNamespace/OneProvidedAPI", + in: buildAPIOperatorGroup("ns", "group", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + want: &OperatorGroup{ + namespace: "ns", + name: "group", + targets: NamespaceSet{ + "ns": {}, + "ns-1": {}, + }, + providedAPIs: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + }, + }, + { + name: "OneTargetNamespace/BadProvidedAPI", + in: buildAPIOperatorGroup("ns", "group", []string{"ns-1"}, []string{"Goose.v1alpha1"}), + want: &OperatorGroup{ + namespace: "ns", + name: "group", + targets: NamespaceSet{ + "ns": {}, + "ns-1": {}, + }, + providedAPIs: make(APISet), + }, + }, + { + name: "OneTargetNamespace/MultipleProvidedAPIs/OneBad", + in: buildAPIOperatorGroup("ns", "group", []string{"ns-1"}, []string{"Goose.v1alpha1,Moose.v1alpha1.mammals.com"}), + want: &OperatorGroup{ + namespace: "ns", + name: "group", + targets: NamespaceSet{ + "ns": {}, + "ns-1": {}, + }, + providedAPIs: APISet{ + opregistry.APIKey{Group: "mammals.com", Version: "v1alpha1", Kind: "Moose"}: {}, + }, + }, + }, + { + name: "OneTargetNamespace/MultipleProvidedAPIs", + in: buildAPIOperatorGroup("ns", "group", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com,Moose.v1alpha1.mammals.com"}), + want: &OperatorGroup{ + namespace: "ns", + name: "group", + targets: NamespaceSet{ + "ns": {}, + "ns-1": {}, + }, + providedAPIs: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "mammals.com", Version: "v1alpha1", Kind: "Moose"}: {}, + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + group := NewOperatorGroup(tt.in) + require.NotNil(t, group) + require.EqualValues(t, tt.want, group) + }) + } +} + +func TestNamespaceSetIntersection(t *testing.T) { + type input struct { + left NamespaceSet + right NamespaceSet + } + tests := []struct { + name string + in input + want NamespaceSet + }{ + { + name: "EmptySets", + in: input{ + left: make(NamespaceSet), + right: make(NamespaceSet), + }, + want: make(NamespaceSet), + }, + { + name: "EmptyLeft/MultipleRight/NoIntersection", + in: input{ + left: make(NamespaceSet), + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + want: make(NamespaceSet), + }, + { + name: "MultipleLeft/EmptyRight/NoIntersection", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: make(NamespaceSet), + }, + want: make(NamespaceSet), + }, + { + name: "OneLeft/OneRight/Intersection", + in: input{ + left: NamespaceSet{ + "ns": {}, + }, + right: NamespaceSet{ + "ns": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + }, + }, + { + name: "MultipleLeft/MultipleRight/SomeIntersect", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-3": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + }, + }, + { + name: "MultipleLeft/MultipleRight/AllIntersect", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + { + name: "AllLeft/MultipleRight/RightIsIntersection", + in: input{ + left: NamespaceSet{ + "": {}, + }, + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + { + name: "MultipleLeft/AllRight/LeftIsIntersection", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: NamespaceSet{ + "": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + { + name: "AllLeft/EmptyRight/NoIntersection", + in: input{ + left: NamespaceSet{ + "": {}, + }, + right: make(NamespaceSet), + }, + want: make(NamespaceSet), + }, + { + name: "EmptyLeft/AllRight/NoIntersection", + in: input{ + left: make(NamespaceSet), + right: NamespaceSet{ + "": {}, + }, + }, + want: make(NamespaceSet), + }, + { + name: "AllLeft/AllRight/Intersection", + in: input{ + left: NamespaceSet{ + "": {}, + }, + right: NamespaceSet{ + "": {}, + }, + }, + want: NamespaceSet{ + "": {}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, tt.in.left.Intersection(tt.in.right)) + }) + } +} + +func TestNamespaceSetUnion(t *testing.T) { + type input struct { + left NamespaceSet + right NamespaceSet + } + tests := []struct { + name string + in input + want NamespaceSet + }{ + { + name: "EmptySets", + in: input{ + left: make(NamespaceSet), + right: make(NamespaceSet), + }, + want: make(NamespaceSet), + }, + { + name: "EmptyLeft/MultipleRight", + in: input{ + left: make(NamespaceSet), + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + { + name: "MultipleLeft/EmptyRight", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: make(NamespaceSet), + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + { + name: "OneLeft/SameRight", + in: input{ + left: NamespaceSet{ + "ns": {}, + }, + right: NamespaceSet{ + "ns": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + }, + }, + { + name: "MultipleLeft/MultipleRight/Differ", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-3": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + "ns-3": {}, + }, + }, + { + name: "MultipleLeft/MultipleRight/AllSame", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + want: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + { + name: "AllLeft/MultipleRight", + in: input{ + left: NamespaceSet{ + "": {}, + }, + right: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + }, + want: NamespaceSet{ + "": {}, + }, + }, + { + name: "MultipleLeft/AllRight", + in: input{ + left: NamespaceSet{ + "ns": {}, + "ns-1": {}, + "ns-2": {}, + }, + right: NamespaceSet{ + "": {}, + }, + }, + want: NamespaceSet{ + "": {}, + }, + }, + { + name: "AllLeft/EmptyRight", + in: input{ + left: NamespaceSet{ + "": {}, + }, + right: make(NamespaceSet), + }, + want: NamespaceSet{ + "": {}, + }, + }, + { + name: "EmptyLeft/AllRight", + in: input{ + left: make(NamespaceSet), + right: NamespaceSet{ + "": {}, + }, + }, + want: NamespaceSet{ + "": {}, + }, + }, + { + name: "AllLeft/AllRight", + in: input{ + left: NamespaceSet{ + "": {}, + }, + right: NamespaceSet{ + "": {}, + }, + }, + want: NamespaceSet{ + "": {}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, tt.in.left.Union(tt.in.right)) + }) + } +} + +func TestNamespaceSetIsAllNamespaces(t *testing.T) { + type input struct { + set NamespaceSet + } + tests := []struct { + name string + in input + want bool + }{ + { + name: "All/Yes", + in: input{ + set: NewNamespaceSet([]string{metav1.NamespaceAll}), + }, + want: true, + }, + { + name: "One/NotAll", + in: input{ + set: NewNamespaceSet([]string{"a"}), + }, + want: false, + }, + { + name: "Many/NotAll", + in: input{ + set: NewNamespaceSet([]string{"a", "b", "c"}), + }, + want: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.Equal(t, tt.want, tt.in.set.IsAllNamespaces()) + }) + } +} + +func TestNamespaceSetContains(t *testing.T) { + type input struct { + set NamespaceSet + contains string + } + tests := []struct { + name string + in input + want bool + }{ + { + name: "AllContainsAnything", + in: input{ + set: NewNamespaceSet([]string{metav1.NamespaceAll}), + contains: "any", + }, + want: true, + }, + { + name: "SetContainsChild/a", + in: input{ + set: NewNamespaceSet([]string{"a", "b"}), + contains: "a", + }, + want: true, + }, + { + name: "SetContainsChild/a", + in: input{ + set: NewNamespaceSet([]string{"a", "b"}), + contains: "b", + }, + want: true, + }, + { + name: "SetOmitsChild", + in: input{ + set: NewNamespaceSet([]string{"a", "b"}), + contains: "c", + }, + want: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.Equal(t, tt.want, tt.in.set.Contains(tt.in.contains)) + }) + } +} + +func TestNewNamespaceSetFromString(t *testing.T) { + type input struct { + list string + } + tests := []struct { + name string + in input + wantNamespaces []string + }{ + { + name: "SingleEntry", + in: input{ + list: "a", + }, + wantNamespaces: []string{"a"}, + }, + { + name: "TwoEntry", + in: input{ + list: "a,b", + }, + wantNamespaces: []string{"a", "b"}, + }, + { + name: "All", + in: input{ + list: "", + }, + wantNamespaces: []string{"a"}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + for _, ns := range tt.wantNamespaces { + require.True(t, NewNamespaceSetFromString(tt.in.list).Contains(ns)) + } + }) + } +} + +func buildOperatorGroup(namespace, name string, targets []string, gvks []string) *OperatorGroup { + return NewOperatorGroup(buildAPIOperatorGroup(namespace, name, targets, gvks)) +} + +func TestGroupIntersection(t *testing.T) { + type input struct { + left OperatorGroupSurface + right []OperatorGroupSurface + } + tests := []struct { + name string + in input + want []OperatorGroupSurface + }{ + { + name: "NoTargets/NilGroups/NoIntersection", + in: input{ + left: buildOperatorGroup("ns", "empty-group", nil, nil), + right: nil, + }, + want: []OperatorGroupSurface{}, + }, + { + name: "MatchingTarget/SingleOtherGroup/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{"ns-1"}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "group-b", []string{"ns-1"}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "group-b", []string{"ns-1"}, nil), + }, + }, + { + name: "TargetIsOperatorNamespace/SingleOtherGroup/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{"ns-1"}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "group-b", []string{"ns"}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "group-b", []string{"ns"}, nil), + }, + }, + { + name: "MatchingOperatorNamespaces/SingleOtherGroup/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{"ns-1"}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns", "group-b", []string{"ns-2"}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns", "group-b", []string{"ns-2"}, nil), + }, + }, + { + name: "MatchingTarget/MultipleOtherGroups/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{"ns-1"}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "group-b", []string{"ns-1"}, nil), + buildOperatorGroup("ns-3", "group-c", []string{"ns-1"}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "group-b", []string{"ns-1"}, nil), + buildOperatorGroup("ns-3", "group-c", []string{"ns-1"}, nil), + }, + }, + { + name: "NonMatchingTargets/MultipleOtherGroups/NoIntersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{"ns-1", "ns-2", "ns-3"}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{"ns-6", "ns-7", "ns-8"}, nil), + buildOperatorGroup("ns-5", "group-c", []string{"ns-6", "ns-7", "ns-8"}, nil), + }, + }, + want: []OperatorGroupSurface{}, + }, + { + name: "AllNamespaces/MultipleTargets/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{""}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{"ns-6", "ns-7", "ns-8"}, nil), + buildOperatorGroup("ns-5", "group-c", []string{"ns-9", "ns-10", "ns-11"}, nil), + buildOperatorGroup("ns-6", "group-d", []string{"ns-11", "ns-12"}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{"ns-6", "ns-7", "ns-8"}, nil), + buildOperatorGroup("ns-5", "group-c", []string{"ns-9", "ns-10", "ns-11"}, nil), + buildOperatorGroup("ns-6", "group-d", []string{"ns-11", "ns-12"}, nil), + }, + }, + { + name: "MatchingTargetAllNamespace/MultipleTargets/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{"ns-1", "ns-2", "ns-3"}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{""}, nil), + buildOperatorGroup("ns-5", "group-c", []string{"ns-9", "ns-10", "ns-11"}, nil), + buildOperatorGroup("ns-6", "group-d", []string{"ns-11", "ns-12"}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{""}, nil), + }, + }, + { + name: "AllNamespace/MultipleTargets/OneAllNamespace/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{""}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{""}, nil), + buildOperatorGroup("ns-5", "group-c", []string{"ns-9", "ns-10", "ns-11"}, nil), + buildOperatorGroup("ns-6", "group-d", []string{"ns-11", "ns-12"}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{""}, nil), + buildOperatorGroup("ns-5", "group-c", []string{"ns-9", "ns-10", "ns-11"}, nil), + buildOperatorGroup("ns-6", "group-d", []string{"ns-11", "ns-12"}, nil), + }, + }, + { + name: "AllNamespace/AllNamespace/Intersection", + in: input{ + left: buildOperatorGroup("ns", "group-a", []string{""}, nil), + right: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{""}, nil), + }, + }, + want: []OperatorGroupSurface{ + buildOperatorGroup("ns-4", "group-b", []string{""}, nil), + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, tt.in.left.GroupIntersection(tt.in.right...)) + }) + } + +} + +func apiIntersectionReconcilerSuite(t *testing.T, reconciler APIIntersectionReconciler) { + tests := []struct { + name string + add APISet + group OperatorGroupSurface + otherGroups []OperatorGroupSurface + want APIReconciliationResult + }{ + { + name: "Empty/NoAPIConflict", + add: make(APISet), + group: buildOperatorGroup("ns", "g1", []string{"ns"}, nil), + otherGroups: nil, + want: NoAPIConflict, + }, + { + name: "NoNamespaceIntersection/APIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-3"}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: NoAPIConflict, + }, + { + name: "NamespaceIntersection/NoAPIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Moose.v1alpha1.mammals.com"}), + }, + want: NoAPIConflict, + }, + { + name: "MultipleNamespaceIntersections/NoAPIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Moose.v1alpha1.mammals.com"}), + buildOperatorGroup("ns-2", "g1", []string{"ns"}, []string{"Egret.v1alpha1.birds.com"}), + }, + want: NoAPIConflict, + }, + { + name: "SomeNamespaceIntersection/NoAPIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "mammals.com", Version: "v1alpha1", Kind: "Moose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1", "ns-2", "ns-3"}, []string{"Goose.v1alpha1.birds.com,Moose.v1alpha1.mammals.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-7", "g1", []string{"ns-4"}, []string{"Moose.v1alpha1.mammals.com"}), + buildOperatorGroup("ns-8", "g1", []string{"ns-5"}, []string{"Goose.v1alpha1.birds.com"}), + buildOperatorGroup("ns-9", "g1", []string{""}, []string{"Goat.v1alpha1.mammals.com"}), + }, + want: NoAPIConflict, + }, + { + name: "AllNamespaceIntersection/NoAPIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{""}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Moose.v1alpha1.mammals.com"}), + }, + want: NoAPIConflict, + }, + { + name: "AllNamespaceIntersectionOnOther/NoAPIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{""}, []string{"Moose.v1alpha1.mammals.com"}), + }, + want: NoAPIConflict, + }, + { + name: "AllNamespaceInstersectionOnOther/NoAPIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{""}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{""}, []string{"Moose.v1alpha1.mammals.com"}), + }, + want: NoAPIConflict, + }, + { + name: "NamespaceIntersection/NoAPIIntersection/NoAPIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, nil), + }, + want: NoAPIConflict, + }, + { + name: "NamespaceIntersection/APIIntersection/APIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: APIConflict, + }, + { + name: "AllNamespaceIntersection/APIIntersection/APIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{""}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: APIConflict, + }, + { + name: "AllNamespaceIntersectionOnOther/APIIntersection/APIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{""}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: APIConflict, + }, + { + name: "AllNamespaceIntersectionOnBoth/APIIntersection/APIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{""}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{""}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: APIConflict, + }, + { + name: "NamespaceIntersection/SomeAPIIntersection/APIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Moose.v1alpha1.birds.com"}), + buildOperatorGroup("ns-3", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com,Egret.v1alpha1.birds.com"}), + }, + want: APIConflict, + }, + { + name: "NamespaceIntersectionOnOperatorNamespace/SomeAPIIntersection/APIConflict", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-3", "g1", []string{"ns"}, []string{"Goose.v1alpha1.birds.com,Egret.v1alpha1.birds.com"}), + }, + want: APIConflict, + }, + + { + name: "NoNamespaceIntersection/NoAPIIntersection/AddAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-2"}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: AddAPIs, + }, + { + name: "NamespaceIntersection/NoAPIIntersection/AddAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Moose.v1alpha1.mammals.com"}), + }, + want: AddAPIs, + }, + { + name: "OperatorNamespaceIntersection/NoAPIIntersection/AddAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns"}, []string{"Moose.v1alpha1.mammals.com"}), + }, + want: AddAPIs, + }, + { + name: "AllNamespaceIntersection/NoAPIIntersection/AddAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{""}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Moose.v1alpha1.mammals.com"}), + buildOperatorGroup("ns-3", "g1", []string{"ns-1"}, []string{"Goat.v1alpha1.mammals.com,Egret.v1alpha1.birds.com"}), + }, + want: AddAPIs, + }, + { + name: "AllNamespaceIntersectionOnOthers/NoAPIIntersection/AddAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, nil), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{""}, []string{"Moose.v1alpha1.mammals.com"}), + buildOperatorGroup("ns-3", "g1", []string{""}, []string{"Goat.v1alpha1.mammals.com,Egret.v1alpha1.birds.com"}), + }, + want: AddAPIs, + }, + { + name: "AllNamespaceIntersectionOnOthers/NoAPIIntersection/AddAPIs/PrexistingAddition", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "mammals.com", Version: "v1alpha1", Kind: "Cow"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Cow.v1alpha1.mammals.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{""}, []string{"Moose.v1alpha1.mammals.com"}), + buildOperatorGroup("ns-3", "g1", []string{""}, []string{"Goat.v1alpha1.mammals.com,Egret.v1alpha1.birds.com"}), + }, + want: AddAPIs, + }, + { + name: "NamespaceInstersection/APIIntersection/RemoveAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: RemoveAPIs, + }, + { + name: "AllNamespaceInstersection/APIIntersection/RemoveAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{""}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: RemoveAPIs, + }, + { + name: "AllNamespaceInstersectionOnOther/APIIntersection/RemoveAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{""}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{""}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: RemoveAPIs, + }, + { + name: "MultipleNamespaceIntersections/APIIntersection/RemoveAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-2", "g1", []string{"ns-1"}, []string{"Goose.v1alpha1.birds.com"}), + buildOperatorGroup("ns-2", "g1", []string{"ns"}, []string{"Goose.v1alpha1.birds.com"}), + }, + want: RemoveAPIs, + }, + { + name: "SomeNamespaceIntersection/APIIntersection/RemoveAPIs", + add: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "mammals.com", Version: "v1alpha1", Kind: "Moose"}: {}, + }, + group: buildOperatorGroup("ns", "g1", []string{"ns-1", "ns-2", "ns-3"}, []string{"Goose.v1alpha1.birds.com,Moose.v1alpha1.mammals.com"}), + otherGroups: []OperatorGroupSurface{ + buildOperatorGroup("ns-7", "g1", []string{"ns-4"}, []string{"Moose.v1alpha1.mammals.com"}), + buildOperatorGroup("ns-8", "g1", []string{"ns-5", "ns-3"}, []string{"Goose.v1alpha1.birds.com"}), + buildOperatorGroup("ns-9", "g1", []string{""}, []string{"Goat.v1alpha1.mammals.com"}), + }, + want: RemoveAPIs, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.Equal(t, tt.want, reconciler.Reconcile(tt.add, tt.group, tt.otherGroups...)) + }) + } +} +func TestReconcileAPIIntersection(t *testing.T) { + apiIntersectionReconcilerSuite(t, APIIntersectionReconcileFunc(ReconcileAPIIntersection)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/labeler.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/labeler.go new file mode 100644 index 000000000..cf408ef00 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/labeler.go @@ -0,0 +1,76 @@ +package resolver + +import ( + "github.com/operator-framework/operator-registry/pkg/registry" + extv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + "k8s.io/apimachinery/pkg/labels" +) + +const ( + // APILabelKeyPrefix is the key prefix for a CSV's APIs label + APILabelKeyPrefix = "olm.api." +) + +// LabelSetsFor returns API label sets for the given object. +// Concrete types other than OperatorSurface and CustomResource definition no-op. +func LabelSetsFor(obj interface{}) ([]labels.Set, error) { + switch v := obj.(type) { + case OperatorSurface: + return labelSetsForOperatorSurface(v) + case *extv1beta1.CustomResourceDefinition: + return labelSetsForCRD(v) + default: + return nil, nil + } +} + +func labelSetsForOperatorSurface(surface OperatorSurface) ([]labels.Set, error) { + labelSet := labels.Set{} + for key := range surface.ProvidedAPIs().StripPlural() { + hash, err := APIKeyToGVKHash(key) + if err != nil { + return nil, err + } + labelSet[APILabelKeyPrefix+hash] = "provided" + } + for key := range surface.RequiredAPIs().StripPlural() { + hash, err := APIKeyToGVKHash(key) + if err != nil { + return nil, err + } + labelSet[APILabelKeyPrefix+hash] = "required" + } + + return []labels.Set{labelSet}, nil +} + +func labelSetsForCRD(crd *extv1beta1.CustomResourceDefinition) ([]labels.Set, error) { + labelSets := []labels.Set{} + if crd == nil { + return labelSets, nil + } + + // Add label sets for each version + for _, version := range crd.Spec.Versions { + hash, err := APIKeyToGVKHash(registry.APIKey{ + Group: crd.Spec.Group, + Version: version.Name, + Kind: crd.Spec.Names.Kind, + }) + if err != nil { + return nil, err + } + key := APILabelKeyPrefix + hash + sets := []labels.Set{ + { + key: "provided", + }, + { + key: "required", + }, + } + labelSets = append(labelSets, sets...) + } + + return labelSets, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/labeler_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/labeler_test.go new file mode 100644 index 000000000..2c26a7dec --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/labeler_test.go @@ -0,0 +1,82 @@ +package resolver + +import ( + "testing" + + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" + "k8s.io/apimachinery/pkg/labels" +) + +func TestLabelSetsFor(t *testing.T) { + tests := []struct { + name string + obj interface{} + expected []labels.Set + }{ + { + name: "Nil/Nil", + obj: nil, + expected: nil, + }, + { + name: "NotOperatorSurfaceOrCRD/Nil", + obj: struct{ data string }{"some-data"}, + expected: nil, + }, + { + name: "CRD/ProvidedAndRequired", + obj: crd(opregistry.APIKey{ + Group: "ghouls", + Version: "v1alpha1", + Kind: "Ghost", + Plural: "Ghosts", + }), + expected: []labels.Set{ + { + APILabelKeyPrefix + "6435ab0d7c6bda64": "provided", + }, + { + APILabelKeyPrefix + "6435ab0d7c6bda64": "required", + }, + }, + }, + { + name: "OperatorSurface/Provided", + obj: &Operator{ + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "ghouls", Version: "v1alpha1", Kind: "Ghost", Plural: "Ghosts"}: {}, + }, + }, + expected: []labels.Set{ + { + APILabelKeyPrefix + "6435ab0d7c6bda64": "provided", + }, + }, + }, + { + name: "OperatorSurface/ProvidedAndRequired", + obj: &Operator{ + providedAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "ghouls", Version: "v1alpha1", Kind: "Ghost", Plural: "Ghosts"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + opregistry.APIKey{Group: "ghouls", Version: "v1alpha1", Kind: "Goblin", Plural: "Goblins"}: {}, + }, + }, + expected: []labels.Set{ + { + APILabelKeyPrefix + "6435ab0d7c6bda64": "provided", + APILabelKeyPrefix + "557c9f42470aa352": "required", + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + labelSets, err := LabelSetsFor(tt.obj) + require.NoError(t, err) + require.ElementsMatch(t, tt.expected, labelSets) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/operators.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/operators.go new file mode 100644 index 000000000..066ee9ed9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/operators.go @@ -0,0 +1,335 @@ +package resolver + +import ( + "fmt" + "hash/fnv" + "sort" + "strings" + + "github.com/blang/semver" + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" +) + +type CatalogKey struct { + Name string + Namespace string +} + +func (k *CatalogKey) String() string { + return fmt.Sprintf("%s/%s", k.Name, k.Namespace) +} + +type APISet map[opregistry.APIKey]struct{} + +func EmptyAPISet() APISet { + return map[opregistry.APIKey]struct{}{} +} + +func (s APISet) PopAPIKey() *opregistry.APIKey { + for a := range s { + api := &opregistry.APIKey{ + Group: a.Group, + Version: a.Version, + Kind: a.Kind, + Plural: a.Plural, + } + delete(s, a) + return api + } + return nil +} + +func GVKStringToProvidedAPISet(gvksStr string) APISet { + set := make(APISet) + // TODO: Should we make gvk strings lowercase to avoid issues with user set gvks? + gvks := strings.Split(strings.Replace(gvksStr, " ", "", -1), ",") + for _, gvkStr := range gvks { + gvk, _ := schema.ParseKindArg(gvkStr) + if gvk != nil { + set[opregistry.APIKey{Group: gvk.Group, Version: gvk.Version, Kind: gvk.Kind}] = struct{}{} + } + } + + return set +} + +func APIKeyToGVKString(key opregistry.APIKey) string { + // TODO: Add better validation of GVK + return strings.Join([]string{key.Kind, key.Version, key.Group}, ".") +} + +func APIKeyToGVKHash(key opregistry.APIKey) (string, error) { + hash := fnv.New64a() + if _, err := hash.Write([]byte(APIKeyToGVKString(key))); err != nil { + return "", err + } + return fmt.Sprintf("%x", hash.Sum64()), nil +} + +func (s APISet) String() string { + gvkStrs := make([]string, len(s)) + i := 0 + for api := range s { + // TODO: Only add valid GVK strings + gvkStrs[i] = APIKeyToGVKString(api) + i++ + } + sort.Strings(gvkStrs) + + return strings.Join(gvkStrs, ",") +} + +// TODO: Generalize set logic and make an abstraction for sets to implemement to feed into it. + +// Union returns the union of the APISet and the given list of APISets +func (s APISet) Union(sets ...APISet) APISet { + union := make(APISet) + for api := range s { + union[api] = struct{}{} + } + for _, set := range sets { + for api := range set { + union[api] = struct{}{} + } + } + + return union +} + +// Intersection returns the intersection of the APISet and the given list of APISets +func (s APISet) Intersection(sets ...APISet) APISet { + intersection := make(APISet) + for _, set := range sets { + for api := range set { + if _, ok := s[api]; ok { + intersection[api] = struct{}{} + } + } + } + + return intersection +} + +func (s APISet) Difference(set APISet) APISet { + difference := make(APISet).Union(s) + for api := range set { + if _, ok := difference[api]; ok { + delete(difference, api) + } + } + + return difference +} + +// IsSubset returns true if the APISet is a subset of the given one +func (s APISet) IsSubset(set APISet) bool { + for api := range s { + if _, ok := set[api]; !ok { + return false + } + } + + return true +} + +// StripPlural returns the APISet with the Plural field of all APIKeys removed +func (s APISet) StripPlural() APISet { + set := make(APISet) + for api := range s { + set[opregistry.APIKey{Group: api.Group, Version: api.Version, Kind: api.Kind}] = struct{}{} + } + + return set +} + +type APIOwnerSet map[opregistry.APIKey]OperatorSurface + +func EmptyAPIOwnerSet() APIOwnerSet { + return map[opregistry.APIKey]OperatorSurface{} +} + +type OperatorSet map[string]OperatorSurface + +func EmptyOperatorSet() OperatorSet { + return map[string]OperatorSurface{} +} + +// Snapshot returns a new set, pointing to the same values +func (o OperatorSet) Snapshot() OperatorSet { + out := make(map[string]OperatorSurface) + for key, val := range o { + out[key] = val + } + return out +} + +type APIMultiOwnerSet map[opregistry.APIKey]OperatorSet + +func EmptyAPIMultiOwnerSet() APIMultiOwnerSet { + return map[opregistry.APIKey]OperatorSet{} +} + +func (s APIMultiOwnerSet) PopAPIKey() *opregistry.APIKey { + for a := range s { + api := &opregistry.APIKey{ + Group: a.Group, + Version: a.Version, + Kind: a.Kind, + Plural: a.Plural, + } + delete(s, a) + return api + } + return nil +} + +func (s APIMultiOwnerSet) PopAPIRequirers() OperatorSet { + requirers := EmptyOperatorSet() + for a := range s { + for key, op := range s[a] { + requirers[key] = op + } + delete(s, a) + return requirers + } + return nil +} + +type OperatorSourceInfo struct { + Package string + Channel string + StartingCSV string + Catalog CatalogKey +} + +func (i *OperatorSourceInfo) String() string { + return fmt.Sprintf("%s/%s in %s/%s", i.Package, i.Channel, i.Catalog.Name, i.Catalog.Namespace) +} + +var ExistingOperator = OperatorSourceInfo{"", "", "", CatalogKey{"", ""}} + +// OperatorSurface describes the API surfaces provided and required by an Operator. +type OperatorSurface interface { + ProvidedAPIs() APISet + RequiredAPIs() APISet + Identifier() string + Replaces() string + Version() *semver.Version + SourceInfo() *OperatorSourceInfo + Bundle() *opregistry.Bundle +} + +type Operator struct { + name string + replaces string + providedAPIs APISet + requiredAPIs APISet + version *semver.Version + bundle *opregistry.Bundle + sourceInfo *OperatorSourceInfo +} + +var _ OperatorSurface = &Operator{} + +func NewOperatorFromBundle(bundle *opregistry.Bundle, replaces string, startingCSV string, sourceKey CatalogKey) (*Operator, error) { + csv, err := bundle.ClusterServiceVersion() + if err != nil { + return nil, err + } + providedAPIs, err := bundle.ProvidedAPIs() + if err != nil { + return nil, err + } + requiredAPIs, err := bundle.RequiredAPIs() + if err != nil { + return nil, err + } + r := replaces + if r == "" { + r = csv.Spec.Replaces + } + return &Operator{ + name: csv.GetName(), + replaces: r, + version: &csv.Spec.Version.Version, + providedAPIs: providedAPIs, + requiredAPIs: requiredAPIs, + bundle: bundle, + sourceInfo: &OperatorSourceInfo{ + Package: bundle.Package, + Channel: bundle.Channel, + StartingCSV: startingCSV, + Catalog: sourceKey, + }, + }, nil +} + +func NewOperatorFromV1Alpha1CSV(csv *v1alpha1.ClusterServiceVersion) (*Operator, error) { + providedAPIs := EmptyAPISet() + for _, crdDef := range csv.Spec.CustomResourceDefinitions.Owned { + parts := strings.SplitN(crdDef.Name, ".", 2) + if len(parts) < 2 { + return nil, fmt.Errorf("error parsing crd name: %s", crdDef.Name) + } + providedAPIs[opregistry.APIKey{Plural: parts[0], Group: parts[1], Version: crdDef.Version, Kind: crdDef.Kind}] = struct{}{} + } + for _, api := range csv.Spec.APIServiceDefinitions.Owned { + providedAPIs[opregistry.APIKey{Group: api.Group, Version: api.Version, Kind: api.Kind, Plural: api.Name}] = struct{}{} + } + + requiredAPIs := EmptyAPISet() + for _, crdDef := range csv.Spec.CustomResourceDefinitions.Required { + parts := strings.SplitN(crdDef.Name, ".", 2) + if len(parts) < 2 { + return nil, fmt.Errorf("error parsing crd name: %s", crdDef.Name) + } + requiredAPIs[opregistry.APIKey{Plural: parts[0], Group: parts[1], Version: crdDef.Version, Kind: crdDef.Kind}] = struct{}{} + } + for _, api := range csv.Spec.APIServiceDefinitions.Required { + requiredAPIs[opregistry.APIKey{Group: api.Group, Version: api.Version, Kind: api.Kind, Plural: api.Name}] = struct{}{} + } + + return &Operator{ + name: csv.GetName(), + version: &csv.Spec.Version.Version, + replaces: csv.Spec.Replaces, + providedAPIs: providedAPIs, + requiredAPIs: requiredAPIs, + sourceInfo: &ExistingOperator, + }, nil +} + +func (o *Operator) ProvidedAPIs() APISet { + return o.providedAPIs +} + +func (o *Operator) RequiredAPIs() APISet { + return o.requiredAPIs +} + +func (o *Operator) Identifier() string { + return o.name +} + +func (o *Operator) Replaces() string { + return o.replaces +} + +func (o *Operator) Package() string { + return o.bundle.Package +} + +func (o *Operator) SourceInfo() *OperatorSourceInfo { + return o.sourceInfo +} + +func (o *Operator) Bundle() *opregistry.Bundle { + return o.bundle +} + +func (o *Operator) Version() *semver.Version { + return o.version +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/operators_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/operators_test.go new file mode 100644 index 000000000..ad2db7963 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/operators_test.go @@ -0,0 +1,1276 @@ +package resolver + +import ( + "testing" + + "github.com/blang/semver" + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + opver "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" +) + +func TestGVKStringToProvidedAPISet(t *testing.T) { + tests := []struct { + name string + in string + want APISet + }{ + { + name: "EmptyString/EmptySet", + in: "", + want: make(APISet), + }, + { + name: "Garbage/EmptySet", + in: ",,,,,alkjahsdfjlh!@#$%", + want: make(APISet), + }, + { + name: "SingleBadGVK/EmptySet", + in: "this-is.not-good", + want: make(APISet), + }, + { + name: "MultipleBadGVK/EmptySet", + in: "this-is.not-good,thisisnoteither", + want: make(APISet), + }, + { + name: "SingleGoodGVK/SingleAPI", + in: "Goose.v1alpha1.birds.com", + want: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + }, + { + name: "MutlipleGoodGVK/MultipleAPIs", + in: "Goose.v1alpha1.birds.com,Moose.v1alpha1.mammals.com", + want: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "mammals.com", Version: "v1alpha1", Kind: "Moose"}: {}, + }, + }, + { + name: "SingleGoodGVK/SingleBadGVK/SingleAPI", + in: "Goose.v1alpha1.birds.com,Moose.v1alpha1", + want: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + }, + { + name: "MultipleGoodGVK/MultipleBadGVK/MultipleAPIs", + in: "Goose.v1alpha1.birds.com,Moose.v1alpha1,Goat,Egret.v1beta1.birds.com", + want: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "birds.com", Version: "v1beta1", Kind: "Egret"}: {}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, GVKStringToProvidedAPISet(tt.in)) + }) + } +} +func TestAPIKeyToGVKString(t *testing.T) { + tests := []struct { + name string + in opregistry.APIKey + want string + }{ + { + name: "EmptyAPIKey", + in: opregistry.APIKey{}, + want: "..", + }, + { + name: "BadAPIKey", + in: opregistry.APIKey{Group: "birds. ", Version: "-"}, + want: ".-.birds. ", + }, + { + name: "GoodAPIKey", + in: opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}, + want: "Goose.v1alpha1.birds.com", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.Equal(t, tt.want, APIKeyToGVKString(tt.in)) + }) + } +} + +func TestAPISetString(t *testing.T) { + tests := []struct { + name string + in APISet + want string + }{ + { + name: "EmptySet", + in: make(APISet), + want: "", + }, + { + name: "OneAPI", + in: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + }, + want: "Goose.v1alpha1.birds.com", + }, + { + name: "MutipleAPIs", + in: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Egret"}: {}, + }, + want: "Egret.v1alpha1.birds.com,Goose.v1alpha1.birds.com", + }, + { + name: "MutipleAPIs/OneBad", + in: APISet{ + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1"}: {}, + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Goose"}: {}, + opregistry.APIKey{Group: "birds.com", Version: "v1alpha1", Kind: "Egret"}: {}, + }, + want: ".v1alpha1.birds.com,Egret.v1alpha1.birds.com,Goose.v1alpha1.birds.com", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.Equal(t, tt.want, tt.in.String()) + }) + } +} + +func TestAPISetUnion(t *testing.T) { + type input struct { + left APISet + right []APISet + } + tests := []struct { + name string + in input + want APISet + }{ + { + name: "EmptyLeft/NilRight/EmptySet", + in: input{ + left: make(APISet), + right: nil, + }, + want: make(APISet), + }, + { + name: "EmptyLeft/OneEmptyRight/EmptySet", + in: input{ + left: make(APISet), + right: []APISet{ + {}, + }, + }, + want: make(APISet), + }, + { + name: "EmptyLeft/OneRight/OneFromRight", + in: input{ + left: make(APISet), + right: []APISet{ + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "OneLeft/EmptyRight/OneFromLeft", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: []APISet{ + {}, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "MultipleLeft/MultipleRight/AllFromLeftAndRight", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Egret", Version: "v1beta1", Kind: "birds.com"}: {}, + }, + right: []APISet{ + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Egret", Version: "v1beta1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Crow", Version: "v1beta1", Kind: "birds.com"}: {}, + }, + { + // Empty APISet for good measure + }, + { + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Cow", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Egret", Version: "v1beta1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Crow", Version: "v1beta1", Kind: "birds.com"}: {}, + }, + { + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Cow", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Goat", Version: "v1beta1", Kind: "mammals.com"}: {}, + }, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Egret", Version: "v1beta1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Crow", Version: "v1beta1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Cow", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Goat", Version: "v1beta1", Kind: "mammals.com"}: {}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, tt.in.left.Union(tt.in.right...)) + }) + } +} + +func TestAPISetIntersection(t *testing.T) { + type input struct { + left APISet + right []APISet + } + tests := []struct { + name string + in input + want APISet + }{ + { + name: "EmptyLeft/NilRight/EmptySet", + in: input{ + left: make(APISet), + right: nil, + }, + want: make(APISet), + }, + { + name: "EmptyLeft/OneEmptyRight/EmptySet", + in: input{ + left: make(APISet), + right: []APISet{ + {}, + }, + }, + want: make(APISet), + }, + { + name: "EmptyLeft/OneRight/EmptySet", + in: input{ + left: make(APISet), + right: []APISet{ + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + }, + want: make(APISet), + }, + { + name: "OneLeft/EmptyRight/NoIntersection", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: []APISet{ + {}, + }, + }, + want: make(APISet), + }, + { + name: "OneLeft/TwoRight/OneIntersection", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: []APISet{ + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "OneLeft/TwoRight/SingleSet/OneIntersection", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: []APISet{ + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "TwoLeft/OneRight/SingleSet/OneIntersection", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: []APISet{ + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "OneLeft/TwoRight/SeparateSets/OneIntersection", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: []APISet{ + { + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "OneLeft/TwoRight/SeparateSets/NoIntersection", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Egret", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: []APISet{ + { + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + }, + want: make(APISet), + }, + { + name: "MultipleLeft/MultipleRight/SeparateSets/SomeIntersection", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Egret", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Hippo", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: []APISet{ + { + opregistry.APIKey{Group: "Hippo", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + { + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + { + opregistry.APIKey{Group: "Goat", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + { + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Hippo", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, tt.in.left.Intersection(tt.in.right...)) + }) + } +} + +func TestAPISetDifference(t *testing.T) { + type input struct { + left APISet + right APISet + } + tests := []struct { + name string + in input + want APISet + }{ + { + name: "EmptySet", + in: input{ + left: make(APISet), + right: make(APISet), + }, + want: make(APISet), + }, + { + name: "OneLeft/EmptyRight/LeftIsDifference", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: make(APISet), + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "EmptyLeft/OneRight/NoDifference", + in: input{ + left: make(APISet), + right: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + want: make(APISet), + }, + { + name: "OneLeft/OneRight/NoDifference", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + want: make(APISet), + }, + { + name: "MultipleLeft/MultipleRight/NoDifference", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + want: make(APISet), + }, + { + name: "MultipleLeft/MultipleRight/SingleDifference", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Goat", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goat", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + { + name: "MultipleLeft/MultipleRight/SomeDifference", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Goat", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Gopher", Version: "v1alpha2", Kind: "mammals.com"}: {}, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Goat", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + { + name: "MultipleLeft/MultipleRight/AllLeftDifference", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Goat", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Giraffe", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Gopher", Version: "v1alpha2", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Bison", Version: "v1beta1", Kind: "mammals.com"}: {}, + }, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + opregistry.APIKey{Group: "Goat", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, tt.in.left.Difference(tt.in.right)) + }) + } +} + +func TestAPISetIsSubset(t *testing.T) { + type input struct { + left APISet + right APISet + } + tests := []struct { + name string + in input + want bool + }{ + { + name: "EmptySet", + in: input{ + left: make(APISet), + right: make(APISet), + }, + want: true, + }, + { + name: "Same", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + want: true, + }, + { + name: "IsSubset", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + want: true, + }, + { + name: "NotSubset", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + want: false, + }, + { + name: "NotSubset/EmptyRight", + in: input{ + left: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + right: make(APISet), + }, + want: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.Equal(t, tt.want, tt.in.left.IsSubset(tt.in.right)) + }) + } +} + +func TestStripPlural(t *testing.T) { + tests := []struct { + name string + in APISet + want APISet + }{ + { + name: "EmptySet", + in: make(APISet), + want: make(APISet), + }, + { + name: "NilSet", + in: nil, + want: make(APISet), + }, + { + name: "OnePluralToRemove", + in: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com", Plural: "Geese"}: {}, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + }, + }, + { + name: "MultiplePluralsToRemove", + in: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com", Plural: "Geese"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com", Plural: "Moose"}: {}, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + { + name: "NoPluralsToRemove", + in: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + want: APISet{ + opregistry.APIKey{Group: "Goose", Version: "v1alpha1", Kind: "birds.com"}: {}, + opregistry.APIKey{Group: "Moose", Version: "v1alpha1", Kind: "mammals.com"}: {}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.EqualValues(t, tt.want, tt.in.StripPlural()) + }) + } +} + +func TestCatalogKey_String(t *testing.T) { + type fields struct { + Name string + Namespace string + } + tests := []struct { + name string + fields fields + want string + }{ + { + name: "catalogkey", + fields: fields{Name: "test", Namespace: "namespace"}, + want: "test/namespace", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + k := &CatalogKey{ + Name: tt.fields.Name, + Namespace: tt.fields.Namespace, + } + if got := k.String(); got != tt.want { + t.Errorf("CatalogKey.String() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestAPIMultiOwnerSet_PopAPIKey(t *testing.T) { + tests := []struct { + name string + s APIMultiOwnerSet + }{ + { + name: "Empty", + s: EmptyAPIMultiOwnerSet(), + }, + { + name: "OneApi/OneOwner", + s: map[opregistry.APIKey]OperatorSet{ + opregistry.APIKey{"g", "v", "k", "p"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + }, + }, + }, + { + name: "OneApi/MultiOwner", + s: map[opregistry.APIKey]OperatorSet{ + opregistry.APIKey{"g", "v", "k", "p"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + }, + }, + { + name: "MultipleApi/MultiOwner", + s: map[opregistry.APIKey]OperatorSet{ + opregistry.APIKey{"g", "v", "k", "p"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + opregistry.APIKey{"g2", "v2", "k2", "p2"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + startLen := len(tt.s) + + popped := tt.s.PopAPIKey() + + if startLen == 0 { + require.Nil(t, popped, "popped key from empty MultiOwnerSet should be nil") + require.Equal(t, 0, len(tt.s)) + } else { + _, found := tt.s[*popped] + require.False(t, found, "popped key should not still exist in set") + require.Equal(t, startLen-1, len(tt.s)) + } + }) + } +} + +func TestAPIMultiOwnerSet_PopAPIRequirers(t *testing.T) { + tests := []struct { + name string + s APIMultiOwnerSet + want OperatorSet + }{ + { + name: "Empty", + s: EmptyAPIMultiOwnerSet(), + want: nil, + }, + { + name: "OneApi/OneOwner", + s: map[opregistry.APIKey]OperatorSet{ + opregistry.APIKey{"g", "v", "k", "p"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + }, + }, + want: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + }, + }, + { + name: "OneApi/MultiOwner", + s: map[opregistry.APIKey]OperatorSet{ + opregistry.APIKey{"g", "v", "k", "p"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + }, + want: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + }, + { + name: "MultipleApi/MultiOwner", + s: map[opregistry.APIKey]OperatorSet{ + opregistry.APIKey{"g", "v", "k", "p"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + opregistry.APIKey{"g2", "v2", "k2", "p2"}: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + }, + want: map[string]OperatorSurface{ + "owner1": &Operator{name: "op1"}, + "owner2": &Operator{name: "op2"}, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + startLen := len(tt.s) + require.Equal(t, tt.s.PopAPIRequirers(), tt.want) + + // Verify len has decreased + if startLen == 0 { + require.Equal(t, 0, len(tt.s)) + } else { + require.Equal(t, startLen-1, len(tt.s)) + } + }) + } +} + +func TestOperatorSourceInfo_String(t *testing.T) { + type fields struct { + Package string + Channel string + CatalogSource string + CatalogSourceNamespace string + } + tests := []struct { + name string + fields fields + want string + }{ + { + name: "testString", + fields: fields{ + Package: "p", + Channel: "c", + CatalogSource: "s", + CatalogSourceNamespace: "n", + }, + want: "p/c in s/n", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + i := &OperatorSourceInfo{ + Package: tt.fields.Package, + Channel: tt.fields.Channel, + Catalog: CatalogKey{tt.fields.CatalogSource, tt.fields.CatalogSourceNamespace}, + } + if got := i.String(); got != tt.want { + t.Errorf("OperatorSourceInfo.String() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestNewOperatorFromBundle(t *testing.T) { + version := opver.OperatorVersion{semver.MustParse("0.1.0-abc")} + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.GroupVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "testCSV", + Namespace: "testNamespace", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: "v1", + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{}, + Required: []v1alpha1.CRDDescription{}, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: []v1alpha1.APIServiceDescription{}, + Required: []v1alpha1.APIServiceDescription{}, + }, + Version: version, + }, + } + csvUnst, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&csv) + require.NoError(t, err) + + bundleNoAPIs := opregistry.NewBundle("testBundle", "testPackage", "testChannel", + &unstructured.Unstructured{Object: csvUnst}) + + csv.Spec.CustomResourceDefinitions.Owned = []v1alpha1.CRDDescription{ + { + Name: "owneds.crd.group.com", + Version: "v1", + Kind: "OwnedCRD", + }, + } + csv.Spec.CustomResourceDefinitions.Required = []v1alpha1.CRDDescription{ + { + Name: "requireds.crd.group.com", + Version: "v1", + Kind: "RequiredCRD", + }, + } + csv.Spec.APIServiceDefinitions.Owned = []v1alpha1.APIServiceDescription{ + { + Name: "ownedapis", + Group: "apis.group.com", + Version: "v1", + Kind: "OwnedAPI", + }, + } + csv.Spec.APIServiceDefinitions.Required = []v1alpha1.APIServiceDescription{ + { + Name: "requiredapis", + Group: "apis.group.com", + Version: "v1", + Kind: "RequiredAPI", + }, + } + + csvUnstWithAPIs, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&csv) + require.NoError(t, err) + + crd := v1beta1.CustomResourceDefinition{ + TypeMeta: metav1.TypeMeta{ + Kind: "CustomResourceDefinition", + APIVersion: "apiextensions.k8s.io/v1beta1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "owneds.crd.group.com", + }, + Spec: v1beta1.CustomResourceDefinitionSpec{ + Group: "crd.group.com", + Versions: []v1beta1.CustomResourceDefinitionVersion{ + { + Name: "v1", + Served: true, + Storage: true, + }, + }, + Names: v1beta1.CustomResourceDefinitionNames{ + Plural: "owneds", + Singular: "owned", + Kind: "OwnedCRD", + ListKind: "OwnedCRDList", + }, + }, + } + crdUnst, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&crd) + require.NoError(t, err) + bundleWithAPIs := opregistry.NewBundle("testBundle", "testPackage", "testChannel", + &unstructured.Unstructured{Object: csvUnstWithAPIs}, &unstructured.Unstructured{Object: crdUnst}) + + type args struct { + bundle *opregistry.Bundle + sourceKey CatalogKey + replaces string + } + tests := []struct { + name string + args args + want *Operator + wantErr error + }{ + { + name: "BundleNoAPIs", + args: args{ + bundle: bundleNoAPIs, + sourceKey: CatalogKey{Name: "source", Namespace: "testNamespace"}, + replaces: "", + }, + want: &Operator{ + name: "testCSV", + version: &version.Version, + replaces: "v1", + providedAPIs: EmptyAPISet(), + requiredAPIs: EmptyAPISet(), + bundle: bundleNoAPIs, + sourceInfo: &OperatorSourceInfo{ + Package: "testPackage", + Channel: "testChannel", + Catalog: CatalogKey{"source", "testNamespace"}, + }, + }, + }, + { + name: "BundleWithAPIs", + args: args{ + bundle: bundleWithAPIs, + sourceKey: CatalogKey{Name: "source", Namespace: "testNamespace"}, + replaces: "", + }, + want: &Operator{ + name: "testCSV", + version: &version.Version, + replaces: "v1", + providedAPIs: APISet{ + opregistry.APIKey{ + Group: "crd.group.com", + Version: "v1", + Kind: "OwnedCRD", + Plural: "owneds", + }: struct{}{}, + opregistry.APIKey{ + Group: "apis.group.com", + Version: "v1", + Kind: "OwnedAPI", + Plural: "ownedapis", + }: struct{}{}, + }, + requiredAPIs: APISet{ + opregistry.APIKey{ + Group: "crd.group.com", + Version: "v1", + Kind: "RequiredCRD", + Plural: "requireds", + }: struct{}{}, + opregistry.APIKey{ + Group: "apis.group.com", + Version: "v1", + Kind: "RequiredAPI", + Plural: "requiredapis", + }: struct{}{}, + }, + bundle: bundleWithAPIs, + sourceInfo: &OperatorSourceInfo{ + Package: "testPackage", + Channel: "testChannel", + Catalog: CatalogKey{"source", "testNamespace"}, + }, + }, + }, + { + name: "BundleReplaceOverrides", + args: args{ + bundle: bundleNoAPIs, + sourceKey: CatalogKey{Name: "source", Namespace: "testNamespace"}, + replaces: "replaced", + }, + want: &Operator{ + name: "testCSV", + providedAPIs: EmptyAPISet(), + requiredAPIs: EmptyAPISet(), + bundle: bundleNoAPIs, + replaces: "replaced", + version: &version.Version, + sourceInfo: &OperatorSourceInfo{ + Package: "testPackage", + Channel: "testChannel", + Catalog: CatalogKey{"source", "testNamespace"}, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := NewOperatorFromBundle(tt.args.bundle, tt.args.replaces, "", tt.args.sourceKey) + require.Equal(t, tt.wantErr, err) + require.Equal(t, tt.want, got) + }) + } +} + +func TestNewOperatorFromCSV(t *testing.T) { + version := opver.OperatorVersion{semver.MustParse("0.1.0-abc")} + type args struct { + csv *v1alpha1.ClusterServiceVersion + } + tests := []struct { + name string + args args + want *Operator + wantErr error + }{ + { + name: "NoProvided/NoRequired", + args: args{ + csv: &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Version: version, + }, + }, + }, + want: &Operator{ + name: "operator.v1", + providedAPIs: EmptyAPISet(), + requiredAPIs: EmptyAPISet(), + sourceInfo: &ExistingOperator, + version: &version.Version, + }, + }, + { + name: "Provided/NoRequired", + args: args{ + csv: &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Version: version, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: "crdkinds.g", + Version: "v1", + Kind: "CRDKind", + }, + }, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: []v1alpha1.APIServiceDescription{ + { + Name: "apikinds", + Group: "g", + Version: "v1", + Kind: "APIKind", + }, + }, + }, + }, + }, + }, + want: &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + requiredAPIs: EmptyAPISet(), + sourceInfo: &ExistingOperator, + version: &version.Version, + }, + }, + { + name: "NoProvided/Required", + args: args{ + csv: &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Version: version, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Required: []v1alpha1.CRDDescription{ + { + Name: "crdkinds.g", + Version: "v1", + Kind: "CRDKind", + }, + }, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Required: []v1alpha1.APIServiceDescription{ + { + Name: "apikinds", + Group: "g", + Version: "v1", + Kind: "APIKind", + }, + }, + }, + }, + }, + }, + want: &Operator{ + name: "operator.v1", + providedAPIs: EmptyAPISet(), + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIKind", Plural: "apikinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDKind", Plural: "crdkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &version.Version, + }, + }, + { + name: "Provided/Required", + args: args{ + csv: &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "operator.v1", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Version: version, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: "crdownedkinds.g", + Version: "v1", + Kind: "CRDOwnedKind", + }, + }, + Required: []v1alpha1.CRDDescription{ + { + Name: "crdreqkinds.g2", + Version: "v1", + Kind: "CRDReqKind", + }, + }, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: []v1alpha1.APIServiceDescription{ + { + Name: "apiownedkinds", + Group: "g", + Version: "v1", + Kind: "APIOwnedKind", + }, + }, + Required: []v1alpha1.APIServiceDescription{ + { + Name: "apireqkinds", + Group: "g2", + Version: "v1", + Kind: "APIReqKind", + }, + }, + }, + }, + }, + }, + want: &Operator{ + name: "operator.v1", + providedAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g", Version: "v1", Kind: "APIOwnedKind", Plural: "apiownedkinds"}: {}, + {Group: "g", Version: "v1", Kind: "CRDOwnedKind", Plural: "crdownedkinds"}: {}, + }, + requiredAPIs: map[opregistry.APIKey]struct{}{ + {Group: "g2", Version: "v1", Kind: "APIReqKind", Plural: "apireqkinds"}: {}, + {Group: "g2", Version: "v1", Kind: "CRDReqKind", Plural: "crdreqkinds"}: {}, + }, + sourceInfo: &ExistingOperator, + version: &version.Version, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := NewOperatorFromV1Alpha1CSV(tt.args.csv) + require.Equal(t, tt.wantErr, err) + require.Equal(t, tt.want, got) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/querier.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/querier.go new file mode 100644 index 000000000..ff8c64b20 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/querier.go @@ -0,0 +1,189 @@ +//go:generate counterfeiter -o fakes/fake_registry_client.go ../../../../vendor/github.com/operator-framework/operator-registry/pkg/client/client.go Interface +package resolver + +import ( + "context" + "fmt" + + "github.com/blang/semver" + "github.com/operator-framework/operator-registry/pkg/client" + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/errors" +) + +const SkipPackageAnnotationKey = "olm.skipRange" + +type SourceRef struct { + Address string + Client client.Interface + LastConnect metav1.Time + LastHealthy metav1.Time +} + +type SourceQuerier interface { + FindProvider(api opregistry.APIKey) (*opregistry.Bundle, *CatalogKey, error) + FindBundle(pkgName, channelName, bundleName string, initialSource CatalogKey) (*opregistry.Bundle, *CatalogKey, error) + FindLatestBundle(pkgName, channelName string, initialSource CatalogKey) (*opregistry.Bundle, *CatalogKey, error) + FindReplacement(currentVersion *semver.Version, bundleName, pkgName, channelName string, initialSource CatalogKey) (*opregistry.Bundle, *CatalogKey, error) + Queryable() error +} + +type NamespaceSourceQuerier struct { + sources map[CatalogKey]client.Interface +} + +var _ SourceQuerier = &NamespaceSourceQuerier{} + +func NewNamespaceSourceQuerier(sources map[CatalogKey]client.Interface) *NamespaceSourceQuerier { + return &NamespaceSourceQuerier{ + sources: sources, + } +} + +func (q *NamespaceSourceQuerier) Queryable() error { + if len(q.sources) == 0 { + return fmt.Errorf("no catalog sources available") + } + return nil +} + +func (q *NamespaceSourceQuerier) FindProvider(api opregistry.APIKey) (*opregistry.Bundle, *CatalogKey, error) { + for key, source := range q.sources { + if bundle, err := source.GetBundleThatProvides(context.TODO(), api.Group, api.Version, api.Kind); err == nil { + return bundle, &key, nil + } + if bundle, err := source.GetBundleThatProvides(context.TODO(), api.Plural+"."+api.Group, api.Version, api.Kind); err == nil { + return bundle, &key, nil + } + } + return nil, nil, fmt.Errorf("%s not provided by a package in any CatalogSource", api) +} + +func (q *NamespaceSourceQuerier) FindBundle(pkgName, channelName, bundleName string, initialSource CatalogKey) (*opregistry.Bundle, *CatalogKey, error) { + if initialSource.Name != "" && initialSource.Namespace != "" { + source, ok := q.sources[initialSource] + if !ok { + return nil, nil, fmt.Errorf("CatalogSource %s not found", initialSource) + } + + bundle, err := source.GetBundle(context.TODO(), pkgName, channelName, bundleName) + if err != nil { + return nil, nil, err + } + return bundle, &initialSource, nil + } + + for key, source := range q.sources { + bundle, err := source.GetBundle(context.TODO(), pkgName, channelName, bundleName) + if err == nil { + return bundle, &key, nil + } + } + return nil, nil, fmt.Errorf("%s/%s/%s not found in any available CatalogSource", pkgName, channelName, bundleName) +} + +func (q *NamespaceSourceQuerier) FindLatestBundle(pkgName, channelName string, initialSource CatalogKey) (*opregistry.Bundle, *CatalogKey, error) { + if initialSource.Name != "" && initialSource.Namespace != "" { + source, ok := q.sources[initialSource] + if !ok { + return nil, nil, fmt.Errorf("CatalogSource %s not found", initialSource) + } + + bundle, err := source.GetBundleInPackageChannel(context.TODO(), pkgName, channelName) + if err != nil { + return nil, nil, err + } + return bundle, &initialSource, nil + } + + for key, source := range q.sources { + bundle, err := source.GetBundleInPackageChannel(context.TODO(), pkgName, channelName) + if err == nil { + return bundle, &key, nil + } + } + return nil, nil, fmt.Errorf("%s/%s not found in any available CatalogSource", pkgName, channelName) +} + +func (q *NamespaceSourceQuerier) FindReplacement(currentVersion *semver.Version, bundleName, pkgName, channelName string, initialSource CatalogKey) (*opregistry.Bundle, *CatalogKey, error) { + errs := []error{} + + if initialSource.Name != "" && initialSource.Namespace != "" { + source, ok := q.sources[initialSource] + if !ok { + return nil, nil, fmt.Errorf("CatalogSource %s not found", initialSource.Name) + } + + bundle, err := q.findChannelHead(currentVersion, pkgName, channelName, source) + if bundle != nil { + return bundle, &initialSource, nil + } + if err != nil { + errs = append(errs, err) + } + + bundle, err = source.GetReplacementBundleInPackageChannel(context.TODO(), bundleName, pkgName, channelName) + if bundle != nil { + return bundle, &initialSource, nil + } + if err != nil { + errs = append(errs, err) + } + + return nil, nil, errors.NewAggregate(errs) + } + + for key, source := range q.sources { + bundle, err := q.findChannelHead(currentVersion, pkgName, channelName, source) + if bundle != nil { + return bundle, &initialSource, nil + } + if err != nil { + errs = append(errs, err) + } + + bundle, err = source.GetReplacementBundleInPackageChannel(context.TODO(), bundleName, pkgName, channelName) + if bundle != nil { + return bundle, &key, nil + } + if err != nil { + errs = append(errs, err) + } + } + return nil, nil, errors.NewAggregate(errs) +} + +func (q *NamespaceSourceQuerier) findChannelHead(currentVersion *semver.Version, pkgName, channelName string, source client.Interface) (*opregistry.Bundle, error) { + if currentVersion == nil { + return nil, nil + } + + latest, err := source.GetBundleInPackageChannel(context.TODO(), pkgName, channelName) + if err != nil { + return nil, err + } + + csv, err := latest.ClusterServiceVersion() + if err != nil { + return nil, err + } + if csv == nil { + return nil, nil + } + + skipRange, ok := csv.GetAnnotations()[SkipPackageAnnotationKey] + if !ok { + return nil, nil + } + + r, err := semver.ParseRange(skipRange) + if err != nil { + return nil, err + } + + if r(*currentVersion) { + return latest, nil + } + return nil, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/querier_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/querier_test.go new file mode 100644 index 000000000..be1548da0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/querier_test.go @@ -0,0 +1,456 @@ +package resolver + +import ( + "context" + "fmt" + "testing" + + "github.com/blang/semver" + "github.com/operator-framework/operator-registry/pkg/client" + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/fakes" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" +) + +func TestNewNamespaceSourceQuerier(t *testing.T) { + emptySources := map[CatalogKey]client.Interface{} + nonEmptySources := map[CatalogKey]client.Interface{ + CatalogKey{"test", "ns"}: &fakes.FakeInterface{}, + } + type args struct { + sources map[CatalogKey]client.Interface + } + tests := []struct { + name string + args args + want *NamespaceSourceQuerier + }{ + { + name: "nil", + args: args{ + sources: nil, + }, + want: &NamespaceSourceQuerier{sources: nil}, + }, + { + name: "empty", + args: args{ + sources: emptySources, + }, + want: &NamespaceSourceQuerier{sources: emptySources}, + }, + { + name: "nonEmpty", + args: args{ + sources: nonEmptySources, + }, + want: &NamespaceSourceQuerier{sources: nonEmptySources}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + require.Equal(t, NewNamespaceSourceQuerier(tt.args.sources), tt.want) + }) + } +} + +func TestNamespaceSourceQuerier_Queryable(t *testing.T) { + type fields struct { + sources map[CatalogKey]client.Interface + } + tests := []struct { + name string + fields fields + error error + }{ + { + name: "nil", + fields: fields{ + sources: nil, + }, + error: fmt.Errorf("no catalog sources available"), + }, + { + name: "empty", + fields: fields{ + sources: map[CatalogKey]client.Interface{}, + }, + error: fmt.Errorf("no catalog sources available"), + }, + { + name: "nonEmpty", + fields: fields{ + sources: map[CatalogKey]client.Interface{ + CatalogKey{"test", "ns"}: &fakes.FakeInterface{}, + }, + }, + error: nil, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + q := &NamespaceSourceQuerier{ + sources: tt.fields.sources, + } + require.Equal(t, q.Queryable(), tt.error) + }) + } +} + +func TestNamespaceSourceQuerier_FindProvider(t *testing.T) { + fakeSource := fakes.FakeInterface{} + sources := map[CatalogKey]client.Interface{ + CatalogKey{"test", "ns"}: &fakeSource, + } + + bundle := opregistry.NewBundle("test", "testPkg", "testChannel") + fakeSource.GetBundleThatProvidesStub = func(ctx context.Context, group, version, kind string) (*opregistry.Bundle, error) { + return bundle, nil + } + + type fields struct { + sources map[CatalogKey]client.Interface + } + type args struct { + api opregistry.APIKey + } + type out struct { + bundle *opregistry.Bundle + key *CatalogKey + err error + } + tests := []struct { + name string + fields fields + args args + out out + }{ + { + fields: fields{ + sources: sources, + }, + args: args{ + api: opregistry.APIKey{"group", "version", "kind", "plural"}, + }, + out: out{ + bundle: bundle, + key: &CatalogKey{Name: "test", Namespace: "ns"}, + err: nil, + }, + }, + { + fields: fields{ + sources: nil, + }, + args: args{ + api: opregistry.APIKey{"group", "version", "kind", "plural"}, + }, + out: out{ + bundle: nil, + key: nil, + err: fmt.Errorf("group/version/kind (plural) not provided by a package in any CatalogSource"), + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + q := &NamespaceSourceQuerier{ + sources: tt.fields.sources, + } + bundle, key, err := q.FindProvider(tt.args.api) + require.Equal(t, err, tt.out.err) + require.Equal(t, bundle, tt.out.bundle) + require.Equal(t, key, tt.out.key) + }) + } +} + +func TestNamespaceSourceQuerier_FindPackage(t *testing.T) { + initialSource := fakes.FakeInterface{} + otherSource := fakes.FakeInterface{} + initalBundle := opregistry.NewBundle("test", "testPkg", "testChannel") + startingBundle := opregistry.NewBundle("starting-test", "testPkg", "testChannel") + otherBundle := opregistry.NewBundle("other", "otherPkg", "otherChannel") + initialSource.GetBundleStub = func(ctx context.Context, pkgName, channelName, csvName string) (*opregistry.Bundle, error) { + if csvName != startingBundle.Name { + return nil, fmt.Errorf("not found") + } + return startingBundle, nil + } + initialSource.GetBundleInPackageChannelStub = func(ctx context.Context, pkgName, channelName string) (*opregistry.Bundle, error) { + if pkgName != initalBundle.Name { + return nil, fmt.Errorf("not found") + } + return initalBundle, nil + } + otherSource.GetBundleInPackageChannelStub = func(ctx context.Context, pkgName, channelName string) (*opregistry.Bundle, error) { + if pkgName != otherBundle.Name { + return nil, fmt.Errorf("not found") + } + return otherBundle, nil + } + initialKey := CatalogKey{"initial", "ns"} + otherKey := CatalogKey{"other", "other"} + sources := map[CatalogKey]client.Interface{ + initialKey: &initialSource, + otherKey: &otherSource, + } + + type fields struct { + sources map[CatalogKey]client.Interface + } + type args struct { + pkgName string + channelName string + startingCSV string + initialSource CatalogKey + } + type out struct { + bundle *opregistry.Bundle + key *CatalogKey + err error + } + tests := []struct { + name string + fields fields + args args + out out + }{ + { + name: "Initial/Found", + fields: fields{sources: sources}, + args: args{"test", "testChannel", "", CatalogKey{"initial", "ns"}}, + out: out{bundle: initalBundle, key: &initialKey, err: nil}, + }, + { + name: "Initial/CatalogNotFound", + fields: fields{sources: sources}, + args: args{"test", "testChannel", "", CatalogKey{"absent", "found"}}, + out: out{bundle: nil, key: nil, err: fmt.Errorf("CatalogSource {absent found} not found")}, + }, + { + name: "Initial/StartingCSVFound", + fields: fields{sources: sources}, + args: args{"test", "testChannel", "starting-test", CatalogKey{"initial", "ns"}}, + out: out{bundle: startingBundle, key: &initialKey, err: nil}, + }, + { + name: "Initial/StartingCSVNotFound", + fields: fields{sources: sources}, + args: args{"test", "testChannel", "non-existent", CatalogKey{"initial", "ns"}}, + out: out{bundle: nil, key: nil, err: fmt.Errorf("not found")}, + }, + { + name: "Other/Found", + fields: fields{sources: sources}, + args: args{"other", "testChannel", "", CatalogKey{"", ""}}, + out: out{bundle: otherBundle, key: &otherKey, err: nil}, + }, + { + name: "NotFound", + fields: fields{sources: sources}, + args: args{"nope", "not", "", CatalogKey{"", ""}}, + out: out{bundle: nil, err: fmt.Errorf("nope/not not found in any available CatalogSource")}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + q := &NamespaceSourceQuerier{ + sources: tt.fields.sources, + } + var got *opregistry.Bundle + var key *CatalogKey + var err error + if tt.args.startingCSV != "" { + got, key, err = q.FindBundle(tt.args.pkgName, tt.args.channelName, tt.args.startingCSV, tt.args.initialSource) + } else { + got, key, err = q.FindLatestBundle(tt.args.pkgName, tt.args.channelName, tt.args.initialSource) + } + require.Equal(t, tt.out.err, err) + require.Equal(t, tt.out.bundle, got) + require.Equal(t, tt.out.key, key) + }) + } +} + +func TestNamespaceSourceQuerier_FindReplacement(t *testing.T) { + // TODO: clean up this test setup + initialSource := fakes.FakeInterface{} + otherSource := fakes.FakeInterface{} + replacementSource := fakes.FakeInterface{} + replacementAndLatestSource := fakes.FakeInterface{} + replacementAndNoAnnotationLatestSource := fakes.FakeInterface{} + + latestVersion := semver.MustParse("1.0.0-1556661308") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.GroupVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "latest", + Namespace: "placeholder", + Annotations: map[string]string{ + "olm.skipRange": ">= 1.0.0-0 < 1.0.0-1556661308", + }, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{}, + Required: []v1alpha1.CRDDescription{}, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: []v1alpha1.APIServiceDescription{}, + Required: []v1alpha1.APIServiceDescription{}, + }, + Version: version.OperatorVersion{latestVersion}, + }, + } + csvUnst, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&csv) + require.NoError(t, err) + + nextBundle := opregistry.NewBundle("test.v1", "testPkg", "testChannel") + latestBundle := opregistry.NewBundle("latest", "testPkg", "testChannel", &unstructured.Unstructured{Object: csvUnst}) + + csv.SetAnnotations(map[string]string{}) + csvUnstNoAnnotation, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&csv) + require.NoError(t, err) + latestBundleNoAnnotation := opregistry.NewBundle("latest", "testPkg", "testChannel", &unstructured.Unstructured{Object: csvUnstNoAnnotation}) + + initialSource.GetReplacementBundleInPackageChannelStub = func(ctx context.Context, bundleName, pkgName, channelName string) (*opregistry.Bundle, error) { + return nil, fmt.Errorf("not found") + } + replacementSource.GetReplacementBundleInPackageChannelStub = func(ctx context.Context, bundleName, pkgName, channelName string) (*opregistry.Bundle, error) { + return nextBundle, nil + } + initialSource.GetBundleInPackageChannelStub = func(ctx context.Context, pkgName, channelName string) (*opregistry.Bundle, error) { + if pkgName != latestBundle.Package { + return nil, fmt.Errorf("not found") + } + return latestBundle, nil + } + otherSource.GetBundleInPackageChannelStub = func(ctx context.Context, pkgName, channelName string) (*opregistry.Bundle, error) { + if pkgName != latestBundle.Package { + return nil, fmt.Errorf("not found") + } + return latestBundle, nil + } + replacementAndLatestSource.GetReplacementBundleInPackageChannelStub = func(ctx context.Context, bundleName, pkgName, channelName string) (*opregistry.Bundle, error) { + return nextBundle, nil + } + replacementAndLatestSource.GetBundleInPackageChannelStub = func(ctx context.Context, pkgName, channelName string) (*opregistry.Bundle, error) { + return latestBundle, nil + } + replacementAndNoAnnotationLatestSource.GetReplacementBundleInPackageChannelStub = func(ctx context.Context, bundleName, pkgName, channelName string) (*opregistry.Bundle, error) { + return nextBundle, nil + } + replacementAndNoAnnotationLatestSource.GetBundleInPackageChannelStub = func(ctx context.Context, pkgName, channelName string) (*opregistry.Bundle, error) { + return latestBundleNoAnnotation, nil + } + + initialKey := CatalogKey{"initial", "ns"} + otherKey := CatalogKey{"other", "other"} + replacementKey := CatalogKey{"replacement", "ns"} + replacementAndLatestKey := CatalogKey{"replat", "ns"} + replacementAndNoAnnotationLatestKey := CatalogKey{"replatbad", "ns"} + + sources := map[CatalogKey]client.Interface{ + initialKey: &initialSource, + otherKey: &otherSource, + replacementKey: &replacementSource, + replacementAndLatestKey: &replacementAndLatestSource, + replacementAndNoAnnotationLatestKey: &replacementAndNoAnnotationLatestSource, + } + + startVersion := semver.MustParse("1.0.0-0") + notInRange := semver.MustParse("1.0.0-1556661347") + + type fields struct { + sources map[CatalogKey]client.Interface + } + type args struct { + currentVersion *semver.Version + pkgName string + channelName string + bundleName string + initialSource CatalogKey + } + type out struct { + bundle *opregistry.Bundle + key *CatalogKey + err error + } + tests := []struct { + name string + fields fields + args args + out out + }{ + { + name: "FindsLatestInPrimaryCatalog", + fields: fields{sources: sources}, + args: args{&startVersion, "testPkg", "testChannel", "test.v1", initialKey}, + out: out{bundle: latestBundle, key: &initialKey, err: nil}, + }, + { + name: "FindsLatestInSecondaryCatalog", + fields: fields{sources: sources}, + args: args{&startVersion, "testPkg", "testChannel", "test.v1", otherKey}, + out: out{bundle: latestBundle, key: &otherKey, err: nil}, + }, + { + name: "PrefersLatestToReplaced/SameCatalog", + fields: fields{sources: sources}, + args: args{&startVersion, "testPkg", "testChannel", "test.v1", replacementAndLatestKey}, + out: out{bundle: latestBundle, key: &replacementAndLatestKey, err: nil}, + }, + { + name: "PrefersLatestToReplaced/OtherCatalog", + fields: fields{sources: sources}, + args: args{&startVersion, "testPkg", "testChannel", "test.v1", initialKey}, + out: out{bundle: latestBundle, key: &initialKey, err: nil}, + }, + { + name: "IgnoresLatestWithoutAnnotation", + fields: fields{sources: sources}, + args: args{&startVersion, "testPkg", "testChannel", "test.v1", replacementAndNoAnnotationLatestKey}, + out: out{bundle: nextBundle, key: &replacementAndNoAnnotationLatestKey, err: nil}, + }, + { + name: "IgnoresLatestNotInRange", + fields: fields{sources: sources}, + args: args{¬InRange, "testPkg", "testChannel", "test.v1", replacementAndLatestKey}, + out: out{bundle: nextBundle, key: &replacementAndLatestKey, err: nil}, + }, + { + name: "IgnoresLatestAtLatest", + fields: fields{sources: sources}, + args: args{&latestVersion, "testPkg", "testChannel", "test.v1", otherKey}, + out: out{bundle: nil, key: nil, err: nil}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + q := &NamespaceSourceQuerier{ + sources: tt.fields.sources, + } + var got *opregistry.Bundle + var key *CatalogKey + var err error + got, key, err = q.FindReplacement(tt.args.currentVersion, tt.args.bundleName, tt.args.pkgName, tt.args.channelName, tt.args.initialSource) + if err != nil { + t.Log(err.Error()) + } + require.Equal(t, tt.out.err, err) + require.Equal(t, tt.out.bundle, got) + require.Equal(t, tt.out.key, key) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/rbac.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/rbac.go new file mode 100644 index 000000000..15544df8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/rbac.go @@ -0,0 +1,156 @@ +package resolver + +import ( + "fmt" + + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apiserver/pkg/storage/names" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +var generateName = func(base string) string { + return names.SimpleNameGenerator.GenerateName(base + "-") +} + +type OperatorPermissions struct { + ServiceAccount *corev1.ServiceAccount + Roles []*rbacv1.Role + RoleBindings []*rbacv1.RoleBinding + ClusterRoles []*rbacv1.ClusterRole + ClusterRoleBindings []*rbacv1.ClusterRoleBinding +} + +func NewOperatorPermissions(serviceAccount *corev1.ServiceAccount) *OperatorPermissions { + return &OperatorPermissions{ + ServiceAccount: serviceAccount, + Roles: []*rbacv1.Role{}, + RoleBindings: []*rbacv1.RoleBinding{}, + ClusterRoles: []*rbacv1.ClusterRole{}, + ClusterRoleBindings: []*rbacv1.ClusterRoleBinding{}, + } +} + +func (o *OperatorPermissions) AddRole(role *rbacv1.Role) { + o.Roles = append(o.Roles, role) +} + +func (o *OperatorPermissions) AddRoleBinding(roleBinding *rbacv1.RoleBinding) { + o.RoleBindings = append(o.RoleBindings, roleBinding) +} + +func (o *OperatorPermissions) AddClusterRole(clusterRole *rbacv1.ClusterRole) { + o.ClusterRoles = append(o.ClusterRoles, clusterRole) +} + +func (o *OperatorPermissions) AddClusterRoleBinding(clusterRoleBinding *rbacv1.ClusterRoleBinding) { + o.ClusterRoleBindings = append(o.ClusterRoleBindings, clusterRoleBinding) +} + +func RBACForClusterServiceVersion(csv *v1alpha1.ClusterServiceVersion) (map[string]*OperatorPermissions, error) { + permissions := map[string]*OperatorPermissions{} + + // Use a StrategyResolver to get the strategy details + strategyResolver := install.StrategyResolver{} + strategy, err := strategyResolver.UnmarshalStrategy(csv.Spec.InstallStrategy) + if err != nil { + return nil, err + } + + // Assume the strategy is for a deployment + strategyDetailsDeployment, ok := strategy.(*install.StrategyDetailsDeployment) + if !ok { + return nil, fmt.Errorf("could not assert strategy implementation as deployment for CSV %s", csv.GetName()) + } + + // Resolve Permissions + for _, permission := range strategyDetailsDeployment.Permissions { + // Create ServiceAccount if necessary + if _, ok := permissions[permission.ServiceAccountName]; !ok { + serviceAccount := &corev1.ServiceAccount{} + serviceAccount.SetNamespace(csv.GetNamespace()) + serviceAccount.SetName(permission.ServiceAccountName) + ownerutil.AddNonBlockingOwner(serviceAccount, csv) + + permissions[permission.ServiceAccountName] = NewOperatorPermissions(serviceAccount) + } + + // Create Role + role := &rbacv1.Role{ + ObjectMeta: metav1.ObjectMeta{ + Name: generateName(csv.GetName()), + Namespace: csv.GetNamespace(), + OwnerReferences: []metav1.OwnerReference{ownerutil.NonBlockingOwner(csv)}, + Labels: ownerutil.OwnerLabel(csv, v1alpha1.ClusterServiceVersionKind), + }, + Rules: permission.Rules, + } + permissions[permission.ServiceAccountName].AddRole(role) + + // Create RoleBinding + roleBinding := &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: generateName(fmt.Sprintf("%s-%s", role.GetName(), permission.ServiceAccountName)), + Namespace: csv.GetNamespace(), + OwnerReferences: []metav1.OwnerReference{ownerutil.NonBlockingOwner(csv)}, + Labels: ownerutil.OwnerLabel(csv, v1alpha1.ClusterServiceVersionKind), + }, + RoleRef: rbacv1.RoleRef{ + Kind: "Role", + Name: role.GetName(), + APIGroup: rbacv1.GroupName}, + Subjects: []rbacv1.Subject{{ + Kind: "ServiceAccount", + Name: permission.ServiceAccountName, + Namespace: csv.GetNamespace(), + }}, + } + permissions[permission.ServiceAccountName].AddRoleBinding(roleBinding) + } + + // Resolve ClusterPermissions as StepResources + for _, permission := range strategyDetailsDeployment.ClusterPermissions { + // Create ServiceAccount if necessary + if _, ok := permissions[permission.ServiceAccountName]; !ok { + serviceAccount := &corev1.ServiceAccount{} + serviceAccount.SetName(permission.ServiceAccountName) + + permissions[permission.ServiceAccountName] = NewOperatorPermissions(serviceAccount) + } + + // Create ClusterRole + role := &rbacv1.ClusterRole{ + ObjectMeta: metav1.ObjectMeta{ + Name: generateName(csv.GetName()), + Labels: ownerutil.OwnerLabel(csv, v1alpha1.ClusterServiceVersionKind), + }, + Rules: permission.Rules, + } + permissions[permission.ServiceAccountName].AddClusterRole(role) + + // Create ClusterRoleBinding + roleBinding := &rbacv1.ClusterRoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: generateName(fmt.Sprintf("%s-%s", role.GetName(), permission.ServiceAccountName)), + Namespace: csv.GetNamespace(), + Labels: ownerutil.OwnerLabel(csv, v1alpha1.ClusterServiceVersionKind), + }, + RoleRef: rbacv1.RoleRef{ + Kind: "ClusterRole", + Name: role.GetName(), + APIGroup: rbacv1.GroupName, + }, + Subjects: []rbacv1.Subject{{ + Kind: "ServiceAccount", + Name: permission.ServiceAccountName, + Namespace: csv.GetNamespace(), + }}, + } + permissions[permission.ServiceAccountName].AddClusterRoleBinding(roleBinding) + } + return permissions, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/resolver.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/resolver.go new file mode 100644 index 000000000..6be988144 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/resolver.go @@ -0,0 +1,170 @@ +//go:generate counterfeiter -o fakes/fake_registry_client.go ../../../../vendor/github.com/operator-framework/operator-registry/pkg/client/client.go Interface +//go:generate counterfeiter -o ../../../fakes/fake_resolver.go . Resolver +package resolver + +import ( + "fmt" + "time" + + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1alpha1listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +var timeNow = func() metav1.Time { return metav1.NewTime(time.Now().UTC()) } + +type Resolver interface { + ResolveSteps(namespace string, sourceQuerier SourceQuerier) ([]*v1alpha1.Step, []*v1alpha1.Subscription, error) +} + +type OperatorsV1alpha1Resolver struct { + subLister v1alpha1listers.SubscriptionLister + csvLister v1alpha1listers.ClusterServiceVersionLister +} + +var _ Resolver = &OperatorsV1alpha1Resolver{} + +func NewOperatorsV1alpha1Resolver(lister operatorlister.OperatorLister) *OperatorsV1alpha1Resolver { + return &OperatorsV1alpha1Resolver{ + subLister: lister.OperatorsV1alpha1().SubscriptionLister(), + csvLister: lister.OperatorsV1alpha1().ClusterServiceVersionLister(), + } +} + +func (r *OperatorsV1alpha1Resolver) ResolveSteps(namespace string, sourceQuerier SourceQuerier) ([]*v1alpha1.Step, []*v1alpha1.Subscription, error) { + if err := sourceQuerier.Queryable(); err != nil { + return nil, nil, err + } + + // create a generation - a representation of the current set of installed operators and their provided/required apis + allCSVs, err := r.csvLister.ClusterServiceVersions(namespace).List(labels.Everything()) + if err != nil { + return nil, nil, err + } + + // TODO: build this index ahead of time + // omit copied csvs from generation - they indicate that apis are provided to the namespace, not by the namespace + var csvs []*v1alpha1.ClusterServiceVersion + for _, c := range allCSVs { + if !c.IsCopied() { + csvs = append(csvs, c) + } + } + + subs, err := r.subLister.Subscriptions(namespace).List(labels.Everything()) + if err != nil { + return nil, nil, err + } + + gen, err := NewGenerationFromCluster(csvs, subs) + if err != nil { + return nil, nil, err + } + + // create a map of operatorsourceinfo (subscription+catalogsource data) to the original subscriptions + subMap := r.sourceInfoToSubscriptions(subs) + // get a list of new operators to add to the generation + add := r.sourceInfoForNewSubscriptions(namespace, subMap) + + // evolve a generation by resolving the set of subscriptions (in `add`) by querying with `source` + // and taking the current generation (in `gen`) into account + if err := NewNamespaceGenerationEvolver(sourceQuerier, gen).Evolve(add); err != nil { + return nil, nil, err + } + + // if there's no error, we were able to satsify all constraints in the subscription set, so we calculate what + // changes to persist to the cluster and write them out as `steps` + steps := []*v1alpha1.Step{} + updatedSubs := []*v1alpha1.Subscription{} + for name, op := range gen.Operators() { + _, isAdded := add[*op.SourceInfo()] + existingSubscription, subExists := subMap[*op.SourceInfo()] + + // subscription exists and is up to date + if subExists && existingSubscription.Status.CurrentCSV == op.Identifier() && !isAdded { + continue + } + + // add steps for any new bundle + if op.Bundle() != nil { + bundleSteps, err := NewStepResourceFromBundle(op.Bundle(), namespace, op.Replaces(), op.SourceInfo().Catalog.Name, op.SourceInfo().Catalog.Namespace) + if err != nil { + return nil, nil, fmt.Errorf("failed to turn bundle into steps") + } + for _, s := range bundleSteps { + steps = append(steps, &v1alpha1.Step{ + Resolving: name, + Resource: s, + Status: v1alpha1.StepStatusUnknown, + }) + } + + // add steps for subscriptions for bundles that were added through resolution + if !subExists { + // explicitly track the resolved CSV as the starting CSV on the resolved subscriptions + op.SourceInfo().StartingCSV = op.Identifier() + subStep, err := NewSubscriptionStepResource(namespace, *op.SourceInfo()) + if err != nil { + return nil, nil, err + } + steps = append(steps, &v1alpha1.Step{ + Resolving: name, + Resource: subStep, + Status: v1alpha1.StepStatusUnknown, + }) + } + } + + // update existing subscriptions status + if subExists && existingSubscription.Status.CurrentCSV != op.Identifier() { + existingSubscription.Status.CurrentCSV = op.Identifier() + updatedSubs = append(updatedSubs, existingSubscription) + } + } + + return steps, updatedSubs, nil +} + +func (r *OperatorsV1alpha1Resolver) sourceInfoForNewSubscriptions(namespace string, subs map[OperatorSourceInfo]*v1alpha1.Subscription) (add map[OperatorSourceInfo]struct{}) { + add = make(map[OperatorSourceInfo]struct{}) + for key, sub := range subs { + if sub.Status.CurrentCSV == "" { + add[key] = struct{}{} + continue + } + csv, err := r.csvLister.ClusterServiceVersions(namespace).Get(sub.Status.CurrentCSV) + if csv == nil || errors.IsNotFound(err) { + add[key] = struct{}{} + } + } + return +} + +func (r *OperatorsV1alpha1Resolver) sourceInfoToSubscriptions(subs []*v1alpha1.Subscription) (add map[OperatorSourceInfo]*v1alpha1.Subscription) { + add = make(map[OperatorSourceInfo]*v1alpha1.Subscription) + var sourceNamespace string + for _, s := range subs { + startingCSV := s.Spec.StartingCSV + if s.Status.CurrentCSV != "" { + // If a csv has previously been resolved for the operator, don't enable + // a starting csv search. + startingCSV = "" + } + if s.Spec.CatalogSourceNamespace == "" { + sourceNamespace = s.GetNamespace() + } else { + sourceNamespace = s.Spec.CatalogSourceNamespace + } + add[OperatorSourceInfo{ + Package: s.Spec.Package, + Channel: s.Spec.Channel, + StartingCSV: startingCSV, + Catalog: CatalogKey{Name: s.Spec.CatalogSource, Namespace: sourceNamespace}, + }] = s.DeepCopy() + } + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/resolver_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/resolver_test.go new file mode 100644 index 000000000..2fea35690 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/resolver_test.go @@ -0,0 +1,596 @@ +package resolver + +import ( + "strings" + "testing" + "time" + + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/client-go/tools/cache" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +var ( + // conventions for tests: packages are letters (a,b,c) and apis are numbers (1,2,3) + + // APISets used for tests + APISet1 = APISet{opregistry.APIKey{"g", "v", "k", "ks"}: struct{}{}} + Provides1 = APISet1 + Requires1 = APISet1 + APISet2 = APISet{opregistry.APIKey{"g2", "v2", "k2", "k2s"}: struct{}{}} + Provides2 = APISet2 + Requires2 = APISet2 + APISet3 = APISet{opregistry.APIKey{"g3", "v3", "k3", "k3s"}: struct{}{}} + Provides3 = APISet3 + Requires3 = APISet3 + APISet4 = APISet{opregistry.APIKey{"g4", "v4", "k4", "k4s"}: struct{}{}} + Provides4 = APISet4 + Requires4 = APISet4 +) + +func TestNamespaceResolver(t *testing.T) { + namespace := "catsrc-namespace" + catalog := CatalogKey{"catsrc", namespace} + type out struct { + steps [][]*v1alpha1.Step + subs []*v1alpha1.Subscription + err error + } + nothing := out{ + steps: [][]*v1alpha1.Step{}, + subs: []*v1alpha1.Subscription{}, + } + tests := []struct { + name string + clusterState []runtime.Object + querier SourceQuerier + out out + }{ + { + name: "SingleNewSubscription/NoDeps", + clusterState: []runtime.Object{ + newSub(namespace, "a", "alpha", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", nil, nil, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v1", "a", "alpha", "", nil, nil, nil, nil), namespace, "", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v1", "a", "alpha", catalog), + }, + }, + }, + { + name: "SingleNewSubscription/ResolveOne", + clusterState: []runtime.Object{ + newSub(namespace, "a", "alpha", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), + bundle("a.v1", "a", "alpha", "", nil, Requires1, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v1", "a", "alpha", "", nil, Requires1, nil, nil), namespace, "", catalog), + bundleSteps(bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), namespace, "", catalog), + subSteps(namespace, "b.v1", "b", "beta", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v1", "a", "alpha", catalog), + }, + }, + }, + { + name: "SingleNewSubscription/ResolveOne/AdditionalBundleObjects", + clusterState: []runtime.Object{ + newSub(namespace, "a", "alpha", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + withBundleObject(bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), u(&rbacv1.RoleBinding{TypeMeta: metav1.TypeMeta{Kind: "RoleBinding", APIVersion: "rbac.authorization.k8s.io/v1"}, ObjectMeta: metav1.ObjectMeta{Name: "test-rb"}})), + bundle("a.v1", "a", "alpha", "", nil, Requires1, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v1", "a", "alpha", "", nil, Requires1, nil, nil), namespace, "", catalog), + bundleSteps(withBundleObject(bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), u(&rbacv1.RoleBinding{TypeMeta: metav1.TypeMeta{Kind: "RoleBinding", APIVersion: "rbac.authorization.k8s.io/v1"}, ObjectMeta: metav1.ObjectMeta{Name: "test-rb"}})), namespace, "", catalog), + subSteps(namespace, "b.v1", "b", "beta", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v1", "a", "alpha", catalog), + }, + }, + }, + { + name: "SingleNewSubscription/ResolveOne/AdditionalBundleObjects/Service", + clusterState: []runtime.Object{ + newSub(namespace, "a", "alpha", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + withBundleObject(bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), u(&corev1.Service{TypeMeta: metav1.TypeMeta{Kind: "Service", APIVersion: ""}, ObjectMeta: metav1.ObjectMeta{Name: "test-service"}})), + bundle("a.v1", "a", "alpha", "", nil, Requires1, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v1", "a", "alpha", "", nil, Requires1, nil, nil), namespace, "", catalog), + bundleSteps(withBundleObject(bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), u(&corev1.Service{TypeMeta: metav1.TypeMeta{Kind: "Service", APIVersion: ""}, ObjectMeta: metav1.ObjectMeta{Name: "test-service"}})), namespace, "", catalog), + subSteps(namespace, "b.v1", "b", "beta", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v1", "a", "alpha", catalog), + }, + }, + }, + { + name: "SingleNewSubscription/DependencyMissing", + clusterState: []runtime.Object{ + newSub(namespace, "a", "alpha", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", nil, Requires1, nil, nil), + }, + }), + out: nothing, + }, + { + name: "InstalledSub/NoUpdates", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + existingOperator(namespace, "a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + }, + }), + out: nothing, + }, + { + name: "InstalledSub/UpdateAvailable", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + existingOperator(namespace, "a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v2", "a", "alpha", "a.v1", Provides1, nil, nil, nil), + bundle("a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v2", "a", "alpha", "a.v1", Provides1, nil, nil, nil), namespace, "", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v2", "a", "alpha", catalog), + }, + }, + }, + { + name: "InstalledSub/NoRunningOperator", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v1", "a", "alpha", "", Provides1, nil, nil, nil), namespace, "", catalog), + }, + // no updated subs because existingSub already points the right CSV, it just didn't exist for some reason + subs: []*v1alpha1.Subscription{}, + }, + }, + { + name: "InstalledSub/UpdateFound/UpdateRequires/ResolveOne", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + existingOperator(namespace, "a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", nil, nil, nil, nil), + bundle("a.v2", "a", "alpha", "a.v1", nil, Requires1, nil, nil), + bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v2", "a", "alpha", "a.v1", nil, Requires1, nil, nil), namespace, "", catalog), + bundleSteps(bundle("b.v1", "b", "beta", "", Provides1, nil, nil, nil), namespace, "", catalog), + subSteps(namespace, "b.v1", "b", "beta", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v2", "a", "alpha", catalog), + }, + }, + }, + { + name: "InstalledSub/UpdateFound/UpdateRequires/ResolveOne/APIServer", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + existingOperator(namespace, "a.v1", "a", "alpha", "", nil, nil, Provides1, nil), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", nil, nil, nil, nil), + bundle("a.v2", "a", "alpha", "a.v1", nil, nil, nil, Requires1), + bundle("b.v1", "b", "beta", "", nil, nil, Provides1, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v2", "a", "alpha", "a.v1", nil, nil, nil, Requires1), namespace, "", catalog), + bundleSteps(bundle("b.v1", "b", "beta", "", nil, nil, Provides1, nil), namespace, "", catalog), + subSteps(namespace, "b.v1", "b", "beta", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v2", "a", "alpha", catalog), + }, + }, + }, + { + name: "InstalledSub/SingleNewSubscription/UpdateAvailable/ResolveOne", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + existingOperator(namespace, "a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + newSub(namespace, "b", "beta", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", nil, nil, nil, nil), + bundle("a.v2", "a", "alpha", "a.v1", nil, nil, nil, nil), + bundle("b.v1", "b", "beta", "", nil, nil, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v2", "a", "alpha", "a.v1", nil, nil, nil, nil), namespace, "", catalog), + bundleSteps(bundle("b.v1", "b", "beta", "", nil, nil, nil, nil), namespace, "", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v2", "a", "alpha", catalog), + updatedSub(namespace, "b.v1", "b", "beta", catalog), + }, + }, + }, + { + name: "InstalledSub/SingleNewSubscription/NoRunningOperator/ResolveOne", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + newSub(namespace, "b", "beta", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + bundle("b.v1", "b", "beta", "", nil, nil, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v1", "a", "alpha", "", Provides1, nil, nil, nil), namespace, "", catalog), + bundleSteps(bundle("b.v1", "b", "beta", "", nil, nil, nil, nil), namespace, "", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "b.v1", "b", "beta", catalog), + }, + }, + }, + { + name: "InstalledSub/SingleNewSubscription/NoRunningOperator/ResolveOne/APIServer", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + newSub(namespace, "b", "beta", catalog), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v1", "a", "alpha", "", nil, nil, Provides1, nil), + bundle("b.v1", "b", "beta", "", nil, nil, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v1", "a", "alpha", "", nil, nil, Provides1, nil), namespace, "", catalog), + bundleSteps(bundle("b.v1", "b", "beta", "", nil, nil, nil, nil), namespace, "", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "b.v1", "b", "beta", catalog), + }, + }, + }, + { + // This test verifies that version deadlock that could happen with the previous algorithm can't happen here + name: "NoMoreVersionDeadlock", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + existingOperator(namespace, "a.v1", "a", "alpha", "", Provides1, Requires2, nil, nil), + existingSub(namespace, "b.v1", "b", "alpha", catalog), + existingOperator(namespace, "b.v1", "b", "alpha", "", Provides2, Requires1, nil, nil), + }, + querier: NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{ + catalog: { + bundle("a.v2", "a", "alpha", "a.v1", Provides3, Requires4, nil, nil), + bundle("b.v2", "b", "alpha", "b.v1", Provides4, Requires3, nil, nil), + }, + }), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v2", "a", "alpha", "a.v1", Provides3, Requires4, nil, nil), namespace, "", catalog), + bundleSteps(bundle("b.v2", "b", "alpha", "b.v1", Provides4, Requires3, nil, nil), namespace, "", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v2", "a", "alpha", catalog), + updatedSub(namespace, "b.v2", "b", "alpha", catalog), + }, + }, + }, + { + name: "InstalledSub/UpdateInHead/SkipRange", + clusterState: []runtime.Object{ + existingSub(namespace, "a.v1", "a", "alpha", catalog), + existingOperator(namespace, "a.v1", "a", "alpha", "", Provides1, nil, nil, nil), + }, + querier: NewFakeSourceQuerierCustomReplacement(catalog, bundle("a.v3", "a", "alpha", "a.v2", nil, nil, nil, nil)), + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle("a.v3", "a", "alpha", "a.v2", nil, nil, nil, nil), namespace, "a.v1", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v3", "a", "alpha", catalog), + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + stopc := make(chan struct{}) + defer func() { + stopc <- struct{}{} + }() + expectedSteps := []*v1alpha1.Step{} + for _, steps := range tt.out.steps { + expectedSteps = append(expectedSteps, steps...) + } + informerFactory, _ := StartResolverInformers(namespace, stopc, tt.clusterState...) + lister := operatorlister.NewLister() + lister.OperatorsV1alpha1().RegisterSubscriptionLister(namespace, informerFactory.Operators().V1alpha1().Subscriptions().Lister()) + lister.OperatorsV1alpha1().RegisterClusterServiceVersionLister(namespace, informerFactory.Operators().V1alpha1().ClusterServiceVersions().Lister()) + + resolver := NewOperatorsV1alpha1Resolver(lister) + steps, subs, err := resolver.ResolveSteps(namespace, tt.querier) + require.Equal(t, tt.out.err, err) + t.Logf("%#v", steps) + RequireStepsEqual(t, expectedSteps, steps) + require.ElementsMatch(t, tt.out.subs, subs) + }) + } +} + +func TestNamespaceResolverRBAC(t *testing.T) { + generateName = func(base string) string { + return "a" + } + + namespace := "catsrc-namespace" + catalog := CatalogKey{"catsrc", namespace} + + simplePermissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: "test-sa", + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get", "list"}, + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + }, + }, + }, + } + bundle := bundleWithPermissions("a.v1", "a", "alpha", "", nil, nil, nil, nil, simplePermissions, simplePermissions) + type out struct { + steps [][]*v1alpha1.Step + subs []*v1alpha1.Subscription + err error + } + tests := []struct { + name string + clusterState []runtime.Object + bundlesInCatalog []*opregistry.Bundle + out out + }{ + { + name: "NewSubscription/Permissions/ClusterPermissions", + clusterState: []runtime.Object{ + newSub(namespace, "a", "alpha", catalog), + }, + bundlesInCatalog: []*opregistry.Bundle{bundle}, + out: out{ + steps: [][]*v1alpha1.Step{ + bundleSteps(bundle, namespace, "", catalog), + }, + subs: []*v1alpha1.Subscription{ + updatedSub(namespace, "a.v1", "a", "alpha", catalog), + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + stopc := make(chan struct{}) + defer func() { + stopc <- struct{}{} + }() + expectedSteps := []*v1alpha1.Step{} + for _, steps := range tt.out.steps { + expectedSteps = append(expectedSteps, steps...) + } + informerFactory, _ := StartResolverInformers(namespace, stopc, tt.clusterState...) + lister := operatorlister.NewLister() + lister.OperatorsV1alpha1().RegisterSubscriptionLister(namespace, informerFactory.Operators().V1alpha1().Subscriptions().Lister()) + lister.OperatorsV1alpha1().RegisterClusterServiceVersionLister(namespace, informerFactory.Operators().V1alpha1().ClusterServiceVersions().Lister()) + + resolver := NewOperatorsV1alpha1Resolver(lister) + querier := NewFakeSourceQuerier(map[CatalogKey][]*opregistry.Bundle{catalog: tt.bundlesInCatalog}) + steps, subs, err := resolver.ResolveSteps(namespace, querier) + require.Equal(t, tt.out.err, err) + RequireStepsEqual(t, expectedSteps, steps) + require.ElementsMatch(t, tt.out.subs, subs) + }) + } +} + +// Helpers for resolver tests + +func StartResolverInformers(namespace string, stopCh <-chan struct{}, objs ...runtime.Object) (externalversions.SharedInformerFactory, []cache.InformerSynced) { + // Create client fakes + clientFake := fake.NewSimpleClientset(objs...) + + var hasSyncedCheckFns []cache.InformerSynced + nsInformerFactory := externalversions.NewSharedInformerFactoryWithOptions(clientFake, time.Second, externalversions.WithNamespace(namespace)) + informers := []cache.SharedIndexInformer{ + nsInformerFactory.Operators().V1alpha1().Subscriptions().Informer(), + nsInformerFactory.Operators().V1alpha1().ClusterServiceVersions().Informer(), + } + + for _, informer := range informers { + hasSyncedCheckFns = append(hasSyncedCheckFns, informer.HasSynced) + go informer.Run(stopCh) + } + if ok := cache.WaitForCacheSync(stopCh, hasSyncedCheckFns...); !ok { + panic("failed to wait for caches to sync") + } + + return nsInformerFactory, hasSyncedCheckFns +} + +func newSub(namespace, pkg, channel string, catalog CatalogKey) *v1alpha1.Subscription { + return &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: pkg + "-" + channel, + Namespace: namespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + Package: pkg, + Channel: channel, + CatalogSource: catalog.Name, + CatalogSourceNamespace: catalog.Namespace, + }, + } +} + +func updatedSub(namespace, operatorName, pkg, channel string, catalog CatalogKey) *v1alpha1.Subscription { + return &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: pkg + "-" + channel, + Namespace: namespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + Package: pkg, + Channel: channel, + CatalogSource: catalog.Name, + CatalogSourceNamespace: catalog.Namespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: operatorName, + }, + } +} + +func existingSub(namespace, operatorName, pkg, channel string, catalog CatalogKey) *v1alpha1.Subscription { + return &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: pkg + "-" + channel, + Namespace: namespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + Package: pkg, + Channel: channel, + CatalogSource: catalog.Name, + CatalogSourceNamespace: catalog.Namespace, + }, + Status: v1alpha1.SubscriptionStatus{ + CurrentCSV: operatorName, + }, + } +} + +func existingOperator(namespace, operatorName, pkg, channel, replaces string, providedCRDs, requiredCRDs, providedAPIs, requiredAPIs APISet) *v1alpha1.ClusterServiceVersion { + bundleForOperator := bundle(operatorName, pkg, channel, replaces, providedCRDs, requiredCRDs, providedAPIs, requiredAPIs) + csv, err := bundleForOperator.ClusterServiceVersion() + if err != nil { + panic(err) + } + csv.SetNamespace(namespace) + return csv +} + +func bundleSteps(bundle *opregistry.Bundle, ns, replaces string, catalog CatalogKey) []*v1alpha1.Step { + if replaces == "" { + csv, _ := bundle.ClusterServiceVersion() + replaces = csv.Spec.Replaces + } + stepresources, err := NewStepResourceFromBundle(bundle, ns, replaces, catalog.Name, catalog.Namespace) + if err != nil { + panic(err) + } + + steps := make([]*v1alpha1.Step, 0) + for _, sr := range stepresources { + steps = append(steps, &v1alpha1.Step{ + Resolving: bundle.Name, + Resource: sr, + Status: v1alpha1.StepStatusUnknown, + }) + } + return steps +} + +func subSteps(namespace, operatorName, pkgName, channelName string, catalog CatalogKey) []*v1alpha1.Step { + sub := &v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Name: strings.Join([]string{pkgName, channelName, catalog.Name, catalog.Namespace}, "-"), + Namespace: namespace, + }, + Spec: &v1alpha1.SubscriptionSpec{ + Package: pkgName, + Channel: channelName, + CatalogSource: catalog.Name, + CatalogSourceNamespace: catalog.Namespace, + StartingCSV: operatorName, + InstallPlanApproval: v1alpha1.ApprovalAutomatic, + }, + } + stepresource, err := NewStepResourceFromObject(sub, catalog.Name, catalog.Namespace) + if err != nil { + panic(err) + } + return []*v1alpha1.Step{{ + Resolving: operatorName, + Resource: stepresource, + Status: v1alpha1.StepStatusUnknown, + }} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/steps.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/steps.go new file mode 100644 index 000000000..7cf2701d8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/steps.go @@ -0,0 +1,171 @@ +package resolver + +import ( + "bytes" + "fmt" + "strings" + + "github.com/operator-framework/operator-registry/pkg/registry" + extScheme "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + k8sjson "k8s.io/apimachinery/pkg/runtime/serializer/json" + k8sscheme "k8s.io/client-go/kubernetes/scheme" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +var ( + scheme = runtime.NewScheme() +) + +func init() { + k8sscheme.AddToScheme(scheme) + extScheme.AddToScheme(scheme) + if err := v1alpha1.AddToScheme(scheme); err != nil { + panic(err) + } +} + +// NewStepResourceForObject returns a new StepResource for the provided object +func NewStepResourceFromObject(obj runtime.Object, catalogSourceName, catalogSourceNamespace string) (v1alpha1.StepResource, error) { + var resource v1alpha1.StepResource + + // set up object serializer + serializer := k8sjson.NewSerializer(k8sjson.DefaultMetaFactory, scheme, scheme, false) + + // create an object manifest + var manifest bytes.Buffer + err := serializer.Encode(obj, &manifest) + if err != nil { + return resource, err + } + + if err := ownerutil.InferGroupVersionKind(obj); err != nil { + return resource, err + } + + gvk := obj.GetObjectKind().GroupVersionKind() + + metaObj, ok := obj.(metav1.Object) + if !ok { + return resource, fmt.Errorf("couldn't get object metadata") + } + + name := metaObj.GetName() + if name == "" { + name = metaObj.GetGenerateName() + } + + // create the resource + resource = v1alpha1.StepResource{ + Name: name, + Kind: gvk.Kind, + Group: gvk.Group, + Version: gvk.Version, + Manifest: manifest.String(), + CatalogSource: catalogSourceName, + CatalogSourceNamespace: catalogSourceNamespace, + } + + return resource, nil +} + +func NewSubscriptionStepResource(namespace string, info OperatorSourceInfo) (v1alpha1.StepResource, error) { + return NewStepResourceFromObject(&v1alpha1.Subscription{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: strings.Join([]string{info.Package, info.Channel, info.Catalog.Name, info.Catalog.Namespace}, "-"), + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: info.Catalog.Name, + CatalogSourceNamespace: info.Catalog.Namespace, + Package: info.Package, + Channel: info.Channel, + StartingCSV: info.StartingCSV, + InstallPlanApproval: v1alpha1.ApprovalAutomatic, + }, + }, info.Catalog.Name, info.Catalog.Namespace) +} + +func NewStepResourceFromBundle(bundle *registry.Bundle, namespace, replaces, catalogSourceName, catalogSourceNamespace string) ([]v1alpha1.StepResource, error) { + csv, err := bundle.ClusterServiceVersion() + if err != nil { + return nil, err + } + + csv.SetNamespace(namespace) + csv.Spec.Replaces = replaces + + step, err := NewStepResourceFromObject(csv, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + steps := []v1alpha1.StepResource{step} + + for _, object := range bundle.Objects { + if object.GetObjectKind().GroupVersionKind().Kind == v1alpha1.ClusterServiceVersionKind { + continue + } + step, err := NewStepResourceFromObject(object, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + steps = append(steps, step) + } + + operatorServiceAccountSteps, err := NewServiceAccountStepResources(csv, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + steps = append(steps, operatorServiceAccountSteps...) + return steps, nil +} + +// NewServiceAccountStepResources returns a list of step resources required to satisfy the RBAC requirements of the given CSV's InstallStrategy +func NewServiceAccountStepResources(csv *v1alpha1.ClusterServiceVersion, catalogSourceName, catalogSourceNamespace string) ([]v1alpha1.StepResource, error) { + var rbacSteps []v1alpha1.StepResource + + operatorPermissions, err := RBACForClusterServiceVersion(csv) + if err != nil { + return nil, err + } + + for _, perms := range operatorPermissions { + step, err := NewStepResourceFromObject(perms.ServiceAccount, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + rbacSteps = append(rbacSteps, step) + for _, role := range perms.Roles { + step, err := NewStepResourceFromObject(role, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + rbacSteps = append(rbacSteps, step) + } + for _, roleBinding := range perms.RoleBindings { + step, err := NewStepResourceFromObject(roleBinding, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + rbacSteps = append(rbacSteps, step) + } + for _, clusterRole := range perms.ClusterRoles { + step, err := NewStepResourceFromObject(clusterRole, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + rbacSteps = append(rbacSteps, step) + } + for _, clusterRoleBinding := range perms.ClusterRoleBindings { + step, err := NewStepResourceFromObject(clusterRoleBinding, catalogSourceName, catalogSourceNamespace) + if err != nil { + return nil, err + } + rbacSteps = append(rbacSteps, step) + } + } + return rbacSteps, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/util_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/util_test.go new file mode 100644 index 000000000..6f41ced81 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/util_test.go @@ -0,0 +1,374 @@ +package resolver + +import ( + "context" + "encoding/json" + "fmt" + "strings" + "testing" + + "github.com/blang/semver" + "github.com/operator-framework/operator-registry/pkg/client" + opregistry "github.com/operator-framework/operator-registry/pkg/registry" + "github.com/stretchr/testify/require" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver/fakes" +) + +// RequireStepsEqual is similar to require.ElementsMatch, but produces better error messages +func RequireStepsEqual(t *testing.T, expectedSteps, steps []*v1alpha1.Step) { + for _, s := range expectedSteps { + require.Contains(t, steps, s, "step in expected not found in steps") + } + for _, s := range steps { + require.Contains(t, expectedSteps, s, "step in steps not found in expected") + } +} + +func NewGenerationFromOperators(ops ...OperatorSurface) *NamespaceGeneration { + g := NewEmptyGeneration() + + for _, op := range ops { + if err := g.AddOperator(op); err != nil { + fmt.Printf("error adding operator: %s\n", err.Error()) + return nil + } + } + return g +} + +func NewFakeOperatorSurface(name, pkg, channel, replaces, src, startingCSV string, providedCRDs, requiredCRDs, providedAPIServices, requiredAPIServices []opregistry.APIKey) *Operator { + providedAPISet := EmptyAPISet() + requiredAPISet := EmptyAPISet() + providedCRDAPISet := EmptyAPISet() + requiredCRDAPISet := EmptyAPISet() + providedAPIServiceAPISet := EmptyAPISet() + requiredAPIServiceAPISet := EmptyAPISet() + version := semver.MustParse("0.0.0") + + for _, p := range providedCRDs { + providedCRDAPISet[p] = struct{}{} + providedAPISet[p] = struct{}{} + } + for _, r := range requiredCRDs { + requiredCRDAPISet[r] = struct{}{} + requiredAPISet[r] = struct{}{} + } + for _, p := range providedAPIServices { + providedAPIServiceAPISet[p] = struct{}{} + providedAPISet[p] = struct{}{} + } + for _, r := range requiredAPIServices { + requiredAPIServiceAPISet[r] = struct{}{} + requiredAPISet[r] = struct{}{} + } + b := bundle(name, pkg, channel, replaces, providedCRDAPISet, requiredCRDAPISet, providedAPIServiceAPISet, requiredAPIServiceAPISet) + // force bundle cache to fill + _, _ = b.ClusterServiceVersion() + _, _ = b.CustomResourceDefinitions() + + return &Operator{ + providedAPIs: providedAPISet, + requiredAPIs: requiredAPISet, + name: name, + replaces: replaces, + version: &version, + sourceInfo: &OperatorSourceInfo{ + Package: pkg, + Channel: channel, + StartingCSV: startingCSV, + Catalog: CatalogKey{src, src + "-namespace"}, + }, + bundle: b, + } +} + +func csv(name, replaces string, ownedCRDs, requiredCRDs, ownedAPIServices, requiredAPIServices APISet, permissions, clusterPermissions []install.StrategyDeploymentPermissions) *v1alpha1.ClusterServiceVersion { + var singleInstance = int32(1) + strategy := install.StrategyDetailsDeployment{ + Permissions: permissions, + ClusterPermissions: clusterPermissions, + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: name, + Spec: appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + "app": name, + }, + }, + Replicas: &singleInstance, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app": name, + }, + }, + Spec: corev1.PodSpec{ + ServiceAccountName: "sa", + Containers: []corev1.Container{ + { + Name: name + "-c1", + Image: "nginx:1.7.9", + Ports: []corev1.ContainerPort{ + { + ContainerPort: 80, + }, + }, + }, + }, + }, + }, + }, + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + if err != nil { + panic(err) + } + + installStrategy := v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + } + + requiredCRDDescs := make([]v1alpha1.CRDDescription, 0) + for crd := range requiredCRDs { + requiredCRDDescs = append(requiredCRDDescs, v1alpha1.CRDDescription{Name: crd.Plural + "." + crd.Group, Version: crd.Version, Kind: crd.Kind}) + } + + ownedCRDDescs := make([]v1alpha1.CRDDescription, 0) + for crd := range ownedCRDs { + ownedCRDDescs = append(ownedCRDDescs, v1alpha1.CRDDescription{Name: crd.Plural + "." + crd.Group, Version: crd.Version, Kind: crd.Kind}) + } + + requiredAPIDescs := make([]v1alpha1.APIServiceDescription, 0) + for api := range requiredAPIServices { + requiredAPIDescs = append(requiredAPIDescs, v1alpha1.APIServiceDescription{Name: api.Plural, Group: api.Group, Version: api.Version, Kind: api.Kind}) + } + + ownedAPIDescs := make([]v1alpha1.APIServiceDescription, 0) + for api := range ownedAPIServices { + ownedAPIDescs = append(ownedAPIDescs, v1alpha1.APIServiceDescription{Name: api.Plural, Group: api.Group, Version: api.Version, Kind: api.Kind, DeploymentName: name, ContainerPort: 80}) + } + + return &v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: replaces, + InstallStrategy: installStrategy, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: ownedCRDDescs, + Required: requiredCRDDescs, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: ownedAPIDescs, + Required: requiredAPIDescs, + }, + }, + } +} + +func crd(key opregistry.APIKey) *v1beta1.CustomResourceDefinition { + return &v1beta1.CustomResourceDefinition{ + TypeMeta: metav1.TypeMeta{ + Kind: "CustomResourceDefinition", + APIVersion: v1beta1.SchemeGroupVersion.String(), + }, + ObjectMeta: metav1.ObjectMeta{ + Name: key.Plural + "." + key.Group, + }, + Spec: v1beta1.CustomResourceDefinitionSpec{ + Group: key.Group, + Versions: []v1beta1.CustomResourceDefinitionVersion{ + { + Name: key.Version, + Storage: true, + Served: true, + }, + }, + Names: v1beta1.CustomResourceDefinitionNames{ + Kind: key.Kind, + Plural: key.Plural, + }, + }, + } +} + +func u(object runtime.Object) *unstructured.Unstructured { + unst, err := runtime.DefaultUnstructuredConverter.ToUnstructured(object) + if err != nil { + panic(err) + } + return &unstructured.Unstructured{Object: unst} +} + +func bundle(name, pkg, channel, replaces string, providedCRDs, requiredCRDs, providedAPIServices, requiredAPIServices APISet) *opregistry.Bundle { + bundleObjs := []*unstructured.Unstructured{u(csv(name, replaces, providedCRDs, requiredCRDs, providedAPIServices, requiredAPIServices, nil, nil))} + for p := range providedCRDs { + bundleObjs = append(bundleObjs, u(crd(p))) + } + return opregistry.NewBundle(name, pkg, channel, bundleObjs...) +} + +func withBundleObject(bundle *opregistry.Bundle, obj *unstructured.Unstructured) *opregistry.Bundle { + bundle.Add(obj) + return bundle +} + +func bundleWithPermissions(name, pkg, channel, replaces string, providedCRDs, requiredCRDs, providedAPIServices, requiredAPIServices APISet, permissions, clusterPermissions []install.StrategyDeploymentPermissions) *opregistry.Bundle { + bundleObjs := []*unstructured.Unstructured{u(csv(name, replaces, providedCRDs, requiredCRDs, providedAPIServices, requiredAPIServices, permissions, clusterPermissions))} + for p := range providedCRDs { + bundleObjs = append(bundleObjs, u(crd(p))) + } + return opregistry.NewBundle(name, pkg, channel, bundleObjs...) +} + +func withReplaces(operator *Operator, replaces string) *Operator { + operator.replaces = replaces + return operator +} + +// TestBundle verifies that the bundle stubbing works as expected +func TestBundleStub(t *testing.T) { + tests := []struct { + name string + bundle *opregistry.Bundle + wantProvidedAPIs APISet + wantRequiredAPIs APISet + }{ + { + name: "RequiredCRDs", + bundle: bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet()), + wantRequiredAPIs: APISet{ + opregistry.APIKey{"g", "v", "k", "ks"}: {}, + }, + }, + { + name: "ProvidedCRDs", + bundle: bundle("provider.v1", "provider", "channel", "", APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet(), EmptyAPISet(), EmptyAPISet()), + wantProvidedAPIs: APISet{ + opregistry.APIKey{"g", "v", "k", "ks"}: {}, + }, + }, + { + name: "RequiredAPIs", + bundle: bundle("depender.v1", "depender", "channel", "", EmptyAPISet(), EmptyAPISet(), EmptyAPISet(), APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}), + wantRequiredAPIs: APISet{ + opregistry.APIKey{"g", "v", "k", "ks"}: {}, + }, + }, + { + name: "ProvidedAPIs", + bundle: bundle("provider.v1", "provider", "channel", "", EmptyAPISet(), EmptyAPISet(), APISet{opregistry.APIKey{"g", "v", "k", "ks"}: {}}, EmptyAPISet()), + wantProvidedAPIs: APISet{ + opregistry.APIKey{"g", "v", "k", "ks"}: {}, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if tt.wantProvidedAPIs != nil { + provided, err := tt.bundle.ProvidedAPIs() + require.NoError(t, err) + require.EqualValues(t, tt.wantProvidedAPIs, provided) + } + if tt.wantRequiredAPIs != nil { + required, err := tt.bundle.RequiredAPIs() + require.NoError(t, err) + require.EqualValues(t, tt.wantRequiredAPIs, required) + } + }) + } + +} + +// NewFakeSourceQuerier builds a querier that talks to fake registry stubs for testing +func NewFakeSourceQuerier(bundlesByCatalog map[CatalogKey][]*opregistry.Bundle) *NamespaceSourceQuerier { + sources := map[CatalogKey]client.Interface{} + for catKey, bundles := range bundlesByCatalog { + source := &fakes.FakeInterface{} + source.GetBundleThatProvidesStub = func(ctx context.Context, groupOrName, version, kind string) (*opregistry.Bundle, error) { + for _, b := range bundles { + apis, err := b.ProvidedAPIs() + if err != nil { + return nil, err + } + for api := range apis { + if api.Version == version && api.Kind == kind && strings.Contains(groupOrName, api.Group) && strings.Contains(groupOrName, api.Plural) { + return b, nil + } + } + } + return nil, fmt.Errorf("no bundle found") + } + // note: this only allows for one bundle per package/channel, which may be enough for tests + source.GetBundleInPackageChannelStub = func(ctx context.Context, packageName, channelName string) (*opregistry.Bundle, error) { + for _, b := range bundles { + if b.Channel == channelName && b.Package == packageName { + return b, nil + } + } + return nil, fmt.Errorf("no bundle found") + } + + source.GetBundleStub = func(ctx context.Context, packageName, channelName, csvName string) (*opregistry.Bundle, error) { + for _, b := range bundles { + if b.Channel == channelName && b.Package == packageName && b.Name == csvName { + return b, nil + } + } + return nil, fmt.Errorf("no bundle found") + } + + source.GetReplacementBundleInPackageChannelStub = func(ctx context.Context, bundleName, packageName, channelName string) (*opregistry.Bundle, error) { + for _, b := range bundles { + csv, err := b.ClusterServiceVersion() + if err != nil { + panic(err) + } + if csv.Spec.Replaces == bundleName && b.Channel == channelName && b.Package == packageName { + return b, nil + } + } + return nil, fmt.Errorf("no bundle found") + } + sources[catKey] = source + } + return NewNamespaceSourceQuerier(sources) +} + +// NewFakeSourceQuerier builds a querier that talks to fake registry stubs for testing +func NewFakeSourceQuerierCustomReplacement(catKey CatalogKey, bundle *opregistry.Bundle) *NamespaceSourceQuerier { + sources := map[CatalogKey]client.Interface{} + source := &fakes.FakeInterface{} + source.GetBundleThatProvidesStub = func(ctx context.Context, groupOrName, version, kind string) (*opregistry.Bundle, error) { + return nil, fmt.Errorf("no bundle found") + } + source.GetBundleInPackageChannelStub = func(ctx context.Context, packageName, channelName string) (*opregistry.Bundle, error) { + return nil, fmt.Errorf("no bundle found") + } + source.GetBundleStub = func(ctx context.Context, packageName, channelName, csvName string) (*opregistry.Bundle, error) { + return nil, fmt.Errorf("no bundle found") + } + source.GetReplacementBundleInPackageChannelStub = func(ctx context.Context, bundleName, packageName, channelName string) (*opregistry.Bundle, error) { + return bundle, nil + } + sources[catKey] = source + return NewNamespaceSourceQuerier(sources) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/types.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/types.go new file mode 100644 index 000000000..473c50c1f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/types.go @@ -0,0 +1,57 @@ +package registry + +const ( + ConfigMapCRDName = "customResourceDefinitions" + ConfigMapCSVName = "clusterServiceVersions" + ConfigMapPackageName = "packages" +) + +// ResourceKey contains metadata to uniquely identify a resource +type ResourceKey struct { + Name string + Kind string + Namespace string +} + +// PackageManifest holds information about a package, which is a reference to one (or more) +// channels under a single package. +type PackageManifest struct { + // PackageName is the name of the overall package, ala `etcd`. + PackageName string `json:"packageName"` + + // Channels are the declared channels for the package, ala `stable` or `alpha`. + Channels []PackageChannel `json:"channels"` + + // DefaultChannel is, if specified, the name of the default channel for the package. The + // default channel will be installed if no other channel is explicitly given. If the package + // has a single channel, then that channel is implicitly the default. + DefaultChannelName string `json:"defaultChannel"` +} + +// GetDefaultChannel gets the default channel or returns the only one if there's only one. returns empty string if it +// can't determine the default +func (m PackageManifest) GetDefaultChannel() string { + if m.DefaultChannelName != "" { + return m.DefaultChannelName + } + if len(m.Channels) == 1 { + return m.Channels[0].Name + } + return "" +} + +// PackageChannel defines a single channel under a package, pointing to a version of that +// package. +type PackageChannel struct { + // Name is the name of the channel, e.g. `alpha` or `stable` + Name string `json:"name"` + + // CurrentCSV defines a reference to the CSV holding the version of this package currently + // for the channel. + CurrentCSVName string `json:"currentCSV"` +} + +// IsDefaultChannel returns true if the PackageChennel is the default for the PackageManifest +func (pc PackageChannel) IsDefaultChannel(pm PackageManifest) bool { + return pc.Name == pm.DefaultChannelName || len(pm.Channels) == 1 +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/client-go/listers/fake_v1_service_account_lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/client-go/listers/fake_v1_service_account_lister.go new file mode 100644 index 000000000..a715a6a09 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/client-go/listers/fake_v1_service_account_lister.go @@ -0,0 +1,190 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package listers + +import ( + "sync" + + v1a "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/labels" + v1 "k8s.io/client-go/listers/core/v1" +) + +type FakeServiceAccountLister struct { + ListStub func(labels.Selector) ([]*v1a.ServiceAccount, error) + listMutex sync.RWMutex + listArgsForCall []struct { + arg1 labels.Selector + } + listReturns struct { + result1 []*v1a.ServiceAccount + result2 error + } + listReturnsOnCall map[int]struct { + result1 []*v1a.ServiceAccount + result2 error + } + ServiceAccountsStub func(string) v1.ServiceAccountNamespaceLister + serviceAccountsMutex sync.RWMutex + serviceAccountsArgsForCall []struct { + arg1 string + } + serviceAccountsReturns struct { + result1 v1.ServiceAccountNamespaceLister + } + serviceAccountsReturnsOnCall map[int]struct { + result1 v1.ServiceAccountNamespaceLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeServiceAccountLister) List(arg1 labels.Selector) ([]*v1a.ServiceAccount, error) { + fake.listMutex.Lock() + ret, specificReturn := fake.listReturnsOnCall[len(fake.listArgsForCall)] + fake.listArgsForCall = append(fake.listArgsForCall, struct { + arg1 labels.Selector + }{arg1}) + fake.recordInvocation("List", []interface{}{arg1}) + fake.listMutex.Unlock() + if fake.ListStub != nil { + return fake.ListStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.listReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeServiceAccountLister) ListCallCount() int { + fake.listMutex.RLock() + defer fake.listMutex.RUnlock() + return len(fake.listArgsForCall) +} + +func (fake *FakeServiceAccountLister) ListCalls(stub func(labels.Selector) ([]*v1a.ServiceAccount, error)) { + fake.listMutex.Lock() + defer fake.listMutex.Unlock() + fake.ListStub = stub +} + +func (fake *FakeServiceAccountLister) ListArgsForCall(i int) labels.Selector { + fake.listMutex.RLock() + defer fake.listMutex.RUnlock() + argsForCall := fake.listArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeServiceAccountLister) ListReturns(result1 []*v1a.ServiceAccount, result2 error) { + fake.listMutex.Lock() + defer fake.listMutex.Unlock() + fake.ListStub = nil + fake.listReturns = struct { + result1 []*v1a.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeServiceAccountLister) ListReturnsOnCall(i int, result1 []*v1a.ServiceAccount, result2 error) { + fake.listMutex.Lock() + defer fake.listMutex.Unlock() + fake.ListStub = nil + if fake.listReturnsOnCall == nil { + fake.listReturnsOnCall = make(map[int]struct { + result1 []*v1a.ServiceAccount + result2 error + }) + } + fake.listReturnsOnCall[i] = struct { + result1 []*v1a.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeServiceAccountLister) ServiceAccounts(arg1 string) v1.ServiceAccountNamespaceLister { + fake.serviceAccountsMutex.Lock() + ret, specificReturn := fake.serviceAccountsReturnsOnCall[len(fake.serviceAccountsArgsForCall)] + fake.serviceAccountsArgsForCall = append(fake.serviceAccountsArgsForCall, struct { + arg1 string + }{arg1}) + fake.recordInvocation("ServiceAccounts", []interface{}{arg1}) + fake.serviceAccountsMutex.Unlock() + if fake.ServiceAccountsStub != nil { + return fake.ServiceAccountsStub(arg1) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.serviceAccountsReturns + return fakeReturns.result1 +} + +func (fake *FakeServiceAccountLister) ServiceAccountsCallCount() int { + fake.serviceAccountsMutex.RLock() + defer fake.serviceAccountsMutex.RUnlock() + return len(fake.serviceAccountsArgsForCall) +} + +func (fake *FakeServiceAccountLister) ServiceAccountsCalls(stub func(string) v1.ServiceAccountNamespaceLister) { + fake.serviceAccountsMutex.Lock() + defer fake.serviceAccountsMutex.Unlock() + fake.ServiceAccountsStub = stub +} + +func (fake *FakeServiceAccountLister) ServiceAccountsArgsForCall(i int) string { + fake.serviceAccountsMutex.RLock() + defer fake.serviceAccountsMutex.RUnlock() + argsForCall := fake.serviceAccountsArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeServiceAccountLister) ServiceAccountsReturns(result1 v1.ServiceAccountNamespaceLister) { + fake.serviceAccountsMutex.Lock() + defer fake.serviceAccountsMutex.Unlock() + fake.ServiceAccountsStub = nil + fake.serviceAccountsReturns = struct { + result1 v1.ServiceAccountNamespaceLister + }{result1} +} + +func (fake *FakeServiceAccountLister) ServiceAccountsReturnsOnCall(i int, result1 v1.ServiceAccountNamespaceLister) { + fake.serviceAccountsMutex.Lock() + defer fake.serviceAccountsMutex.Unlock() + fake.ServiceAccountsStub = nil + if fake.serviceAccountsReturnsOnCall == nil { + fake.serviceAccountsReturnsOnCall = make(map[int]struct { + result1 v1.ServiceAccountNamespaceLister + }) + } + fake.serviceAccountsReturnsOnCall[i] = struct { + result1 v1.ServiceAccountNamespaceLister + }{result1} +} + +func (fake *FakeServiceAccountLister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.listMutex.RLock() + defer fake.listMutex.RUnlock() + fake.serviceAccountsMutex.RLock() + defer fake.serviceAccountsMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeServiceAccountLister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ v1.ServiceAccountLister = new(FakeServiceAccountLister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/client-go/listers/fake_v1_service_account_namespace_lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/client-go/listers/fake_v1_service_account_namespace_lister.go new file mode 100644 index 000000000..7f924a1be --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/client-go/listers/fake_v1_service_account_namespace_lister.go @@ -0,0 +1,195 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package listers + +import ( + "sync" + + v1a "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/labels" + v1 "k8s.io/client-go/listers/core/v1" +) + +type FakeServiceAccountNamespaceLister struct { + GetStub func(string) (*v1a.ServiceAccount, error) + getMutex sync.RWMutex + getArgsForCall []struct { + arg1 string + } + getReturns struct { + result1 *v1a.ServiceAccount + result2 error + } + getReturnsOnCall map[int]struct { + result1 *v1a.ServiceAccount + result2 error + } + ListStub func(labels.Selector) ([]*v1a.ServiceAccount, error) + listMutex sync.RWMutex + listArgsForCall []struct { + arg1 labels.Selector + } + listReturns struct { + result1 []*v1a.ServiceAccount + result2 error + } + listReturnsOnCall map[int]struct { + result1 []*v1a.ServiceAccount + result2 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeServiceAccountNamespaceLister) Get(arg1 string) (*v1a.ServiceAccount, error) { + fake.getMutex.Lock() + ret, specificReturn := fake.getReturnsOnCall[len(fake.getArgsForCall)] + fake.getArgsForCall = append(fake.getArgsForCall, struct { + arg1 string + }{arg1}) + fake.recordInvocation("Get", []interface{}{arg1}) + fake.getMutex.Unlock() + if fake.GetStub != nil { + return fake.GetStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeServiceAccountNamespaceLister) GetCallCount() int { + fake.getMutex.RLock() + defer fake.getMutex.RUnlock() + return len(fake.getArgsForCall) +} + +func (fake *FakeServiceAccountNamespaceLister) GetCalls(stub func(string) (*v1a.ServiceAccount, error)) { + fake.getMutex.Lock() + defer fake.getMutex.Unlock() + fake.GetStub = stub +} + +func (fake *FakeServiceAccountNamespaceLister) GetArgsForCall(i int) string { + fake.getMutex.RLock() + defer fake.getMutex.RUnlock() + argsForCall := fake.getArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeServiceAccountNamespaceLister) GetReturns(result1 *v1a.ServiceAccount, result2 error) { + fake.getMutex.Lock() + defer fake.getMutex.Unlock() + fake.GetStub = nil + fake.getReturns = struct { + result1 *v1a.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeServiceAccountNamespaceLister) GetReturnsOnCall(i int, result1 *v1a.ServiceAccount, result2 error) { + fake.getMutex.Lock() + defer fake.getMutex.Unlock() + fake.GetStub = nil + if fake.getReturnsOnCall == nil { + fake.getReturnsOnCall = make(map[int]struct { + result1 *v1a.ServiceAccount + result2 error + }) + } + fake.getReturnsOnCall[i] = struct { + result1 *v1a.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeServiceAccountNamespaceLister) List(arg1 labels.Selector) ([]*v1a.ServiceAccount, error) { + fake.listMutex.Lock() + ret, specificReturn := fake.listReturnsOnCall[len(fake.listArgsForCall)] + fake.listArgsForCall = append(fake.listArgsForCall, struct { + arg1 labels.Selector + }{arg1}) + fake.recordInvocation("List", []interface{}{arg1}) + fake.listMutex.Unlock() + if fake.ListStub != nil { + return fake.ListStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.listReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeServiceAccountNamespaceLister) ListCallCount() int { + fake.listMutex.RLock() + defer fake.listMutex.RUnlock() + return len(fake.listArgsForCall) +} + +func (fake *FakeServiceAccountNamespaceLister) ListCalls(stub func(labels.Selector) ([]*v1a.ServiceAccount, error)) { + fake.listMutex.Lock() + defer fake.listMutex.Unlock() + fake.ListStub = stub +} + +func (fake *FakeServiceAccountNamespaceLister) ListArgsForCall(i int) labels.Selector { + fake.listMutex.RLock() + defer fake.listMutex.RUnlock() + argsForCall := fake.listArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeServiceAccountNamespaceLister) ListReturns(result1 []*v1a.ServiceAccount, result2 error) { + fake.listMutex.Lock() + defer fake.listMutex.Unlock() + fake.ListStub = nil + fake.listReturns = struct { + result1 []*v1a.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeServiceAccountNamespaceLister) ListReturnsOnCall(i int, result1 []*v1a.ServiceAccount, result2 error) { + fake.listMutex.Lock() + defer fake.listMutex.Unlock() + fake.ListStub = nil + if fake.listReturnsOnCall == nil { + fake.listReturnsOnCall = make(map[int]struct { + result1 []*v1a.ServiceAccount + result2 error + }) + } + fake.listReturnsOnCall[i] = struct { + result1 []*v1a.ServiceAccount + result2 error + }{result1, result2} +} + +func (fake *FakeServiceAccountNamespaceLister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.getMutex.RLock() + defer fake.getMutex.RUnlock() + fake.listMutex.RLock() + defer fake.listMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeServiceAccountNamespaceLister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ v1.ServiceAccountNamespaceLister = new(FakeServiceAccountNamespaceLister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_api_intersection_reconciler.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_api_intersection_reconciler.go new file mode 100644 index 000000000..7ce13e21a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_api_intersection_reconciler.go @@ -0,0 +1,114 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" +) + +type FakeAPIIntersectionReconciler struct { + ReconcileStub func(resolver.APISet, resolver.OperatorGroupSurface, ...resolver.OperatorGroupSurface) resolver.APIReconciliationResult + reconcileMutex sync.RWMutex + reconcileArgsForCall []struct { + arg1 resolver.APISet + arg2 resolver.OperatorGroupSurface + arg3 []resolver.OperatorGroupSurface + } + reconcileReturns struct { + result1 resolver.APIReconciliationResult + } + reconcileReturnsOnCall map[int]struct { + result1 resolver.APIReconciliationResult + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeAPIIntersectionReconciler) Reconcile(arg1 resolver.APISet, arg2 resolver.OperatorGroupSurface, arg3 ...resolver.OperatorGroupSurface) resolver.APIReconciliationResult { + fake.reconcileMutex.Lock() + ret, specificReturn := fake.reconcileReturnsOnCall[len(fake.reconcileArgsForCall)] + fake.reconcileArgsForCall = append(fake.reconcileArgsForCall, struct { + arg1 resolver.APISet + arg2 resolver.OperatorGroupSurface + arg3 []resolver.OperatorGroupSurface + }{arg1, arg2, arg3}) + fake.recordInvocation("Reconcile", []interface{}{arg1, arg2, arg3}) + fake.reconcileMutex.Unlock() + if fake.ReconcileStub != nil { + return fake.ReconcileStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.reconcileReturns + return fakeReturns.result1 +} + +func (fake *FakeAPIIntersectionReconciler) ReconcileCallCount() int { + fake.reconcileMutex.RLock() + defer fake.reconcileMutex.RUnlock() + return len(fake.reconcileArgsForCall) +} + +func (fake *FakeAPIIntersectionReconciler) ReconcileCalls(stub func(resolver.APISet, resolver.OperatorGroupSurface, ...resolver.OperatorGroupSurface) resolver.APIReconciliationResult) { + fake.reconcileMutex.Lock() + defer fake.reconcileMutex.Unlock() + fake.ReconcileStub = stub +} + +func (fake *FakeAPIIntersectionReconciler) ReconcileArgsForCall(i int) (resolver.APISet, resolver.OperatorGroupSurface, []resolver.OperatorGroupSurface) { + fake.reconcileMutex.RLock() + defer fake.reconcileMutex.RUnlock() + argsForCall := fake.reconcileArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeAPIIntersectionReconciler) ReconcileReturns(result1 resolver.APIReconciliationResult) { + fake.reconcileMutex.Lock() + defer fake.reconcileMutex.Unlock() + fake.ReconcileStub = nil + fake.reconcileReturns = struct { + result1 resolver.APIReconciliationResult + }{result1} +} + +func (fake *FakeAPIIntersectionReconciler) ReconcileReturnsOnCall(i int, result1 resolver.APIReconciliationResult) { + fake.reconcileMutex.Lock() + defer fake.reconcileMutex.Unlock() + fake.ReconcileStub = nil + if fake.reconcileReturnsOnCall == nil { + fake.reconcileReturnsOnCall = make(map[int]struct { + result1 resolver.APIReconciliationResult + }) + } + fake.reconcileReturnsOnCall[i] = struct { + result1 resolver.APIReconciliationResult + }{result1} +} + +func (fake *FakeAPIIntersectionReconciler) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.reconcileMutex.RLock() + defer fake.reconcileMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeAPIIntersectionReconciler) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ resolver.APIIntersectionReconciler = new(FakeAPIIntersectionReconciler) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_reconciler.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_reconciler.go new file mode 100644 index 000000000..86122c647 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_reconciler.go @@ -0,0 +1,189 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" +) + +type FakeRegistryReconciler struct { + CheckRegistryServerStub func(*v1alpha1.CatalogSource) (bool, error) + checkRegistryServerMutex sync.RWMutex + checkRegistryServerArgsForCall []struct { + arg1 *v1alpha1.CatalogSource + } + checkRegistryServerReturns struct { + result1 bool + result2 error + } + checkRegistryServerReturnsOnCall map[int]struct { + result1 bool + result2 error + } + EnsureRegistryServerStub func(*v1alpha1.CatalogSource) error + ensureRegistryServerMutex sync.RWMutex + ensureRegistryServerArgsForCall []struct { + arg1 *v1alpha1.CatalogSource + } + ensureRegistryServerReturns struct { + result1 error + } + ensureRegistryServerReturnsOnCall map[int]struct { + result1 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeRegistryReconciler) CheckRegistryServer(arg1 *v1alpha1.CatalogSource) (bool, error) { + fake.checkRegistryServerMutex.Lock() + ret, specificReturn := fake.checkRegistryServerReturnsOnCall[len(fake.checkRegistryServerArgsForCall)] + fake.checkRegistryServerArgsForCall = append(fake.checkRegistryServerArgsForCall, struct { + arg1 *v1alpha1.CatalogSource + }{arg1}) + fake.recordInvocation("CheckRegistryServer", []interface{}{arg1}) + fake.checkRegistryServerMutex.Unlock() + if fake.CheckRegistryServerStub != nil { + return fake.CheckRegistryServerStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.checkRegistryServerReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryReconciler) CheckRegistryServerCallCount() int { + fake.checkRegistryServerMutex.RLock() + defer fake.checkRegistryServerMutex.RUnlock() + return len(fake.checkRegistryServerArgsForCall) +} + +func (fake *FakeRegistryReconciler) CheckRegistryServerCalls(stub func(*v1alpha1.CatalogSource) (bool, error)) { + fake.checkRegistryServerMutex.Lock() + defer fake.checkRegistryServerMutex.Unlock() + fake.CheckRegistryServerStub = stub +} + +func (fake *FakeRegistryReconciler) CheckRegistryServerArgsForCall(i int) *v1alpha1.CatalogSource { + fake.checkRegistryServerMutex.RLock() + defer fake.checkRegistryServerMutex.RUnlock() + argsForCall := fake.checkRegistryServerArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeRegistryReconciler) CheckRegistryServerReturns(result1 bool, result2 error) { + fake.checkRegistryServerMutex.Lock() + defer fake.checkRegistryServerMutex.Unlock() + fake.CheckRegistryServerStub = nil + fake.checkRegistryServerReturns = struct { + result1 bool + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryReconciler) CheckRegistryServerReturnsOnCall(i int, result1 bool, result2 error) { + fake.checkRegistryServerMutex.Lock() + defer fake.checkRegistryServerMutex.Unlock() + fake.CheckRegistryServerStub = nil + if fake.checkRegistryServerReturnsOnCall == nil { + fake.checkRegistryServerReturnsOnCall = make(map[int]struct { + result1 bool + result2 error + }) + } + fake.checkRegistryServerReturnsOnCall[i] = struct { + result1 bool + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryReconciler) EnsureRegistryServer(arg1 *v1alpha1.CatalogSource) error { + fake.ensureRegistryServerMutex.Lock() + ret, specificReturn := fake.ensureRegistryServerReturnsOnCall[len(fake.ensureRegistryServerArgsForCall)] + fake.ensureRegistryServerArgsForCall = append(fake.ensureRegistryServerArgsForCall, struct { + arg1 *v1alpha1.CatalogSource + }{arg1}) + fake.recordInvocation("EnsureRegistryServer", []interface{}{arg1}) + fake.ensureRegistryServerMutex.Unlock() + if fake.EnsureRegistryServerStub != nil { + return fake.EnsureRegistryServerStub(arg1) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.ensureRegistryServerReturns + return fakeReturns.result1 +} + +func (fake *FakeRegistryReconciler) EnsureRegistryServerCallCount() int { + fake.ensureRegistryServerMutex.RLock() + defer fake.ensureRegistryServerMutex.RUnlock() + return len(fake.ensureRegistryServerArgsForCall) +} + +func (fake *FakeRegistryReconciler) EnsureRegistryServerCalls(stub func(*v1alpha1.CatalogSource) error) { + fake.ensureRegistryServerMutex.Lock() + defer fake.ensureRegistryServerMutex.Unlock() + fake.EnsureRegistryServerStub = stub +} + +func (fake *FakeRegistryReconciler) EnsureRegistryServerArgsForCall(i int) *v1alpha1.CatalogSource { + fake.ensureRegistryServerMutex.RLock() + defer fake.ensureRegistryServerMutex.RUnlock() + argsForCall := fake.ensureRegistryServerArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeRegistryReconciler) EnsureRegistryServerReturns(result1 error) { + fake.ensureRegistryServerMutex.Lock() + defer fake.ensureRegistryServerMutex.Unlock() + fake.EnsureRegistryServerStub = nil + fake.ensureRegistryServerReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeRegistryReconciler) EnsureRegistryServerReturnsOnCall(i int, result1 error) { + fake.ensureRegistryServerMutex.Lock() + defer fake.ensureRegistryServerMutex.Unlock() + fake.EnsureRegistryServerStub = nil + if fake.ensureRegistryServerReturnsOnCall == nil { + fake.ensureRegistryServerReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.ensureRegistryServerReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeRegistryReconciler) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.checkRegistryServerMutex.RLock() + defer fake.checkRegistryServerMutex.RUnlock() + fake.ensureRegistryServerMutex.RLock() + defer fake.ensureRegistryServerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeRegistryReconciler) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ reconciler.RegistryReconciler = new(FakeRegistryReconciler) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_reconciler_factory.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_reconciler_factory.go new file mode 100644 index 000000000..1558050f5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_reconciler_factory.go @@ -0,0 +1,111 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/reconciler" +) + +type FakeRegistryReconcilerFactory struct { + ReconcilerForSourceStub func(*v1alpha1.CatalogSource) reconciler.RegistryReconciler + reconcilerForSourceMutex sync.RWMutex + reconcilerForSourceArgsForCall []struct { + arg1 *v1alpha1.CatalogSource + } + reconcilerForSourceReturns struct { + result1 reconciler.RegistryReconciler + } + reconcilerForSourceReturnsOnCall map[int]struct { + result1 reconciler.RegistryReconciler + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeRegistryReconcilerFactory) ReconcilerForSource(arg1 *v1alpha1.CatalogSource) reconciler.RegistryReconciler { + fake.reconcilerForSourceMutex.Lock() + ret, specificReturn := fake.reconcilerForSourceReturnsOnCall[len(fake.reconcilerForSourceArgsForCall)] + fake.reconcilerForSourceArgsForCall = append(fake.reconcilerForSourceArgsForCall, struct { + arg1 *v1alpha1.CatalogSource + }{arg1}) + fake.recordInvocation("ReconcilerForSource", []interface{}{arg1}) + fake.reconcilerForSourceMutex.Unlock() + if fake.ReconcilerForSourceStub != nil { + return fake.ReconcilerForSourceStub(arg1) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.reconcilerForSourceReturns + return fakeReturns.result1 +} + +func (fake *FakeRegistryReconcilerFactory) ReconcilerForSourceCallCount() int { + fake.reconcilerForSourceMutex.RLock() + defer fake.reconcilerForSourceMutex.RUnlock() + return len(fake.reconcilerForSourceArgsForCall) +} + +func (fake *FakeRegistryReconcilerFactory) ReconcilerForSourceCalls(stub func(*v1alpha1.CatalogSource) reconciler.RegistryReconciler) { + fake.reconcilerForSourceMutex.Lock() + defer fake.reconcilerForSourceMutex.Unlock() + fake.ReconcilerForSourceStub = stub +} + +func (fake *FakeRegistryReconcilerFactory) ReconcilerForSourceArgsForCall(i int) *v1alpha1.CatalogSource { + fake.reconcilerForSourceMutex.RLock() + defer fake.reconcilerForSourceMutex.RUnlock() + argsForCall := fake.reconcilerForSourceArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeRegistryReconcilerFactory) ReconcilerForSourceReturns(result1 reconciler.RegistryReconciler) { + fake.reconcilerForSourceMutex.Lock() + defer fake.reconcilerForSourceMutex.Unlock() + fake.ReconcilerForSourceStub = nil + fake.reconcilerForSourceReturns = struct { + result1 reconciler.RegistryReconciler + }{result1} +} + +func (fake *FakeRegistryReconcilerFactory) ReconcilerForSourceReturnsOnCall(i int, result1 reconciler.RegistryReconciler) { + fake.reconcilerForSourceMutex.Lock() + defer fake.reconcilerForSourceMutex.Unlock() + fake.ReconcilerForSourceStub = nil + if fake.reconcilerForSourceReturnsOnCall == nil { + fake.reconcilerForSourceReturnsOnCall = make(map[int]struct { + result1 reconciler.RegistryReconciler + }) + } + fake.reconcilerForSourceReturnsOnCall[i] = struct { + result1 reconciler.RegistryReconciler + }{result1} +} + +func (fake *FakeRegistryReconcilerFactory) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.reconcilerForSourceMutex.RLock() + defer fake.reconcilerForSourceMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeRegistryReconcilerFactory) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ reconciler.RegistryReconcilerFactory = new(FakeRegistryReconcilerFactory) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_resolver.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_resolver.go new file mode 100644 index 000000000..52e00eca2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_resolver.go @@ -0,0 +1,123 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + sync "sync" + + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + resolver "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" +) + +type FakeResolver struct { + ResolveStepsStub func(string, resolver.SourceQuerier) ([]*v1alpha1.Step, []*v1alpha1.Subscription, error) + resolveStepsMutex sync.RWMutex + resolveStepsArgsForCall []struct { + arg1 string + arg2 resolver.SourceQuerier + } + resolveStepsReturns struct { + result1 []*v1alpha1.Step + result2 []*v1alpha1.Subscription + result3 error + } + resolveStepsReturnsOnCall map[int]struct { + result1 []*v1alpha1.Step + result2 []*v1alpha1.Subscription + result3 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeResolver) ResolveSteps(arg1 string, arg2 resolver.SourceQuerier) ([]*v1alpha1.Step, []*v1alpha1.Subscription, error) { + fake.resolveStepsMutex.Lock() + ret, specificReturn := fake.resolveStepsReturnsOnCall[len(fake.resolveStepsArgsForCall)] + fake.resolveStepsArgsForCall = append(fake.resolveStepsArgsForCall, struct { + arg1 string + arg2 resolver.SourceQuerier + }{arg1, arg2}) + fake.recordInvocation("ResolveSteps", []interface{}{arg1, arg2}) + fake.resolveStepsMutex.Unlock() + if fake.ResolveStepsStub != nil { + return fake.ResolveStepsStub(arg1, arg2) + } + if specificReturn { + return ret.result1, ret.result2, ret.result3 + } + fakeReturns := fake.resolveStepsReturns + return fakeReturns.result1, fakeReturns.result2, fakeReturns.result3 +} + +func (fake *FakeResolver) ResolveStepsCallCount() int { + fake.resolveStepsMutex.RLock() + defer fake.resolveStepsMutex.RUnlock() + return len(fake.resolveStepsArgsForCall) +} + +func (fake *FakeResolver) ResolveStepsCalls(stub func(string, resolver.SourceQuerier) ([]*v1alpha1.Step, []*v1alpha1.Subscription, error)) { + fake.resolveStepsMutex.Lock() + defer fake.resolveStepsMutex.Unlock() + fake.ResolveStepsStub = stub +} + +func (fake *FakeResolver) ResolveStepsArgsForCall(i int) (string, resolver.SourceQuerier) { + fake.resolveStepsMutex.RLock() + defer fake.resolveStepsMutex.RUnlock() + argsForCall := fake.resolveStepsArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeResolver) ResolveStepsReturns(result1 []*v1alpha1.Step, result2 []*v1alpha1.Subscription, result3 error) { + fake.resolveStepsMutex.Lock() + defer fake.resolveStepsMutex.Unlock() + fake.ResolveStepsStub = nil + fake.resolveStepsReturns = struct { + result1 []*v1alpha1.Step + result2 []*v1alpha1.Subscription + result3 error + }{result1, result2, result3} +} + +func (fake *FakeResolver) ResolveStepsReturnsOnCall(i int, result1 []*v1alpha1.Step, result2 []*v1alpha1.Subscription, result3 error) { + fake.resolveStepsMutex.Lock() + defer fake.resolveStepsMutex.Unlock() + fake.ResolveStepsStub = nil + if fake.resolveStepsReturnsOnCall == nil { + fake.resolveStepsReturnsOnCall = make(map[int]struct { + result1 []*v1alpha1.Step + result2 []*v1alpha1.Subscription + result3 error + }) + } + fake.resolveStepsReturnsOnCall[i] = struct { + result1 []*v1alpha1.Step + result2 []*v1alpha1.Subscription + result3 error + }{result1, result2, result3} +} + +func (fake *FakeResolver) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.resolveStepsMutex.RLock() + defer fake.resolveStepsMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeResolver) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ resolver.Resolver = new(FakeResolver) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy.go new file mode 100644 index 000000000..e7653a5d0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy.go @@ -0,0 +1,101 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" +) + +type FakeStrategy struct { + GetStrategyNameStub func() string + getStrategyNameMutex sync.RWMutex + getStrategyNameArgsForCall []struct { + } + getStrategyNameReturns struct { + result1 string + } + getStrategyNameReturnsOnCall map[int]struct { + result1 string + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeStrategy) GetStrategyName() string { + fake.getStrategyNameMutex.Lock() + ret, specificReturn := fake.getStrategyNameReturnsOnCall[len(fake.getStrategyNameArgsForCall)] + fake.getStrategyNameArgsForCall = append(fake.getStrategyNameArgsForCall, struct { + }{}) + fake.recordInvocation("GetStrategyName", []interface{}{}) + fake.getStrategyNameMutex.Unlock() + if fake.GetStrategyNameStub != nil { + return fake.GetStrategyNameStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.getStrategyNameReturns + return fakeReturns.result1 +} + +func (fake *FakeStrategy) GetStrategyNameCallCount() int { + fake.getStrategyNameMutex.RLock() + defer fake.getStrategyNameMutex.RUnlock() + return len(fake.getStrategyNameArgsForCall) +} + +func (fake *FakeStrategy) GetStrategyNameCalls(stub func() string) { + fake.getStrategyNameMutex.Lock() + defer fake.getStrategyNameMutex.Unlock() + fake.GetStrategyNameStub = stub +} + +func (fake *FakeStrategy) GetStrategyNameReturns(result1 string) { + fake.getStrategyNameMutex.Lock() + defer fake.getStrategyNameMutex.Unlock() + fake.GetStrategyNameStub = nil + fake.getStrategyNameReturns = struct { + result1 string + }{result1} +} + +func (fake *FakeStrategy) GetStrategyNameReturnsOnCall(i int, result1 string) { + fake.getStrategyNameMutex.Lock() + defer fake.getStrategyNameMutex.Unlock() + fake.GetStrategyNameStub = nil + if fake.getStrategyNameReturnsOnCall == nil { + fake.getStrategyNameReturnsOnCall = make(map[int]struct { + result1 string + }) + } + fake.getStrategyNameReturnsOnCall[i] = struct { + result1 string + }{result1} +} + +func (fake *FakeStrategy) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.getStrategyNameMutex.RLock() + defer fake.getStrategyNameMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeStrategy) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ install.Strategy = new(FakeStrategy) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy_installer.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy_installer.go new file mode 100644 index 000000000..e3e5ab657 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy_installer.go @@ -0,0 +1,188 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" +) + +type FakeStrategyInstaller struct { + CheckInstalledStub func(install.Strategy) (bool, error) + checkInstalledMutex sync.RWMutex + checkInstalledArgsForCall []struct { + arg1 install.Strategy + } + checkInstalledReturns struct { + result1 bool + result2 error + } + checkInstalledReturnsOnCall map[int]struct { + result1 bool + result2 error + } + InstallStub func(install.Strategy) error + installMutex sync.RWMutex + installArgsForCall []struct { + arg1 install.Strategy + } + installReturns struct { + result1 error + } + installReturnsOnCall map[int]struct { + result1 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeStrategyInstaller) CheckInstalled(arg1 install.Strategy) (bool, error) { + fake.checkInstalledMutex.Lock() + ret, specificReturn := fake.checkInstalledReturnsOnCall[len(fake.checkInstalledArgsForCall)] + fake.checkInstalledArgsForCall = append(fake.checkInstalledArgsForCall, struct { + arg1 install.Strategy + }{arg1}) + fake.recordInvocation("CheckInstalled", []interface{}{arg1}) + fake.checkInstalledMutex.Unlock() + if fake.CheckInstalledStub != nil { + return fake.CheckInstalledStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.checkInstalledReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeStrategyInstaller) CheckInstalledCallCount() int { + fake.checkInstalledMutex.RLock() + defer fake.checkInstalledMutex.RUnlock() + return len(fake.checkInstalledArgsForCall) +} + +func (fake *FakeStrategyInstaller) CheckInstalledCalls(stub func(install.Strategy) (bool, error)) { + fake.checkInstalledMutex.Lock() + defer fake.checkInstalledMutex.Unlock() + fake.CheckInstalledStub = stub +} + +func (fake *FakeStrategyInstaller) CheckInstalledArgsForCall(i int) install.Strategy { + fake.checkInstalledMutex.RLock() + defer fake.checkInstalledMutex.RUnlock() + argsForCall := fake.checkInstalledArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeStrategyInstaller) CheckInstalledReturns(result1 bool, result2 error) { + fake.checkInstalledMutex.Lock() + defer fake.checkInstalledMutex.Unlock() + fake.CheckInstalledStub = nil + fake.checkInstalledReturns = struct { + result1 bool + result2 error + }{result1, result2} +} + +func (fake *FakeStrategyInstaller) CheckInstalledReturnsOnCall(i int, result1 bool, result2 error) { + fake.checkInstalledMutex.Lock() + defer fake.checkInstalledMutex.Unlock() + fake.CheckInstalledStub = nil + if fake.checkInstalledReturnsOnCall == nil { + fake.checkInstalledReturnsOnCall = make(map[int]struct { + result1 bool + result2 error + }) + } + fake.checkInstalledReturnsOnCall[i] = struct { + result1 bool + result2 error + }{result1, result2} +} + +func (fake *FakeStrategyInstaller) Install(arg1 install.Strategy) error { + fake.installMutex.Lock() + ret, specificReturn := fake.installReturnsOnCall[len(fake.installArgsForCall)] + fake.installArgsForCall = append(fake.installArgsForCall, struct { + arg1 install.Strategy + }{arg1}) + fake.recordInvocation("Install", []interface{}{arg1}) + fake.installMutex.Unlock() + if fake.InstallStub != nil { + return fake.InstallStub(arg1) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.installReturns + return fakeReturns.result1 +} + +func (fake *FakeStrategyInstaller) InstallCallCount() int { + fake.installMutex.RLock() + defer fake.installMutex.RUnlock() + return len(fake.installArgsForCall) +} + +func (fake *FakeStrategyInstaller) InstallCalls(stub func(install.Strategy) error) { + fake.installMutex.Lock() + defer fake.installMutex.Unlock() + fake.InstallStub = stub +} + +func (fake *FakeStrategyInstaller) InstallArgsForCall(i int) install.Strategy { + fake.installMutex.RLock() + defer fake.installMutex.RUnlock() + argsForCall := fake.installArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeStrategyInstaller) InstallReturns(result1 error) { + fake.installMutex.Lock() + defer fake.installMutex.Unlock() + fake.InstallStub = nil + fake.installReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeStrategyInstaller) InstallReturnsOnCall(i int, result1 error) { + fake.installMutex.Lock() + defer fake.installMutex.Unlock() + fake.InstallStub = nil + if fake.installReturnsOnCall == nil { + fake.installReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.installReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeStrategyInstaller) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.checkInstalledMutex.RLock() + defer fake.checkInstalledMutex.RUnlock() + fake.installMutex.RLock() + defer fake.installMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeStrategyInstaller) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ install.StrategyInstaller = new(FakeStrategyInstaller) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy_resolver.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy_resolver.go new file mode 100644 index 000000000..1315e2adb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/fakes/fake_strategy_resolver.go @@ -0,0 +1,202 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +type FakeStrategyResolverInterface struct { + InstallerForStrategyStub func(string, operatorclient.ClientInterface, operatorlister.OperatorLister, ownerutil.Owner, map[string]string, install.Strategy) install.StrategyInstaller + installerForStrategyMutex sync.RWMutex + installerForStrategyArgsForCall []struct { + arg1 string + arg2 operatorclient.ClientInterface + arg3 operatorlister.OperatorLister + arg4 ownerutil.Owner + arg5 map[string]string + arg6 install.Strategy + } + installerForStrategyReturns struct { + result1 install.StrategyInstaller + } + installerForStrategyReturnsOnCall map[int]struct { + result1 install.StrategyInstaller + } + UnmarshalStrategyStub func(v1alpha1.NamedInstallStrategy) (install.Strategy, error) + unmarshalStrategyMutex sync.RWMutex + unmarshalStrategyArgsForCall []struct { + arg1 v1alpha1.NamedInstallStrategy + } + unmarshalStrategyReturns struct { + result1 install.Strategy + result2 error + } + unmarshalStrategyReturnsOnCall map[int]struct { + result1 install.Strategy + result2 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeStrategyResolverInterface) InstallerForStrategy(arg1 string, arg2 operatorclient.ClientInterface, arg3 operatorlister.OperatorLister, arg4 ownerutil.Owner, arg5 map[string]string, arg6 install.Strategy) install.StrategyInstaller { + fake.installerForStrategyMutex.Lock() + ret, specificReturn := fake.installerForStrategyReturnsOnCall[len(fake.installerForStrategyArgsForCall)] + fake.installerForStrategyArgsForCall = append(fake.installerForStrategyArgsForCall, struct { + arg1 string + arg2 operatorclient.ClientInterface + arg3 operatorlister.OperatorLister + arg4 ownerutil.Owner + arg5 map[string]string + arg6 install.Strategy + }{arg1, arg2, arg3, arg4, arg5, arg6}) + fake.recordInvocation("InstallerForStrategy", []interface{}{arg1, arg2, arg3, arg4, arg5, arg6}) + fake.installerForStrategyMutex.Unlock() + if fake.InstallerForStrategyStub != nil { + return fake.InstallerForStrategyStub(arg1, arg2, arg3, arg4, arg5, arg6) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.installerForStrategyReturns + return fakeReturns.result1 +} + +func (fake *FakeStrategyResolverInterface) InstallerForStrategyCallCount() int { + fake.installerForStrategyMutex.RLock() + defer fake.installerForStrategyMutex.RUnlock() + return len(fake.installerForStrategyArgsForCall) +} + +func (fake *FakeStrategyResolverInterface) InstallerForStrategyCalls(stub func(string, operatorclient.ClientInterface, operatorlister.OperatorLister, ownerutil.Owner, map[string]string, install.Strategy) install.StrategyInstaller) { + fake.installerForStrategyMutex.Lock() + defer fake.installerForStrategyMutex.Unlock() + fake.InstallerForStrategyStub = stub +} + +func (fake *FakeStrategyResolverInterface) InstallerForStrategyArgsForCall(i int) (string, operatorclient.ClientInterface, operatorlister.OperatorLister, ownerutil.Owner, map[string]string, install.Strategy) { + fake.installerForStrategyMutex.RLock() + defer fake.installerForStrategyMutex.RUnlock() + argsForCall := fake.installerForStrategyArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5, argsForCall.arg6 +} + +func (fake *FakeStrategyResolverInterface) InstallerForStrategyReturns(result1 install.StrategyInstaller) { + fake.installerForStrategyMutex.Lock() + defer fake.installerForStrategyMutex.Unlock() + fake.InstallerForStrategyStub = nil + fake.installerForStrategyReturns = struct { + result1 install.StrategyInstaller + }{result1} +} + +func (fake *FakeStrategyResolverInterface) InstallerForStrategyReturnsOnCall(i int, result1 install.StrategyInstaller) { + fake.installerForStrategyMutex.Lock() + defer fake.installerForStrategyMutex.Unlock() + fake.InstallerForStrategyStub = nil + if fake.installerForStrategyReturnsOnCall == nil { + fake.installerForStrategyReturnsOnCall = make(map[int]struct { + result1 install.StrategyInstaller + }) + } + fake.installerForStrategyReturnsOnCall[i] = struct { + result1 install.StrategyInstaller + }{result1} +} + +func (fake *FakeStrategyResolverInterface) UnmarshalStrategy(arg1 v1alpha1.NamedInstallStrategy) (install.Strategy, error) { + fake.unmarshalStrategyMutex.Lock() + ret, specificReturn := fake.unmarshalStrategyReturnsOnCall[len(fake.unmarshalStrategyArgsForCall)] + fake.unmarshalStrategyArgsForCall = append(fake.unmarshalStrategyArgsForCall, struct { + arg1 v1alpha1.NamedInstallStrategy + }{arg1}) + fake.recordInvocation("UnmarshalStrategy", []interface{}{arg1}) + fake.unmarshalStrategyMutex.Unlock() + if fake.UnmarshalStrategyStub != nil { + return fake.UnmarshalStrategyStub(arg1) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.unmarshalStrategyReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeStrategyResolverInterface) UnmarshalStrategyCallCount() int { + fake.unmarshalStrategyMutex.RLock() + defer fake.unmarshalStrategyMutex.RUnlock() + return len(fake.unmarshalStrategyArgsForCall) +} + +func (fake *FakeStrategyResolverInterface) UnmarshalStrategyCalls(stub func(v1alpha1.NamedInstallStrategy) (install.Strategy, error)) { + fake.unmarshalStrategyMutex.Lock() + defer fake.unmarshalStrategyMutex.Unlock() + fake.UnmarshalStrategyStub = stub +} + +func (fake *FakeStrategyResolverInterface) UnmarshalStrategyArgsForCall(i int) v1alpha1.NamedInstallStrategy { + fake.unmarshalStrategyMutex.RLock() + defer fake.unmarshalStrategyMutex.RUnlock() + argsForCall := fake.unmarshalStrategyArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeStrategyResolverInterface) UnmarshalStrategyReturns(result1 install.Strategy, result2 error) { + fake.unmarshalStrategyMutex.Lock() + defer fake.unmarshalStrategyMutex.Unlock() + fake.UnmarshalStrategyStub = nil + fake.unmarshalStrategyReturns = struct { + result1 install.Strategy + result2 error + }{result1, result2} +} + +func (fake *FakeStrategyResolverInterface) UnmarshalStrategyReturnsOnCall(i int, result1 install.Strategy, result2 error) { + fake.unmarshalStrategyMutex.Lock() + defer fake.unmarshalStrategyMutex.Unlock() + fake.UnmarshalStrategyStub = nil + if fake.unmarshalStrategyReturnsOnCall == nil { + fake.unmarshalStrategyReturnsOnCall = make(map[int]struct { + result1 install.Strategy + result2 error + }) + } + fake.unmarshalStrategyReturnsOnCall[i] = struct { + result1 install.Strategy + result2 error + }{result1, result2} +} + +func (fake *FakeStrategyResolverInterface) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.installerForStrategyMutex.RLock() + defer fake.installerForStrategyMutex.RUnlock() + fake.unmarshalStrategyMutex.RLock() + defer fake.unmarshalStrategyMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeStrategyResolverInterface) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ install.StrategyResolverInterface = new(FakeStrategyResolverInterface) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/client_options.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/client_options.go new file mode 100644 index 000000000..5f1b9ede9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/client_options.go @@ -0,0 +1,53 @@ +package clientfake + +import ( + "testing" + + "k8s.io/apimachinery/pkg/api/meta" + "k8s.io/apimachinery/pkg/runtime" + clitesting "k8s.io/client-go/testing" +) + +// Option configures a ClientsetDecorator +type Option func(ClientsetDecorator) + +// WithSelfLinks returns a fakeClientOption that configures a ClientsetDecorator to write selfLinks to all OLM types on create. +func WithSelfLinks(t *testing.T) Option { + return func(c ClientsetDecorator) { + c.PrependReactor("create", "*", func(a clitesting.Action) (bool, runtime.Object, error) { + ca, ok := a.(clitesting.CreateAction) + if !ok { + t.Fatalf("expected CreateAction") + } + + obj := ca.GetObject() + accessor, err := meta.Accessor(obj) + if err != nil { + return false, nil, err + } + if accessor.GetSelfLink() != "" { + // SelfLink is already set + return false, nil, nil + } + + gvr := ca.GetResource() + accessor.SetSelfLink(BuildSelfLink(gvr.GroupVersion().String(), gvr.Resource, accessor.GetNamespace(), accessor.GetName())) + + return false, obj, nil + }) + } +} + +// WithNameGeneration returns a fakeK8sClientOption that configures a Clientset to write generated names to all types on create. +func WithNameGeneration(t *testing.T) Option { + return func(c ClientsetDecorator) { + c.PrependReactor("create", "*", func(a clitesting.Action) (bool, runtime.Object, error) { + ca, ok := a.(clitesting.CreateAction) + if !ok { + t.Fatalf("expected CreateAction") + } + + return false, AddSimpleGeneratedName(ca.GetObject()), nil + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/decorator.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/decorator.go new file mode 100644 index 000000000..d0b4a6e32 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/decorator.go @@ -0,0 +1,72 @@ +package clientfake + +import ( + "k8s.io/apimachinery/pkg/runtime" + fake "k8s.io/client-go/kubernetes/fake" + "k8s.io/client-go/testing" +) + +// This is used to prepend reactors to the k8s fake client. should be removed when client go is updated. +// TODO: see if we can merge the OLM ClientsetDecorator and this one. + +// ClientsetDecorator defines decorator methods for a Clientset. +type ClientsetDecorator interface { + // PrependReactor adds a reactor to the beginning of the chain. + PrependReactor(verb, resource string, reaction testing.ReactionFunc) +} + +// ReactionForwardingClientsetDecorator wraps a Clientset and "forwards" Action object mutations +// from all successful non-handling Reactors along the chain to the first handling Reactor. This is +// is a stopgap until we can upgrade to client-go v11.0, where the behavior is the default +// (see https://github.com/kubernetes/client-go/blob/6ee68ca5fd8355d024d02f9db0b3b667e8357a0f/testing/fake.go#L130). +type ReactionForwardingClientsetDecorator struct { + fake.Clientset + ReactionChain []testing.Reactor // shadow embedded ReactionChain + actions []testing.Action // these may be castable to other types, but "Action" is the minimum +} + +// NewReactionForwardingClientsetDecorator returns the ReactionForwardingClientsetDecorator wrapped Clientset result +// of calling NewSimpleClientset with the given objects. +func NewReactionForwardingClientsetDecorator(objects []runtime.Object, options ...Option) *ReactionForwardingClientsetDecorator { + decorator := &ReactionForwardingClientsetDecorator{ + Clientset: *fake.NewSimpleClientset(objects...), + } + + // Swap out the embedded ReactionChain with a Reactor that reduces over the decorator's ReactionChain. + decorator.ReactionChain = decorator.Clientset.ReactionChain + decorator.Clientset.ReactionChain = []testing.Reactor{&testing.SimpleReactor{"*", "*", decorator.reduceReactions}} + + // Apply options + for _, option := range options { + option(decorator) + } + + return decorator +} + +// reduceReactions reduces over all reactions in the chain while "forwarding" Action object mutations +// from all successful non-handling Reactors along the chain to the first handling Reactor. +func (c *ReactionForwardingClientsetDecorator) reduceReactions(action testing.Action) (handled bool, ret runtime.Object, err error) { + // The embedded Client set is already locked, so there's no need to lock again + actionCopy := action.DeepCopy() + c.actions = append(c.actions, action.DeepCopy()) + for _, reactor := range c.ReactionChain { + if !reactor.Handles(actionCopy) { + continue + } + + handled, ret, err = reactor.React(actionCopy) + if !handled { + continue + } + + return + } + + return +} + +// PrependReactor adds a reactor to the beginning of the chain. +func (c *ReactionForwardingClientsetDecorator) PrependReactor(verb, resource string, reaction testing.ReactionFunc) { + c.ReactionChain = append([]testing.Reactor{&testing.SimpleReactor{verb, resource, reaction}}, c.ReactionChain...) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/meta.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/meta.go new file mode 100644 index 000000000..2a218ec9b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/clientfake/meta.go @@ -0,0 +1,45 @@ +package clientfake + +import ( + "fmt" + + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/storage/names" +) + +// BuildSelfLink returns a selflink for the given group version, plural, namespace, and name. +func BuildSelfLink(groupVersion, plural, namespace, name string) string { + if namespace == metav1.NamespaceAll { + return fmt.Sprintf("/apis/%s/%s/%s", groupVersion, plural, name) + } + return fmt.Sprintf("/apis/%s/namespaces/%s/%s/%s", groupVersion, namespace, plural, name) +} + +// AddSimpleGeneratedName returns the given object with a simple generated name added to its metadata. +// If a name already exists, there is no GenerateName field set, or there is an issue accessing the object's metadata +// the object is returned unmodified. +func AddSimpleGeneratedName(obj runtime.Object) runtime.Object { + accessor, err := meta.Accessor(obj) + if err != nil { + return obj + } + if accessor.GetName() == "" && accessor.GetGenerateName() != "" { + // TODO: for tests, it would be nice to be able to retrieve this name later + accessor.SetName(names.SimpleNameGenerator.GenerateName(accessor.GetGenerateName())) + } + + return obj +} + +// AddSimpleGeneratedNames returns the list objects with simple generated names added to their metadata. +// If a name already exists, there is no GenerateName field set, or there is an issue accessing the object's metadata +// the object is returned unmodified. +func AddSimpleGeneratedNames(objs ...runtime.Object) []runtime.Object { + for i, obj := range objs { + objs[i] = AddSimpleGeneratedName(obj) + } + + return objs +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison/equal.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison/equal.go new file mode 100644 index 000000000..bccbaaa8a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison/equal.go @@ -0,0 +1,42 @@ +package comparison + +import ( + // "fmt" + + "github.com/mitchellh/hashstructure" +) + +// Equalitor describes an algorithm for equivalence between two data structures. +type Equalitor interface { + Equal(a, b interface{}) bool +} + +// EqualFunc is a function that implements Equalitor. +type EqualFunc func(a, b interface{}) bool + +// Equal allows an EqualFunc to implement Equalitor. +func (e EqualFunc) Equal(a, b interface{}) bool { + return e(a, b) +} + +// NewHashEqualitor returns an EqualFunc that returns true if the hashes of the given +// arguments are equal, false otherwise. +// +// This function panics if an error is encountered generating a hash for either argument. +func NewHashEqualitor() EqualFunc { + return func(a, b interface{}) bool { + hashA, err := hashstructure.Hash(a, nil) + if err != nil { + panic(err.Error()) + } + + hashB, err := hashstructure.Hash(b, nil) + if err != nil { + panic(err.Error()) + } + + // fmt.Printf("hashA: %d, hashB: %d\n", hashA, hashB) + + return hashA == hashB + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison/equal_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison/equal_test.go new file mode 100644 index 000000000..641ad653b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison/equal_test.go @@ -0,0 +1,371 @@ +package comparison + +import ( + "testing" + + "github.com/stretchr/testify/require" +) + +type equalitorArgs struct { + a interface{} + b interface{} +} +type equalitorWants struct { + equal bool +} +type equalitorTest struct { + description string + args equalitorArgs + wants equalitorWants +} + +var ( + standardSuite = []equalitorTest{ + { + description: "EmptyStructs/True", + args: equalitorArgs{ + a: struct{}{}, + b: struct{}{}, + }, + wants: equalitorWants{ + equal: true, + }, + }, + { + description: "Structs/Exported/True", + args: equalitorArgs{ + a: struct { + Animal string + }{ + Animal: "hippo", + }, + b: struct { + Animal string + }{ + Animal: "hippo", + }, + }, + wants: equalitorWants{ + equal: true, + }, + }, + { + description: "Structs/Exported/False", + args: equalitorArgs{ + a: struct { + Animal string + }{ + Animal: "hippo", + }, + b: struct { + Animal string + }{ + Animal: "meerkat", + }, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Slices/Strings/Empty/True", + args: equalitorArgs{ + a: []string{}, + b: []string{}, + }, + wants: equalitorWants{ + equal: true, + }, + }, + { + description: "Slices/Strings/Sequence/True", + args: equalitorArgs{ + a: []string{"hippo", "meerkat"}, + b: []string{"hippo", "meerkat"}, + }, + wants: equalitorWants{ + equal: true, + }, + }, + { + description: "Slices/Strings/Sequence/False", + args: equalitorArgs{ + a: []string{"hippo", "meerkat"}, + b: []string{"meerkat", "hippo"}, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Slices/Strings/Sequence/LengthChange/False", + args: equalitorArgs{ + a: []string{"hippo", "meerkat"}, + b: []string{"hippo", "meerkat", "otter"}, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Slices/Structs/Exported/Sequence/True", + args: equalitorArgs{ + a: []struct { + Animal string + }{ + {Animal: "hippo"}, + {Animal: "meerkat"}, + }, + b: []struct { + Animal string + }{ + {Animal: "hippo"}, + {Animal: "meerkat"}, + }, + }, + wants: equalitorWants{ + equal: true, + }, + }, + { + description: "Slices/Structs/Exported/Sequence/False", + args: equalitorArgs{ + a: []struct { + Animal string + }{ + {Animal: "hippo"}, + {Animal: "meerkat"}, + }, + b: []struct { + Animal string + }{ + {Animal: "meerkat"}, + {Animal: "hippo"}, + }, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Slices/Structs/Exported/Sequence/LengthChange/False", + args: equalitorArgs{ + a: []struct { + Animal string + }{ + {Animal: "hippo"}, + {Animal: "meerkat"}, + }, + b: []struct { + Animal string + }{ + {Animal: "hippo"}, + {Animal: "meerkat"}, + {Animal: "otter"}, + }, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Slice/Structs/Strings/MismatchedTypes/False", + args: equalitorArgs{ + a: []struct { + Animal string + }{ + {Animal: "hippo"}, + {Animal: "meerkat"}, + }, + b: []string{"hippo", "meerkat"}, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Struct/int/MismatchedTypes/False", + args: equalitorArgs{ + a: struct { + Animal string + }{ + Animal: "hippo", + }, + b: 5, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Struct/nil/MismatchedTypes/False", + args: equalitorArgs{ + a: struct { + Animal string + }{ + Animal: "hippo", + }, + b: nil, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Map/Strings/True", + args: equalitorArgs{ + a: map[string]int{ + "hippo": 64, + "meerkat": 32, + }, + b: map[string]int{ + "hippo": 64, + "meerkat": 32, + }, + }, + wants: equalitorWants{ + equal: true, + }, + }, + { + description: "Map/Strings/Set/True", + args: equalitorArgs{ + a: map[string]int{ + "hippo": 64, + "meerkat": 32, + }, + b: map[string]int{ + "meerkat": 32, + "hippo": 64, + }, + }, + wants: equalitorWants{ + equal: true, + }, + }, + } +) + +func RunEqualitorSuite(equalitor Equalitor, suite []equalitorTest, t *testing.T) { + for _, tt := range suite { + t.Run(tt.description, func(t *testing.T) { + // Check equality and ensure symetry + require.Equal(t, tt.wants.equal, equalitor.Equal(tt.args.a, tt.args.b)) + require.Equal(t, tt.wants.equal, equalitor.Equal(tt.args.b, tt.args.a)) + }) + } +} + +func TestNewHashEqualitor(t *testing.T) { + // Run the standard test suite + equalitor := NewHashEqualitor() + RunEqualitorSuite(equalitor, standardSuite, t) + + // Run custom tests for the specific Equalitor + type Animal struct { + Name string + } + suite := []equalitorTest{ + { + description: "Structs/Slices/NoSetTag/False", + args: equalitorArgs{ + a: struct { + Animals []Animal + }{ + Animals: []Animal{ + {Name: "hippo"}, + {Name: "meerkat"}, + }, + }, + b: struct { + Animals []Animal + }{ + Animals: []Animal{ + {Name: "meerkat"}, + {Name: "hippo"}, + }, + }, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Structs/Slices/SetTag/True", + args: equalitorArgs{ + a: struct { + Animals []Animal `hash:"set"` + }{ + Animals: []Animal{ + {Name: "hippo"}, + {Name: "meerkat"}, + }, + }, + b: struct { + Animals []Animal `hash:"set"` + }{ + Animals: []Animal{ + {Name: "meerkat"}, + {Name: "hippo"}, + }, + }, + }, + wants: equalitorWants{ + equal: true, + }, + }, + { + description: "Structs/Field/Changed/NoIgnoreTag/False", + args: equalitorArgs{ + a: struct { + Animal + Age int + }{ + Animal: Animal{ + Name: "hippo", + }, + Age: 27, + }, + b: struct { + Animal + Age int + }{ + Animal: Animal{ + Name: "hippo", + }, + Age: 28, + }, + }, + wants: equalitorWants{ + equal: false, + }, + }, + { + description: "Structs/Field/Changed/IgnoreTag/True", + args: equalitorArgs{ + a: struct { + Animal + Age int `hash:"ignore"` + }{ + Animal: Animal{ + Name: "hippo", + }, + Age: 27, + }, + b: struct { + Animal + Age int `hash:"ignore"` + }{ + Animal: Animal{ + Name: "hippo", + }, + Age: 28, + }, + }, + wants: equalitorWants{ + equal: true, + }, + }, + } + RunEqualitorSuite(equalitor, suite, t) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/csvset.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/csvset.go new file mode 100644 index 000000000..4a1b7353e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/csvset.go @@ -0,0 +1,62 @@ +package csv + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "github.com/sirupsen/logrus" + "k8s.io/apimachinery/pkg/labels" +) + +// NewSetGenerator returns a new instance of SetGenerator. +func NewSetGenerator(logger *logrus.Logger, lister operatorlister.OperatorLister) SetGenerator { + return &csvSet{ + logger: logger, + lister: lister, + } +} + +// SetGenerator is an interface that returns a map of ClusterServiceVersion +// objects that match a certain set of criteria. +// +// SetGenerator gathers all CSV(s) in the given namespace into a map keyed by +// CSV name; if metav1.NamespaceAll gets the set across all namespaces +type SetGenerator interface { + WithNamespace(namespace string, phase v1alpha1.ClusterServiceVersionPhase) map[string]*v1alpha1.ClusterServiceVersion + WithNamespaceAndLabels(namespace string, phase v1alpha1.ClusterServiceVersionPhase, selector labels.Selector) map[string]*v1alpha1.ClusterServiceVersion +} + +type csvSet struct { + lister operatorlister.OperatorLister + logger *logrus.Logger +} + +// WithNamespace returns all ClusterServiceVersion resource(s) that matches the +// specified phase from a given namespace. +func (s *csvSet) WithNamespace(namespace string, phase v1alpha1.ClusterServiceVersionPhase) map[string]*v1alpha1.ClusterServiceVersion { + return s.with(namespace, phase, labels.Everything()) +} + +// WithNamespaceAndLabels returns all ClusterServiceVersion resource(s) that +// matches the specified phase and label selector from a given namespace. +func (s *csvSet) WithNamespaceAndLabels(namespace string, phase v1alpha1.ClusterServiceVersionPhase, selector labels.Selector) map[string]*v1alpha1.ClusterServiceVersion { + return s.with(namespace, phase, selector) +} + +func (s *csvSet) with(namespace string, phase v1alpha1.ClusterServiceVersionPhase, selector labels.Selector) map[string]*v1alpha1.ClusterServiceVersion { + csvsInNamespace, err := s.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(namespace).List(selector) + + if err != nil { + s.logger.Warnf("could not list CSVs while constructing CSV set") + return nil + } + + csvs := make(map[string]*v1alpha1.ClusterServiceVersion, len(csvsInNamespace)) + for _, csv := range csvsInNamespace { + if phase != v1alpha1.CSVPhaseAny && csv.Status.Phase != phase { + continue + } + csvs[csv.Name] = csv.DeepCopy() + } + + return csvs +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/notification.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/notification.go new file mode 100644 index 000000000..ae980e3bc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/notification.go @@ -0,0 +1,17 @@ +package csv + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" +) + +// WatchNotification is an sink interface that can be used to get notification +// of CSV reconciliation request(s) received by the operator. +type WatchNotification interface { + // OnAddOrUpdate is invoked when a add or update reconciliation request has + // been received by the operator. + OnAddOrUpdate(in *v1alpha1.ClusterServiceVersion) + + // OnDelete is invoked when a delete reconciliation request has + // been received by the operator. + OnDelete(in *v1alpha1.ClusterServiceVersion) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/replace_finder.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/replace_finder.go new file mode 100644 index 000000000..8078e0ce1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv/replace_finder.go @@ -0,0 +1,90 @@ +package csv + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/sirupsen/logrus" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// NewReplaceFinder returns an instance of ReplaceFinder +func NewReplaceFinder(logger *logrus.Logger, client versioned.Interface) ReplaceFinder { + return &replace{ + logger: logger, + client: client, + } +} + +// ReplaceFinder is an interface that finds the next or previous +// ClusterServiceVersion object in the upgrade path for a given CSV. +type ReplaceFinder interface { + IsBeingReplaced(in *v1alpha1.ClusterServiceVersion, csvsInNamespace map[string]*v1alpha1.ClusterServiceVersion) (replacedBy *v1alpha1.ClusterServiceVersion) + IsReplacing(in *v1alpha1.ClusterServiceVersion) *v1alpha1.ClusterServiceVersion + GetFinalCSVInReplacing(in *v1alpha1.ClusterServiceVersion, csvsInNamespace map[string]*v1alpha1.ClusterServiceVersion) (replacedBy *v1alpha1.ClusterServiceVersion) +} + +type replace struct { + logger *logrus.Logger + client versioned.Interface +} + +// IsBeingReplaced returns the corresponding ClusterServiceVersion object that +// is replacing the given CSV specified. +// +// If the corresponding ClusterServiceVersion is not found nil is returned. +func (r *replace) IsBeingReplaced(in *v1alpha1.ClusterServiceVersion, csvsInNamespace map[string]*v1alpha1.ClusterServiceVersion) (replacedBy *v1alpha1.ClusterServiceVersion) { + for _, csv := range csvsInNamespace { + if csv.IsCopied() { + continue + } + + r.logger.Infof("checking %s", csv.GetName()) + + if csv.Spec.Replaces == in.GetName() { + r.logger.Infof("%s replaced by %s", in.GetName(), csv.GetName()) + replacedBy = csv + return + } + } + + return +} + +// IsReplacing returns the corresponding ClusterServiceVersion object that the +// given CSV specified replaces. +// +// If the corresponding ClusterServiceVersion is not found nil is returned. +func (r *replace) IsReplacing(in *v1alpha1.ClusterServiceVersion) *v1alpha1.ClusterServiceVersion { + r.logger.Debugf("checking if csv is replacing an older version") + if in.Spec.Replaces == "" { + return nil + } + + // using the client instead of a lister; missing an object because of a cache sync can cause upgrades to fail + previous, err := r.client.OperatorsV1alpha1().ClusterServiceVersions(in.GetNamespace()).Get(in.Spec.Replaces, metav1.GetOptions{}) + if err != nil { + r.logger.WithField("replacing", in.Spec.Replaces).WithError(err).Debugf("unable to get previous csv") + return nil + } + + return previous +} + +// GetFinalCSVInReplacing returns the most recent ClustererviceVersion that is +// in the replace chain. +// +// If the corresponding ClusterServiceVersion is not found nil is returned. +func (r *replace) GetFinalCSVInReplacing(in *v1alpha1.ClusterServiceVersion, csvsInNamespace map[string]*v1alpha1.ClusterServiceVersion) (replacedBy *v1alpha1.ClusterServiceVersion) { + current := in + for { + next := r.IsBeingReplaced(current, csvsInNamespace) + if next == nil { + break + } + + replacedBy = next + current = next + } + + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/event/event.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/event/event.go new file mode 100644 index 000000000..79f73a0d9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/event/event.go @@ -0,0 +1,23 @@ +package event + +import ( + "github.com/golang/glog" + v1 "k8s.io/api/core/v1" + typedcorev1 "k8s.io/client-go/kubernetes/typed/core/v1" + "k8s.io/client-go/tools/record" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/scheme" +) + +const component string = "operator-lifecycle-manager" + +// NewRecorder returns an EventRecorder type that can be +// used to post Events to different object's lifecycles. +func NewRecorder(event typedcorev1.EventInterface) (record.EventRecorder, error) { + eventBroadcaster := record.NewBroadcaster() + eventBroadcaster.StartLogging(glog.Infof) + eventBroadcaster.StartRecordingToSink(&typedcorev1.EventSinkImpl{Interface: event}) + recorder := eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: component}) + + return recorder, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index/api.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index/api.go new file mode 100644 index 000000000..1213766f1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index/api.go @@ -0,0 +1,67 @@ +package indexer + +import ( + "fmt" + "strings" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + v1beta1ext "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + "k8s.io/client-go/tools/cache" +) + +const ( + // ProvidedAPIsIndexFuncKey is the recommended key to use for registering the index func with an indexer. + ProvidedAPIsIndexFuncKey string = "providedAPIs" +) + +// ProvidedAPIsIndexFunc returns indicies from the owned CRDs and APIs of the given object (CSV) +func ProvidedAPIsIndexFunc(obj interface{}) ([]string, error) { + indicies := []string{} + + csv, ok := obj.(*v1alpha1.ClusterServiceVersion) + if !ok { + return indicies, fmt.Errorf("invalid object of type: %T", obj) + } + + for _, crd := range csv.Spec.CustomResourceDefinitions.Owned { + parts := strings.SplitN(crd.Name, ".", 2) + if len(parts) < 2 { + return indicies, fmt.Errorf("couldn't parse plural.group from crd name: %s", crd.Name) + } + indicies = append(indicies, fmt.Sprintf("%s/%s/%s", parts[1], crd.Version, crd.Kind)) + } + for _, api := range csv.Spec.APIServiceDefinitions.Owned { + indicies = append(indicies, fmt.Sprintf("%s/%s/%s", api.Group, api.Version, api.Kind)) + } + + return indicies, nil +} + +// CRDProviderNames returns the names of CSVs that own the given CRD +func CRDProviderNames(indexers map[string]cache.Indexer, crd v1beta1ext.CustomResourceDefinition) (map[string]struct{}, error) { + csvSet := map[string]struct{}{} + crdSpec := map[string]struct{}{} + for _, v := range crd.Spec.Versions { + crdSpec[fmt.Sprintf("%s/%s/%s", crd.Spec.Group, v.Name, crd.Spec.Names.Kind)] = struct{}{} + } + if crd.Spec.Version != "" { + crdSpec[fmt.Sprintf("%s/%s/%s", crd.Spec.Group, crd.Spec.Version, crd.Spec.Names.Kind)] = struct{}{} + } + for _, indexer := range indexers { + for key := range crdSpec { + csvs, err := indexer.ByIndex(ProvidedAPIsIndexFuncKey, key) + if err != nil { + return nil, err + } + for _, item := range csvs { + csv, ok := item.(*v1alpha1.ClusterServiceVersion) + if !ok { + continue + } + // Add to set + csvSet[csv.GetName()] = struct{}{} + } + } + } + return csvSet, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index/label.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index/label.go new file mode 100644 index 000000000..52ccd29be --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/index/label.go @@ -0,0 +1,60 @@ +package indexer + +import ( + "fmt" + + "k8s.io/apimachinery/pkg/api/meta" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +const ( + // MetaLabelIndexFuncKey is the recommended key to use for registering the index func with an indexer. + MetaLabelIndexFuncKey string = "metalabelindexfunc" +) + +// MetaLabelIndexFunc returns indicies from the labels of the given object. +func MetaLabelIndexFunc(obj interface{}) ([]string, error) { + indicies := []string{} + m, err := meta.Accessor(obj) + if err != nil { + return indicies, fmt.Errorf("object has no meta: %v", err) + } + + for k, v := range m.GetLabels() { + indicies = append(indicies, fmt.Sprintf("%s=%s", k, v)) + } + + return indicies, nil +} + +// LabelIndexKeys returns the union of indexed cache keys in the given indexers matching the same labels as the given selector +func LabelIndexKeys(indexers map[string]cache.Indexer, labelSets ...labels.Set) ([]string, error) { + keySet := map[string]struct{}{} + keys := []string{} + for _, indexer := range indexers { + for _, labelSet := range labelSets { + for key, value := range labelSet { + apiLabelKey := fmt.Sprintf("%s=%s", key, value) + cacheKeys, err := indexer.IndexKeys(MetaLabelIndexFuncKey, apiLabelKey) + if err != nil { + return nil, err + } + + for _, cacheKey := range cacheKeys { + // Detect duplication + if _, ok := keySet[cacheKey]; ok { + continue + } + + // Add to set + keySet[cacheKey] = struct{}{} + keys = append(keys, cacheKey) + } + + } + } + } + + return keys, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate/kubestate.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate/kubestate.go new file mode 100644 index 000000000..3f656069d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate/kubestate.go @@ -0,0 +1,190 @@ +package kubestate + +import ( + "context" +) + +type State interface { + isState() + + Terminal() bool + // Add() AddedState + // Update() UpdatedState + // Delete() DeletedState +} + +type ExistsState interface { + State + + isExistsState() +} + +type AddedState interface { + ExistsState + + isAddedState() +} + +type UpdatedState interface { + ExistsState + + isUpdatedState() +} + +type DoesNotExistState interface { + State + + isDoesNotExistState() +} + +type DeletedState interface { + DoesNotExistState + + isDeletedState() +} + +type state struct{} + +func (s state) isState() {} + +func (s state) Terminal() bool { + // Not terminal by default + return false +} + +func (s state) Add() AddedState { + return &addedState{ + ExistsState: &existsState{ + State: s, + }, + } +} + +func (s state) Update() UpdatedState { + return &updatedState{ + ExistsState: &existsState{ + State: s, + }, + } +} + +func (s state) Delete() DeletedState { + return &deletedState{ + DoesNotExistState: &doesNotExistState{ + State: s, + }, + } +} + +func NewState() State { + return &state{} +} + +type existsState struct { + State +} + +func (e existsState) isExistsState() {} + +type addedState struct { + ExistsState +} + +func (a addedState) isAddedState() {} + +type updatedState struct { + ExistsState +} + +func (u updatedState) isUpdatedState() {} + +type doesNotExistState struct { + State +} + +func (d doesNotExistState) isDoesNotExistState() {} + +type deletedState struct { + DoesNotExistState +} + +func (d deletedState) isDeletedState() {} + +type Reconciler interface { + Reconcile(ctx context.Context, in State) (out State, err error) +} + +type ReconcilerFunc func(ctx context.Context, in State) (out State, err error) + +func (r ReconcilerFunc) Reconcile(ctx context.Context, in State) (out State, err error) { + return r(ctx, in) +} + +type ReconcilerChain []Reconciler + +func (r ReconcilerChain) Reconcile(ctx context.Context, in State) (out State, err error) { + out = in + for _, rec := range r { + if out, err = rec.Reconcile(ctx, out); err != nil || out == nil || out.Terminal() { + break + } + } + + return +} + +// ResourceEventType tells an operator what kind of event has occurred on a given resource. +type ResourceEventType string + +const ( + // ResourceAdded tells the operator that a given resources has been added. + ResourceAdded ResourceEventType = "add" + // ResourceUpdated tells the operator that a given resources has been updated. + ResourceUpdated ResourceEventType = "update" + // ResourceDeleted tells the operator that a given resources has been deleted. + ResourceDeleted ResourceEventType = "delete" +) + +type ResourceEvent interface { + Type() ResourceEventType + Resource() interface{} +} + +type resourceEvent struct { + eventType ResourceEventType + resource interface{} +} + +func (r resourceEvent) Type() ResourceEventType { + return r.eventType +} + +func (r resourceEvent) Resource() interface{} { + return r.resource +} + +func NewResourceEvent(eventType ResourceEventType, resource interface{}) ResourceEvent { + return resourceEvent{ + eventType: eventType, + resource: resource, + } +} + +type Notifier interface { + Notify(event ResourceEvent) +} + +type NotifyFunc func(event ResourceEvent) + +// SyncFunc syncs resource events. +type SyncFunc func(ctx context.Context, event ResourceEvent) error + +// Sync lets a sync func implement Syncer. +func (s SyncFunc) Sync(ctx context.Context, event ResourceEvent) error { + return s(ctx, event) +} + +// Syncer describes something that syncs resource events. +type Syncer interface { + Sync(ctx context.Context, event ResourceEvent) error +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/labeler/labeler.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/labeler/labeler.go new file mode 100644 index 000000000..22a8e7320 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/labeler/labeler.go @@ -0,0 +1,19 @@ +package labeler + +import ( + "k8s.io/apimachinery/pkg/labels" +) + +// Labeler can provide label sets that describe an object +type Labeler interface { + // LabelSetsFor returns label sets that describe the given object + LabelSetsFor(obj interface{}) ([]labels.Set, error) +} + +// Func is a function type that implements the Labeler interface +type Func func(obj interface{}) ([]labels.Set, error) + +// LabelSetsFor calls LabelSetsFor on itself to satisfy the Labeler interface +func (l Func) LabelSetsFor(obj interface{}) ([]labels.Set, error) { + return l(obj) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/apiservice.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/apiservice.go new file mode 100644 index 000000000..76b4792dd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/apiservice.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" +) + +// CreateAPIService creates the APIService. +func (c *Client) CreateAPIService(ig *apiregistrationv1.APIService) (*apiregistrationv1.APIService, error) { + return c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Create(ig) +} + +// GetAPIService returns the existing APIService. +func (c *Client) GetAPIService(name string) (*apiregistrationv1.APIService, error) { + return c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Get(name, metav1.GetOptions{}) +} + +// DeleteAPIService deletes the APIService. +func (c *Client) DeleteAPIService(name string, options *metav1.DeleteOptions) error { + return c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Delete(name, options) +} + +// UpdateAPIService will update the given APIService resource. +func (c *Client) UpdateAPIService(apiService *apiregistrationv1.APIService) (*apiregistrationv1.APIService, error) { + glog.V(4).Infof("[UPDATE APIService]: %s", apiService.GetName()) + oldAPIService, err := c.GetAPIService(apiService.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldAPIService, apiService) + if err != nil { + return nil, fmt.Errorf("error creating patch for APIService: %v", err) + } + return c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Patch(apiService.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/client.go new file mode 100644 index 000000000..a0ae094ff --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/client.go @@ -0,0 +1,178 @@ +//go:generate mockgen -source client.go -destination operatorclientmocks/mock_client.go -package operatorclientmocks +package operatorclient + +import ( + "github.com/sirupsen/logrus" + appsv1 "k8s.io/api/apps/v1" + v1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + apiextensions "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + "k8s.io/client-go/tools/clientcmd" + apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" + apiregistration "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset" +) + +type ClientInterface interface { + KubernetesInterface() kubernetes.Interface + ApiextensionsV1beta1Interface() apiextensions.Interface + ApiregistrationV1Interface() apiregistration.Interface + APIServiceClient + CustomResourceClient + SecretClient + ServiceClient + ServiceAccountClient + RoleClient + RoleBindingClient + ClusterRoleBindingClient + ClusterRoleClient + DeploymentClient +} + +// CustomResourceClient contains methods for the Custom Resource. +type CustomResourceClient interface { + GetCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) (*unstructured.Unstructured, error) + GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string) ([]byte, error) + CreateCustomResource(item *unstructured.Unstructured) error + CreateCustomResourceRaw(apiGroup, version, namespace, kind string, data []byte) error + CreateCustomResourceRawIfNotFound(apiGroup, version, namespace, kind, name string, data []byte) (bool, error) + UpdateCustomResource(item *unstructured.Unstructured) error + UpdateCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error + CreateOrUpdateCustomeResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error + DeleteCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) error + AtomicModifyCustomResource(apiGroup, version, namespace, resourceKind, resourceName string, f CustomResourceModifier, data interface{}) error + ListCustomResource(apiGroup, version, namespace, resourceKind string) (*CustomResourceList, error) +} + +// APIServiceClient contains methods for manipulating APIServiceBindings. +type APIServiceClient interface { + CreateAPIService(*apiregistrationv1.APIService) (*apiregistrationv1.APIService, error) + GetAPIService(name string) (*apiregistrationv1.APIService, error) + UpdateAPIService(modified *apiregistrationv1.APIService) (*apiregistrationv1.APIService, error) + DeleteAPIService(name string, options *metav1.DeleteOptions) error +} + +// SecretClient contains methods for manipulating Secrets +type SecretClient interface { + CreateSecret(*v1.Secret) (*v1.Secret, error) + GetSecret(namespace, name string) (*v1.Secret, error) + UpdateSecret(modified *v1.Secret) (*v1.Secret, error) + DeleteSecret(namespace, name string, options *metav1.DeleteOptions) error +} + +// ServiceClient contains methods for manipulating Services +type ServiceClient interface { + CreateService(*v1.Service) (*v1.Service, error) + GetService(namespace, name string) (*v1.Service, error) + UpdateService(modified *v1.Service) (*v1.Service, error) + DeleteService(namespace, name string, options *metav1.DeleteOptions) error +} + +// ServiceAccountClient contains methods for manipulating ServiceAccounts. +type ServiceAccountClient interface { + CreateServiceAccount(*v1.ServiceAccount) (*v1.ServiceAccount, error) + GetServiceAccount(namespace, name string) (*v1.ServiceAccount, error) + UpdateServiceAccount(modified *v1.ServiceAccount) (*v1.ServiceAccount, error) + DeleteServiceAccount(namespace, name string, options *metav1.DeleteOptions) error +} + +// RoleClient contains methods for manipulating Roles. +type RoleClient interface { + CreateRole(*rbacv1.Role) (*rbacv1.Role, error) + GetRole(namespace, name string) (*rbacv1.Role, error) + UpdateRole(modified *rbacv1.Role) (*rbacv1.Role, error) + DeleteRole(namespace, name string, options *metav1.DeleteOptions) error +} + +// RoleBindingClient contains methods for manipulating RoleBindings. +type RoleBindingClient interface { + CreateRoleBinding(*rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) + GetRoleBinding(namespace, name string) (*rbacv1.RoleBinding, error) + UpdateRoleBinding(modified *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) + DeleteRoleBinding(namespace, name string, options *metav1.DeleteOptions) error +} + +// ClusterRoleClient contains methods for manipulating ClusterRoleBindings. +type ClusterRoleClient interface { + CreateClusterRole(*rbacv1.ClusterRole) (*rbacv1.ClusterRole, error) + GetClusterRole(name string) (*rbacv1.ClusterRole, error) + UpdateClusterRole(modified *rbacv1.ClusterRole) (*rbacv1.ClusterRole, error) + DeleteClusterRole(name string, options *metav1.DeleteOptions) error +} + +// ClusterRoleBindingClient contains methods for manipulating ClusterRoleBindings. +type ClusterRoleBindingClient interface { + CreateClusterRoleBinding(*rbacv1.ClusterRoleBinding) (*rbacv1.ClusterRoleBinding, error) + GetClusterRoleBinding(name string) (*rbacv1.ClusterRoleBinding, error) + UpdateClusterRoleBinding(modified *rbacv1.ClusterRoleBinding) (*rbacv1.ClusterRoleBinding, error) + DeleteClusterRoleBinding(name string, options *metav1.DeleteOptions) error +} + +// DeploymentClient contains methods for the Deployment resource. +type DeploymentClient interface { + GetDeployment(namespace, name string) (*appsv1.Deployment, error) + CreateDeployment(*appsv1.Deployment) (*appsv1.Deployment, error) + DeleteDeployment(namespace, name string, options *metav1.DeleteOptions) error + UpdateDeployment(*appsv1.Deployment) (*appsv1.Deployment, bool, error) + PatchDeployment(*appsv1.Deployment, *appsv1.Deployment) (*appsv1.Deployment, bool, error) + RollingUpdateDeployment(*appsv1.Deployment) (*appsv1.Deployment, bool, error) + RollingPatchDeployment(*appsv1.Deployment, *appsv1.Deployment) (*appsv1.Deployment, bool, error) + RollingUpdateDeploymentMigrations(namespace, name string, f UpdateFunction) (*appsv1.Deployment, bool, error) + RollingPatchDeploymentMigrations(namespace, name string, f PatchFunction) (*appsv1.Deployment, bool, error) + CreateOrRollingUpdateDeployment(*appsv1.Deployment) (*appsv1.Deployment, bool, error) + ListDeploymentsWithLabels(namespace string, labels labels.Set) (*appsv1.DeploymentList, error) +} + +// Interface assertion. +var _ ClientInterface = &Client{} + +// Client is a kubernetes client that can talk to the API server. +type Client struct { + kubernetes.Interface + extInterface apiextensions.Interface + regInterface apiregistration.Interface +} + +// NewClient creates a kubernetes client or bails out on on failures. +func NewClientFromConfig(kubeconfig string, logger *logrus.Logger) ClientInterface { + var config *rest.Config + var err error + + if kubeconfig != "" { + logger.Infof("Loading kube client config from path %q", kubeconfig) + config, err = clientcmd.BuildConfigFromFlags("", kubeconfig) + } else { + logger.Infof("Using in-cluster kube client config") + config, err = rest.InClusterConfig() + } + + if err != nil { + logger.Fatalf("Cannot load config for REST client: %v", err) + } + + return &Client{kubernetes.NewForConfigOrDie(config), apiextensions.NewForConfigOrDie(config), apiregistration.NewForConfigOrDie(config)} +} + +// NewClient creates a kubernetes client +func NewClient(k8sClient kubernetes.Interface, extclient apiextensions.Interface, regclient apiregistration.Interface) ClientInterface { + return &Client{k8sClient, extclient, regclient} +} + +// KubernetesInterface returns the Kubernetes interface. +func (c *Client) KubernetesInterface() kubernetes.Interface { + return c.Interface +} + +// ApiextensionsV1beta1Interface returns the API extension interface. +func (c *Client) ApiextensionsV1beta1Interface() apiextensions.Interface { + return c.extInterface +} + +// ApiregistrationV1Interface returns the API registration (aggregated apiserver) interface +func (c *Client) ApiregistrationV1Interface() apiregistration.Interface { + return c.regInterface +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/clusterrole.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/clusterrole.go new file mode 100644 index 000000000..ee736fd2f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/clusterrole.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" +) + +// CreateClusterRole creates the ClusterRole. +func (c *Client) CreateClusterRole(r *rbacv1.ClusterRole) (*rbacv1.ClusterRole, error) { + return c.RbacV1().ClusterRoles().Create(r) +} + +// GetClusterRole returns the existing ClusterRole. +func (c *Client) GetClusterRole(name string) (*rbacv1.ClusterRole, error) { + return c.RbacV1().ClusterRoles().Get(name, metav1.GetOptions{}) +} + +// DeleteClusterRole deletes the ClusterRole +func (c *Client) DeleteClusterRole(name string, options *metav1.DeleteOptions) error { + return c.RbacV1().ClusterRoles().Delete(name, options) +} + +// UpdateClusterRole will update the given ClusterRole. +func (c *Client) UpdateClusterRole(crb *rbacv1.ClusterRole) (*rbacv1.ClusterRole, error) { + glog.V(4).Infof("[UPDATE Role]: %s", crb.GetName()) + oldCrb, err := c.GetClusterRole(crb.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldCrb, crb) + if err != nil { + return nil, fmt.Errorf("error creating patch for Role: %v", err) + } + return c.RbacV1().ClusterRoles().Patch(crb.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/clusterrolebinding.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/clusterrolebinding.go new file mode 100755 index 000000000..30e682676 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/clusterrolebinding.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" +) + +// CreateRoleBinding creates the roleBinding. +func (c *Client) CreateClusterRoleBinding(ig *rbacv1.ClusterRoleBinding) (*rbacv1.ClusterRoleBinding, error) { + return c.RbacV1().ClusterRoleBindings().Create(ig) +} + +// GetRoleBinding returns the existing roleBinding. +func (c *Client) GetClusterRoleBinding(name string) (*rbacv1.ClusterRoleBinding, error) { + return c.RbacV1().ClusterRoleBindings().Get(name, metav1.GetOptions{}) +} + +// DeleteRoleBinding deletes the roleBinding. +func (c *Client) DeleteClusterRoleBinding(name string, options *metav1.DeleteOptions) error { + return c.RbacV1().ClusterRoleBindings().Delete(name, options) +} + +// UpdateRoleBinding will update the given RoleBinding resource. +func (c *Client) UpdateClusterRoleBinding(crb *rbacv1.ClusterRoleBinding) (*rbacv1.ClusterRoleBinding, error) { + glog.V(4).Infof("[UPDATE RoleBinding]: %s", crb.GetName()) + oldCrb, err := c.GetClusterRoleBinding(crb.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldCrb, crb) + if err != nil { + return nil, fmt.Errorf("error creating patch for RoleBinding: %v", err) + } + return c.RbacV1().ClusterRoleBindings().Patch(crb.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/customresources.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/customresources.go new file mode 100644 index 000000000..d393f806e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/customresources.go @@ -0,0 +1,313 @@ +package operatorclient + +import ( + "encoding/json" + "fmt" + "path" + "strings" + "time" + + "github.com/golang/glog" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/util/wait" +) + +// CustomResourceList represents a list of custom resource objects that will +// be returned from a List() operation. +type CustomResourceList struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata"` + + Items []*unstructured.Unstructured `json:"items"` +} + +// GetCustomResource returns the custom resource as *unstructured.Unstructured by the given name. +func (c *Client) GetCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) (*unstructured.Unstructured, error) { + glog.V(4).Infof("[GET CUSTOM RESOURCE]: %s:%s", namespace, resourceName) + var object unstructured.Unstructured + + b, err := c.GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName) + if err != nil { + return nil, err + } + + if err := json.Unmarshal(b, &object); err != nil { + return nil, fmt.Errorf("failed to unmarshal CUSTOM RESOURCE: %v", err) + } + return &object, nil +} + +// GetCustomResourceRaw returns the custom resource's raw body data by the given name. +func (c *Client) GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string) ([]byte, error) { + glog.V(4).Infof("[GET CUSTOM RESOURCE RAW]: %s:%s", namespace, resourceName) + httpRestClient := c.extInterface.ApiextensionsV1beta1().RESTClient() + uri := customResourceURI(apiGroup, version, namespace, resourceKind, resourceName) + glog.V(4).Infof("[GET]: %s", uri) + + return httpRestClient.Get().RequestURI(uri).DoRaw() +} + +// CreateCustomResource creates the custom resource. +func (c *Client) CreateCustomResource(item *unstructured.Unstructured) error { + glog.V(4).Infof("[CREATE CUSTOM RESOURCE]: %s:%s", item.GetNamespace(), item.GetName()) + kind := item.GetKind() + namespace := item.GetNamespace() + apiVersion := item.GetAPIVersion() + apiGroup, version, err := parseAPIVersion(apiVersion) + if err != nil { + return err + } + + data, err := json.Marshal(item) + if err != nil { + return err + } + + return c.CreateCustomResourceRaw(apiGroup, version, namespace, kind, data) +} + +// CreateCustomResourceRaw creates the raw bytes of the custom resource. +func (c *Client) CreateCustomResourceRaw(apiGroup, version, namespace, kind string, data []byte) error { + glog.V(4).Infof("[CREATE CUSTOM RESOURCE RAW]: %s:%s", namespace, kind) + var statusCode int + + httpRestClient := c.extInterface.ApiextensionsV1beta1().RESTClient() + uri := customResourceDefinitionURI(apiGroup, version, namespace, kind) + glog.V(4).Infof("[POST]: %s", uri) + result := httpRestClient.Post().RequestURI(uri).Body(data).Do() + + if result.Error() != nil { + return result.Error() + } + + result.StatusCode(&statusCode) + glog.V(4).Infof("Written %s, status: %d", uri, statusCode) + + if statusCode != 201 { + return fmt.Errorf("unexpected status code %d, expecting 201", statusCode) + } + return nil +} + +// CreateCustomResourceRawIfNotFound creates the raw bytes of the custom resource if it doesn't exist. +// It also returns a boolean to indicate whether a new custom resource is created. +func (c *Client) CreateCustomResourceRawIfNotFound(apiGroup, version, namespace, kind, name string, data []byte) (bool, error) { + glog.V(4).Infof("[CREATE CUSTOM RESOURCE RAW if not found]: %s:%s", namespace, name) + _, err := c.GetCustomResource(apiGroup, version, namespace, kind, name) + if err == nil { + return false, nil + } + if !errors.IsNotFound(err) { + return false, err + } + err = c.CreateCustomResourceRaw(apiGroup, version, namespace, kind, data) + if err != nil { + return false, err + } + return true, nil +} + +// UpdateCustomResource updates the custom resource. +// To do an atomic update, use AtomicModifyCustomResource(). +func (c *Client) UpdateCustomResource(item *unstructured.Unstructured) error { + glog.V(4).Infof("[UPDATE CUSTOM RESOURCE]: %s:%s", item.GetNamespace(), item.GetName()) + kind := item.GetKind() + name := item.GetName() + namespace := item.GetNamespace() + apiVersion := item.GetAPIVersion() + apiGroup, version, err := parseAPIVersion(apiVersion) + if err != nil { + return err + } + + data, err := json.Marshal(item) + if err != nil { + return err + } + + return c.UpdateCustomResourceRaw(apiGroup, version, namespace, kind, name, data) +} + +// UpdateCustomResourceRaw updates the thirdparty resource with the raw data. +func (c *Client) UpdateCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error { + glog.V(4).Infof("[UPDATE CUSTOM RESOURCE RAW]: %s:%s", namespace, resourceName) + var statusCode int + + httpRestClient := c.extInterface.ApiextensionsV1beta1().RESTClient() + uri := customResourceURI(apiGroup, version, namespace, resourceKind, resourceName) + glog.V(4).Infof("[PUT]: %s", uri) + result := httpRestClient.Put().RequestURI(uri).Body(data).Do() + + if result.Error() != nil { + return result.Error() + } + + result.StatusCode(&statusCode) + glog.V(4).Infof("Updated %s, status: %d", uri, statusCode) + + if statusCode != 200 { + return fmt.Errorf("unexpected status code %d, expecting 200", statusCode) + } + return nil +} + +// CreateOrUpdateCustomeResourceRaw creates the custom resource if it doesn't exist. +// If the custom resource exists, it updates the existing one. +func (c *Client) CreateOrUpdateCustomeResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error { + glog.V(4).Infof("[CREATE OR UPDATE UPDATE CUSTOM RESOURCE RAW]: %s:%s", namespace, resourceName) + old, err := c.GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName) + if err != nil { + if !errors.IsNotFound(err) { + return err + } + return c.CreateCustomResourceRaw(apiGroup, version, namespace, resourceKind, data) + } + + var oldSpec, newSpec unstructured.Unstructured + if err := json.Unmarshal(old, &oldSpec); err != nil { + return err + } + if err := json.Unmarshal(data, &newSpec); err != nil { + return err + } + + // Set the resource version. + newSpec.SetResourceVersion(oldSpec.GetResourceVersion()) + + data, err = json.Marshal(&newSpec) + if err != nil { + return err + } + + return c.UpdateCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName, data) +} + +// DeleteCustomResource deletes the with the given name. +func (c *Client) DeleteCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) error { + glog.V(4).Infof("[DELETE CUSTOM RESOURCE]: %s:%s", namespace, resourceName) + httpRestClient := c.extInterface.ApiextensionsV1beta1().RESTClient() + uri := customResourceURI(apiGroup, version, namespace, resourceKind, resourceName) + + glog.V(4).Infof("[DELETE]: %s", uri) + _, err := httpRestClient.Delete().RequestURI(uri).DoRaw() + return err +} + +// CustomResourceModifier takes the custom resource object, and modifies it in-place. +type CustomResourceModifier func(*unstructured.Unstructured, interface{}) error + +// AtomicModifyCustomResource gets the custom resource, modifies it and writes it back. +// If it's modified by other writers, we will retry until it succeeds. +func (c *Client) AtomicModifyCustomResource(apiGroup, version, namespace, resourceKind, resourceName string, f CustomResourceModifier, data interface{}) error { + glog.V(4).Infof("[ATOMIC MODIFY CUSTOM RESOURCE]: %s:%s", namespace, resourceName) + return wait.PollInfinite(time.Second, func() (bool, error) { + var customResource unstructured.Unstructured + b, err := c.GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName) + if err != nil { + glog.Errorf("Failed to get CUSTOM RESOURCE %q, kind:%q: %v", resourceName, resourceKind, err) + return false, err + } + + if err := json.Unmarshal(b, &customResource); err != nil { + glog.Errorf("Failed to unmarshal CUSTOM RESOURCE %q, kind:%q: %v", resourceName, resourceKind, err) + return false, err + } + + if err := f(&customResource, data); err != nil { + glog.Errorf("Failed to modify the CUSTOM RESOURCE %q, kind:%q: %v", resourceName, resourceKind, err) + return false, err + } + + if err := c.UpdateCustomResource(&customResource); err != nil { + if errors.IsConflict(err) { + glog.Errorf("Failed to update CUSTOM RESOURCE %q, kind:%q: %v, will retry", resourceName, resourceKind, err) + return false, nil + } + glog.Errorf("Failed to update CUSTOM RESOURCE %q, kind:%q: %v", resourceName, resourceKind, err) + return false, err + } + + return true, nil + }) +} + +// customResourceURI returns the URI for the thirdparty resource. +// +// Example of apiGroup: "tco.coreos.com" +// Example of version: "v1" +// Example of namespace: "default" +// Example of resourceKind: "ChannelOperatorConfig" +// Example of resourceName: "test-config" +func customResourceURI(apiGroup, version, namespace, resourceKind, resourceName string) string { + if namespace == "" { + namespace = metav1.NamespaceDefault + } + plural, _ := meta.UnsafeGuessKindToResource(schema.GroupVersionKind{ + Group: apiGroup, + Version: version, + Kind: resourceKind, + }) + return fmt.Sprintf("/apis/%s/%s/namespaces/%s/%s/%s", + strings.ToLower(apiGroup), + strings.ToLower(version), + strings.ToLower(namespace), + strings.ToLower(plural.Resource), + strings.ToLower(resourceName)) +} + +// customResourceDefinitionURI returns the URI for the CRD. +// +// Example of apiGroup: "tco.coreos.com" +// Example of version: "v1" +// Example of namespace: "default" +// Example of resourceKind: "ChannelOperatorConfig" +func customResourceDefinitionURI(apiGroup, version, namespace, resourceKind string) string { + if namespace == "" { + namespace = metav1.NamespaceDefault + } + plural, _ := meta.UnsafeGuessKindToResource(schema.GroupVersionKind{ + Group: apiGroup, + Version: version, + Kind: resourceKind, + }) + return fmt.Sprintf("/apis/%s/%s/namespaces/%s/%s", + strings.ToLower(apiGroup), + strings.ToLower(version), + strings.ToLower(namespace), + strings.ToLower(plural.Resource)) +} + +// ListCustomResource lists all custom resources for the given namespace. +func (c *Client) ListCustomResource(apiGroup, version, namespace, resourceKind string) (*CustomResourceList, error) { + glog.V(4).Infof("LIST CUSTOM RESOURCE]: %s", resourceKind) + + var crList CustomResourceList + + httpRestClient := c.extInterface.ApiextensionsV1beta1().RESTClient() + uri := customResourceDefinitionURI(apiGroup, version, namespace, resourceKind) + glog.V(4).Infof("[GET]: %s", uri) + bytes, err := httpRestClient.Get().RequestURI(uri).DoRaw() + if err != nil { + return nil, fmt.Errorf("failed to get custom resource list: %v", err) + } + + if err := json.Unmarshal(bytes, &crList); err != nil { + return nil, err + } + + return &crList, nil +} + +// parseAPIVersion splits "coreos.com/v1" into +// "coreos.com" and "v1". +func parseAPIVersion(apiVersion string) (apiGroup, version string, err error) { + parts := strings.Split(apiVersion, "/") + if len(parts) < 2 { + return "", "", fmt.Errorf("invalid format of api version %q, expecting APIGroup/Version", apiVersion) + } + return path.Join(parts[:len(parts)-1]...), parts[len(parts)-1], nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/deployment.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/deployment.go new file mode 100644 index 000000000..6a62ca382 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/deployment.go @@ -0,0 +1,203 @@ +package operatorclient + +import ( + "errors" + "fmt" + "time" + + "github.com/golang/glog" + appsv1 "k8s.io/api/apps/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/wait" +) + +const ( + deploymentRolloutPollInterval = time.Second +) + +// GetDeployment returns the Deployment object for the given namespace and name. +func (c *Client) GetDeployment(namespace, name string) (*appsv1.Deployment, error) { + glog.V(4).Infof("[GET Deployment]: %s:%s", namespace, name) + return c.AppsV1().Deployments(namespace).Get(name, metav1.GetOptions{}) +} + +// CreateDeployment creates the Deployment object. +func (c *Client) CreateDeployment(dep *appsv1.Deployment) (*appsv1.Deployment, error) { + glog.V(4).Infof("[CREATE Deployment]: %s:%s", dep.Namespace, dep.Name) + return c.AppsV1().Deployments(dep.Namespace).Create(dep) +} + +// DeleteDeployment deletes the Deployment object. +func (c *Client) DeleteDeployment(namespace, name string, options *metav1.DeleteOptions) error { + glog.V(4).Infof("[DELETE Deployment]: %s:%s", namespace, name) + return c.AppsV1().Deployments(namespace).Delete(name, options) +} + +// UpdateDeployment updates a Deployment object by performing a 2-way patch between the existing +// Deployment and the result of the UpdateFunction. +// +// Returns the latest Deployment and true if it was updated, or an error. +func (c *Client) UpdateDeployment(dep *appsv1.Deployment) (*appsv1.Deployment, bool, error) { + return c.PatchDeployment(nil, dep) +} + +// PatchDeployment updates a Deployment object by performing a 3-way patch merge between the existing +// Deployment and `original` and `modified` manifests. +// +// Returns the latest Deployment and true if it was updated, or an error. +func (c *Client) PatchDeployment(original, modified *appsv1.Deployment) (*appsv1.Deployment, bool, error) { + namespace, name := modified.Namespace, modified.Name + glog.V(4).Infof("[PATCH Deployment]: %s:%s", namespace, name) + + current, err := c.AppsV1().Deployments(namespace).Get(name, metav1.GetOptions{}) + if err != nil { + return nil, false, err + } + if modified == nil { + return nil, false, errors.New("modified cannot be nil") + } + if original == nil { + original = current // Emulate 2-way merge. + } + current.TypeMeta = modified.TypeMeta // make sure the type metas won't conflict. + patchBytes, err := createThreeWayMergePatchPreservingCommands(original, modified, current) + if err != nil { + return nil, false, err + } + updated, err := c.AppsV1().Deployments(namespace).Patch(name, types.StrategicMergePatchType, patchBytes) + if err != nil { + return nil, false, err + } + return updated, current.GetResourceVersion() != updated.GetResourceVersion(), nil +} + +// RollingUpdateDeployment performs a rolling update on the given Deployment. It requires that the +// Deployment uses the RollingUpdateDeploymentStrategyType update strategy. +func (c *Client) RollingUpdateDeployment(dep *appsv1.Deployment) (*appsv1.Deployment, bool, error) { + return c.RollingUpdateDeploymentMigrations(dep.Namespace, dep.Name, Update(dep)) +} + +// RollingUpdateDeploymentMigrations performs a rolling update on the given Deployment. It +// requires that the Deployment uses the RollingUpdateDeploymentStrategyType update strategy. +// +// RollingUpdateDeploymentMigrations will run any before / during / after migrations that have been +// specified in the upgrade options. +func (c *Client) RollingUpdateDeploymentMigrations(namespace, name string, f UpdateFunction) (*appsv1.Deployment, bool, error) { + glog.V(4).Infof("[ROLLING UPDATE Deployment]: %s:%s", namespace, name) + return c.RollingPatchDeploymentMigrations(namespace, name, updateToPatch(f)) +} + +// RollingPatchDeployment performs a 3-way patch merge followed by rolling update on the given +// Deployment. It requires that the Deployment uses the RollingUpdateDeploymentStrategyType update +// strategy. +// +// RollingPatchDeployment will run any before / after migrations that have been specified in the +// upgrade options. +func (c *Client) RollingPatchDeployment(original, modified *appsv1.Deployment) (*appsv1.Deployment, bool, error) { + return c.RollingPatchDeploymentMigrations(modified.Namespace, modified.Name, Patch(original, modified)) +} + +// RollingPatchDeploymentMigrations performs a 3-way patch merge followed by rolling update on +// the given Deployment. It requires that the Deployment uses the RollingUpdateDeploymentStrategyType +// update strategy. +// +// RollingPatchDeploymentMigrations will run any before / after migrations that have been specified +// in the upgrade options. +func (c *Client) RollingPatchDeploymentMigrations(namespace, name string, f PatchFunction) (*appsv1.Deployment, bool, error) { + glog.V(4).Infof("[ROLLING PATCH Deployment]: %s:%s", namespace, name) + + current, err := c.AppsV1().Deployments(namespace).Get(name, metav1.GetOptions{}) + if err != nil { + return nil, false, err + } + if err := checkDeploymentRollingUpdateEnabled(current); err != nil { + return nil, false, err + } + + originalObj, modifiedObj, err := f(current.DeepCopy()) + if err != nil { + return nil, false, err + } + // Check for nil interfaces. + if modifiedObj == nil { + return nil, false, errors.New("modified cannot be nil") + } + if originalObj == nil { + originalObj = current // Emulate 2-way merge. + } + original, modified := originalObj.(*appsv1.Deployment), modifiedObj.(*appsv1.Deployment) + // Check for nil pointers. + if modified == nil { + return nil, false, errors.New("modified cannot be nil") + } + if original == nil { + original = current // Emulate 2-way merge. + } + current.TypeMeta = modified.TypeMeta // make sure the type metas won't conflict. + patchBytes, err := createThreeWayMergePatchPreservingCommands(original, modified, current) + if err != nil { + return nil, false, err + } + updated, err := c.AppsV1().Deployments(namespace).Patch(name, types.StrategicMergePatchType, patchBytes) + if err != nil { + return nil, false, err + } + + return updated, current.GetResourceVersion() != updated.GetResourceVersion(), nil +} + +func checkDeploymentRollingUpdateEnabled(dep *appsv1.Deployment) error { + enabled := dep.Spec.Strategy.Type == appsv1.RollingUpdateDeploymentStrategyType || dep.Spec.Strategy.Type == "" // Deployments rolling update by default + if !enabled { + return fmt.Errorf("Deployment %s/%s does not have rolling update strategy enabled", dep.GetNamespace(), dep.GetName()) + } + return nil +} + +func (c *Client) waitForDeploymentRollout(dep *appsv1.Deployment) error { + return wait.PollInfinite(deploymentRolloutPollInterval, func() (bool, error) { + d, err := c.GetDeployment(dep.Namespace, dep.Name) + if err != nil { + // Do not return error here, as we could be updating the API Server itself, in which case we + // want to continue waiting. + glog.Errorf("error getting Deployment %s during rollout: %v", dep.Name, err) + return false, nil + } + if d.Generation <= d.Status.ObservedGeneration && d.Status.UpdatedReplicas == d.Status.Replicas && d.Status.UnavailableReplicas == 0 { + return true, nil + } + return false, nil + }) +} + +// CreateOrRollingUpdateDeployment creates the Deployment if it doesn't exist. If the Deployment +// already exists, it will update the Deployment and wait for it to rollout. Returns true if the +// Deployment was created or updated, false if there was no update. +func (c *Client) CreateOrRollingUpdateDeployment(dep *appsv1.Deployment) (*appsv1.Deployment, bool, error) { + glog.V(4).Infof("[CREATE OR ROLLING UPDATE Deployment]: %s:%s", dep.Namespace, dep.Name) + + _, err := c.GetDeployment(dep.Namespace, dep.Name) + if err != nil { + if !apierrors.IsNotFound(err) { + return nil, false, err + } + created, err := c.CreateDeployment(dep) + if err != nil { + return nil, false, err + } + return created, true, err + } + return c.RollingUpdateDeployment(dep) +} + +// ListDeploymentsWithLabels returns a list of deployments that matches the label selector. +// An empty list will be returned if no such deployments is found. +func (c *Client) ListDeploymentsWithLabels(namespace string, labels labels.Set) (*appsv1.DeploymentList, error) { + glog.V(4).Infof("[LIST Deployments] in %s, labels: %v", namespace, labels) + + opts := metav1.ListOptions{LabelSelector: labels.String()} + return c.AppsV1().Deployments(namespace).List(opts) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/operatorclientmocks/mock_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/operatorclientmocks/mock_client.go new file mode 100644 index 000000000..9144643a8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/operatorclientmocks/mock_client.go @@ -0,0 +1,1918 @@ +// Code generated by MockGen. DO NOT EDIT. +// Source: client.go + +// Package operatorclientmocks is a generated GoMock package. +package operatorclientmocks + +import ( + gomock "github.com/golang/mock/gomock" + operatorclient "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + v1 "k8s.io/api/apps/v1" + v10 "k8s.io/api/core/v1" + v11 "k8s.io/api/rbac/v1" + clientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset" + v12 "k8s.io/apimachinery/pkg/apis/meta/v1" + unstructured "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + labels "k8s.io/apimachinery/pkg/labels" + kubernetes "k8s.io/client-go/kubernetes" + v13 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" + clientset0 "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset" + reflect "reflect" +) + +// MockClientInterface is a mock of ClientInterface interface +type MockClientInterface struct { + ctrl *gomock.Controller + recorder *MockClientInterfaceMockRecorder +} + +// MockClientInterfaceMockRecorder is the mock recorder for MockClientInterface +type MockClientInterfaceMockRecorder struct { + mock *MockClientInterface +} + +// NewMockClientInterface creates a new mock instance +func NewMockClientInterface(ctrl *gomock.Controller) *MockClientInterface { + mock := &MockClientInterface{ctrl: ctrl} + mock.recorder = &MockClientInterfaceMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockClientInterface) EXPECT() *MockClientInterfaceMockRecorder { + return m.recorder +} + +// KubernetesInterface mocks base method +func (m *MockClientInterface) KubernetesInterface() kubernetes.Interface { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "KubernetesInterface") + ret0, _ := ret[0].(kubernetes.Interface) + return ret0 +} + +// KubernetesInterface indicates an expected call of KubernetesInterface +func (mr *MockClientInterfaceMockRecorder) KubernetesInterface() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "KubernetesInterface", reflect.TypeOf((*MockClientInterface)(nil).KubernetesInterface)) +} + +// ApiextensionsV1beta1Interface mocks base method +func (m *MockClientInterface) ApiextensionsV1beta1Interface() clientset.Interface { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ApiextensionsV1beta1Interface") + ret0, _ := ret[0].(clientset.Interface) + return ret0 +} + +// ApiextensionsV1beta1Interface indicates an expected call of ApiextensionsV1beta1Interface +func (mr *MockClientInterfaceMockRecorder) ApiextensionsV1beta1Interface() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ApiextensionsV1beta1Interface", reflect.TypeOf((*MockClientInterface)(nil).ApiextensionsV1beta1Interface)) +} + +// ApiregistrationV1Interface mocks base method +func (m *MockClientInterface) ApiregistrationV1Interface() clientset0.Interface { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ApiregistrationV1Interface") + ret0, _ := ret[0].(clientset0.Interface) + return ret0 +} + +// ApiregistrationV1Interface indicates an expected call of ApiregistrationV1Interface +func (mr *MockClientInterfaceMockRecorder) ApiregistrationV1Interface() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ApiregistrationV1Interface", reflect.TypeOf((*MockClientInterface)(nil).ApiregistrationV1Interface)) +} + +// CreateAPIService mocks base method +func (m *MockClientInterface) CreateAPIService(arg0 *v13.APIService) (*v13.APIService, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateAPIService", arg0) + ret0, _ := ret[0].(*v13.APIService) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateAPIService indicates an expected call of CreateAPIService +func (mr *MockClientInterfaceMockRecorder) CreateAPIService(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateAPIService", reflect.TypeOf((*MockClientInterface)(nil).CreateAPIService), arg0) +} + +// GetAPIService mocks base method +func (m *MockClientInterface) GetAPIService(name string) (*v13.APIService, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetAPIService", name) + ret0, _ := ret[0].(*v13.APIService) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetAPIService indicates an expected call of GetAPIService +func (mr *MockClientInterfaceMockRecorder) GetAPIService(name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAPIService", reflect.TypeOf((*MockClientInterface)(nil).GetAPIService), name) +} + +// UpdateAPIService mocks base method +func (m *MockClientInterface) UpdateAPIService(modified *v13.APIService) (*v13.APIService, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateAPIService", modified) + ret0, _ := ret[0].(*v13.APIService) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateAPIService indicates an expected call of UpdateAPIService +func (mr *MockClientInterfaceMockRecorder) UpdateAPIService(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateAPIService", reflect.TypeOf((*MockClientInterface)(nil).UpdateAPIService), modified) +} + +// DeleteAPIService mocks base method +func (m *MockClientInterface) DeleteAPIService(name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteAPIService", name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteAPIService indicates an expected call of DeleteAPIService +func (mr *MockClientInterfaceMockRecorder) DeleteAPIService(name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteAPIService", reflect.TypeOf((*MockClientInterface)(nil).DeleteAPIService), name, options) +} + +// GetCustomResource mocks base method +func (m *MockClientInterface) GetCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) (*unstructured.Unstructured, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetCustomResource", apiGroup, version, namespace, resourceKind, resourceName) + ret0, _ := ret[0].(*unstructured.Unstructured) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetCustomResource indicates an expected call of GetCustomResource +func (mr *MockClientInterfaceMockRecorder) GetCustomResource(apiGroup, version, namespace, resourceKind, resourceName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCustomResource", reflect.TypeOf((*MockClientInterface)(nil).GetCustomResource), apiGroup, version, namespace, resourceKind, resourceName) +} + +// GetCustomResourceRaw mocks base method +func (m *MockClientInterface) GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string) ([]byte, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetCustomResourceRaw", apiGroup, version, namespace, resourceKind, resourceName) + ret0, _ := ret[0].([]byte) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetCustomResourceRaw indicates an expected call of GetCustomResourceRaw +func (mr *MockClientInterfaceMockRecorder) GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCustomResourceRaw", reflect.TypeOf((*MockClientInterface)(nil).GetCustomResourceRaw), apiGroup, version, namespace, resourceKind, resourceName) +} + +// CreateCustomResource mocks base method +func (m *MockClientInterface) CreateCustomResource(item *unstructured.Unstructured) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateCustomResource", item) + ret0, _ := ret[0].(error) + return ret0 +} + +// CreateCustomResource indicates an expected call of CreateCustomResource +func (mr *MockClientInterfaceMockRecorder) CreateCustomResource(item interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateCustomResource", reflect.TypeOf((*MockClientInterface)(nil).CreateCustomResource), item) +} + +// CreateCustomResourceRaw mocks base method +func (m *MockClientInterface) CreateCustomResourceRaw(apiGroup, version, namespace, kind string, data []byte) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateCustomResourceRaw", apiGroup, version, namespace, kind, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// CreateCustomResourceRaw indicates an expected call of CreateCustomResourceRaw +func (mr *MockClientInterfaceMockRecorder) CreateCustomResourceRaw(apiGroup, version, namespace, kind, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateCustomResourceRaw", reflect.TypeOf((*MockClientInterface)(nil).CreateCustomResourceRaw), apiGroup, version, namespace, kind, data) +} + +// CreateCustomResourceRawIfNotFound mocks base method +func (m *MockClientInterface) CreateCustomResourceRawIfNotFound(apiGroup, version, namespace, kind, name string, data []byte) (bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateCustomResourceRawIfNotFound", apiGroup, version, namespace, kind, name, data) + ret0, _ := ret[0].(bool) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateCustomResourceRawIfNotFound indicates an expected call of CreateCustomResourceRawIfNotFound +func (mr *MockClientInterfaceMockRecorder) CreateCustomResourceRawIfNotFound(apiGroup, version, namespace, kind, name, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateCustomResourceRawIfNotFound", reflect.TypeOf((*MockClientInterface)(nil).CreateCustomResourceRawIfNotFound), apiGroup, version, namespace, kind, name, data) +} + +// UpdateCustomResource mocks base method +func (m *MockClientInterface) UpdateCustomResource(item *unstructured.Unstructured) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateCustomResource", item) + ret0, _ := ret[0].(error) + return ret0 +} + +// UpdateCustomResource indicates an expected call of UpdateCustomResource +func (mr *MockClientInterfaceMockRecorder) UpdateCustomResource(item interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateCustomResource", reflect.TypeOf((*MockClientInterface)(nil).UpdateCustomResource), item) +} + +// UpdateCustomResourceRaw mocks base method +func (m *MockClientInterface) UpdateCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateCustomResourceRaw", apiGroup, version, namespace, resourceKind, resourceName, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// UpdateCustomResourceRaw indicates an expected call of UpdateCustomResourceRaw +func (mr *MockClientInterfaceMockRecorder) UpdateCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateCustomResourceRaw", reflect.TypeOf((*MockClientInterface)(nil).UpdateCustomResourceRaw), apiGroup, version, namespace, resourceKind, resourceName, data) +} + +// CreateOrUpdateCustomeResourceRaw mocks base method +func (m *MockClientInterface) CreateOrUpdateCustomeResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateOrUpdateCustomeResourceRaw", apiGroup, version, namespace, resourceKind, resourceName, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// CreateOrUpdateCustomeResourceRaw indicates an expected call of CreateOrUpdateCustomeResourceRaw +func (mr *MockClientInterfaceMockRecorder) CreateOrUpdateCustomeResourceRaw(apiGroup, version, namespace, resourceKind, resourceName, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateOrUpdateCustomeResourceRaw", reflect.TypeOf((*MockClientInterface)(nil).CreateOrUpdateCustomeResourceRaw), apiGroup, version, namespace, resourceKind, resourceName, data) +} + +// DeleteCustomResource mocks base method +func (m *MockClientInterface) DeleteCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteCustomResource", apiGroup, version, namespace, resourceKind, resourceName) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteCustomResource indicates an expected call of DeleteCustomResource +func (mr *MockClientInterfaceMockRecorder) DeleteCustomResource(apiGroup, version, namespace, resourceKind, resourceName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteCustomResource", reflect.TypeOf((*MockClientInterface)(nil).DeleteCustomResource), apiGroup, version, namespace, resourceKind, resourceName) +} + +// AtomicModifyCustomResource mocks base method +func (m *MockClientInterface) AtomicModifyCustomResource(apiGroup, version, namespace, resourceKind, resourceName string, f operatorclient.CustomResourceModifier, data interface{}) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AtomicModifyCustomResource", apiGroup, version, namespace, resourceKind, resourceName, f, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// AtomicModifyCustomResource indicates an expected call of AtomicModifyCustomResource +func (mr *MockClientInterfaceMockRecorder) AtomicModifyCustomResource(apiGroup, version, namespace, resourceKind, resourceName, f, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AtomicModifyCustomResource", reflect.TypeOf((*MockClientInterface)(nil).AtomicModifyCustomResource), apiGroup, version, namespace, resourceKind, resourceName, f, data) +} + +// ListCustomResource mocks base method +func (m *MockClientInterface) ListCustomResource(apiGroup, version, namespace, resourceKind string) (*operatorclient.CustomResourceList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListCustomResource", apiGroup, version, namespace, resourceKind) + ret0, _ := ret[0].(*operatorclient.CustomResourceList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListCustomResource indicates an expected call of ListCustomResource +func (mr *MockClientInterfaceMockRecorder) ListCustomResource(apiGroup, version, namespace, resourceKind interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListCustomResource", reflect.TypeOf((*MockClientInterface)(nil).ListCustomResource), apiGroup, version, namespace, resourceKind) +} + +// CreateSecret mocks base method +func (m *MockClientInterface) CreateSecret(arg0 *v10.Secret) (*v10.Secret, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateSecret", arg0) + ret0, _ := ret[0].(*v10.Secret) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateSecret indicates an expected call of CreateSecret +func (mr *MockClientInterfaceMockRecorder) CreateSecret(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateSecret", reflect.TypeOf((*MockClientInterface)(nil).CreateSecret), arg0) +} + +// GetSecret mocks base method +func (m *MockClientInterface) GetSecret(namespace, name string) (*v10.Secret, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetSecret", namespace, name) + ret0, _ := ret[0].(*v10.Secret) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetSecret indicates an expected call of GetSecret +func (mr *MockClientInterfaceMockRecorder) GetSecret(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSecret", reflect.TypeOf((*MockClientInterface)(nil).GetSecret), namespace, name) +} + +// UpdateSecret mocks base method +func (m *MockClientInterface) UpdateSecret(modified *v10.Secret) (*v10.Secret, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateSecret", modified) + ret0, _ := ret[0].(*v10.Secret) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateSecret indicates an expected call of UpdateSecret +func (mr *MockClientInterfaceMockRecorder) UpdateSecret(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateSecret", reflect.TypeOf((*MockClientInterface)(nil).UpdateSecret), modified) +} + +// DeleteSecret mocks base method +func (m *MockClientInterface) DeleteSecret(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteSecret", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteSecret indicates an expected call of DeleteSecret +func (mr *MockClientInterfaceMockRecorder) DeleteSecret(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteSecret", reflect.TypeOf((*MockClientInterface)(nil).DeleteSecret), namespace, name, options) +} + +// CreateService mocks base method +func (m *MockClientInterface) CreateService(arg0 *v10.Service) (*v10.Service, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateService", arg0) + ret0, _ := ret[0].(*v10.Service) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateService indicates an expected call of CreateService +func (mr *MockClientInterfaceMockRecorder) CreateService(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateService", reflect.TypeOf((*MockClientInterface)(nil).CreateService), arg0) +} + +// GetService mocks base method +func (m *MockClientInterface) GetService(namespace, name string) (*v10.Service, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetService", namespace, name) + ret0, _ := ret[0].(*v10.Service) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetService indicates an expected call of GetService +func (mr *MockClientInterfaceMockRecorder) GetService(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetService", reflect.TypeOf((*MockClientInterface)(nil).GetService), namespace, name) +} + +// UpdateService mocks base method +func (m *MockClientInterface) UpdateService(modified *v10.Service) (*v10.Service, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateService", modified) + ret0, _ := ret[0].(*v10.Service) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateService indicates an expected call of UpdateService +func (mr *MockClientInterfaceMockRecorder) UpdateService(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateService", reflect.TypeOf((*MockClientInterface)(nil).UpdateService), modified) +} + +// DeleteService mocks base method +func (m *MockClientInterface) DeleteService(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteService", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteService indicates an expected call of DeleteService +func (mr *MockClientInterfaceMockRecorder) DeleteService(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteService", reflect.TypeOf((*MockClientInterface)(nil).DeleteService), namespace, name, options) +} + +// CreateServiceAccount mocks base method +func (m *MockClientInterface) CreateServiceAccount(arg0 *v10.ServiceAccount) (*v10.ServiceAccount, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateServiceAccount", arg0) + ret0, _ := ret[0].(*v10.ServiceAccount) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateServiceAccount indicates an expected call of CreateServiceAccount +func (mr *MockClientInterfaceMockRecorder) CreateServiceAccount(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).CreateServiceAccount), arg0) +} + +// GetServiceAccount mocks base method +func (m *MockClientInterface) GetServiceAccount(namespace, name string) (*v10.ServiceAccount, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetServiceAccount", namespace, name) + ret0, _ := ret[0].(*v10.ServiceAccount) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetServiceAccount indicates an expected call of GetServiceAccount +func (mr *MockClientInterfaceMockRecorder) GetServiceAccount(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).GetServiceAccount), namespace, name) +} + +// UpdateServiceAccount mocks base method +func (m *MockClientInterface) UpdateServiceAccount(modified *v10.ServiceAccount) (*v10.ServiceAccount, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateServiceAccount", modified) + ret0, _ := ret[0].(*v10.ServiceAccount) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateServiceAccount indicates an expected call of UpdateServiceAccount +func (mr *MockClientInterfaceMockRecorder) UpdateServiceAccount(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).UpdateServiceAccount), modified) +} + +// DeleteServiceAccount mocks base method +func (m *MockClientInterface) DeleteServiceAccount(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteServiceAccount", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteServiceAccount indicates an expected call of DeleteServiceAccount +func (mr *MockClientInterfaceMockRecorder) DeleteServiceAccount(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).DeleteServiceAccount), namespace, name, options) +} + +// CreateRole mocks base method +func (m *MockClientInterface) CreateRole(arg0 *v11.Role) (*v11.Role, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateRole", arg0) + ret0, _ := ret[0].(*v11.Role) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateRole indicates an expected call of CreateRole +func (mr *MockClientInterfaceMockRecorder) CreateRole(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateRole", reflect.TypeOf((*MockClientInterface)(nil).CreateRole), arg0) +} + +// GetRole mocks base method +func (m *MockClientInterface) GetRole(namespace, name string) (*v11.Role, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetRole", namespace, name) + ret0, _ := ret[0].(*v11.Role) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetRole indicates an expected call of GetRole +func (mr *MockClientInterfaceMockRecorder) GetRole(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetRole", reflect.TypeOf((*MockClientInterface)(nil).GetRole), namespace, name) +} + +// UpdateRole mocks base method +func (m *MockClientInterface) UpdateRole(modified *v11.Role) (*v11.Role, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateRole", modified) + ret0, _ := ret[0].(*v11.Role) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateRole indicates an expected call of UpdateRole +func (mr *MockClientInterfaceMockRecorder) UpdateRole(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateRole", reflect.TypeOf((*MockClientInterface)(nil).UpdateRole), modified) +} + +// DeleteRole mocks base method +func (m *MockClientInterface) DeleteRole(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteRole", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteRole indicates an expected call of DeleteRole +func (mr *MockClientInterfaceMockRecorder) DeleteRole(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteRole", reflect.TypeOf((*MockClientInterface)(nil).DeleteRole), namespace, name, options) +} + +// CreateRoleBinding mocks base method +func (m *MockClientInterface) CreateRoleBinding(arg0 *v11.RoleBinding) (*v11.RoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateRoleBinding", arg0) + ret0, _ := ret[0].(*v11.RoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateRoleBinding indicates an expected call of CreateRoleBinding +func (mr *MockClientInterfaceMockRecorder) CreateRoleBinding(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).CreateRoleBinding), arg0) +} + +// GetRoleBinding mocks base method +func (m *MockClientInterface) GetRoleBinding(namespace, name string) (*v11.RoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetRoleBinding", namespace, name) + ret0, _ := ret[0].(*v11.RoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetRoleBinding indicates an expected call of GetRoleBinding +func (mr *MockClientInterfaceMockRecorder) GetRoleBinding(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).GetRoleBinding), namespace, name) +} + +// UpdateRoleBinding mocks base method +func (m *MockClientInterface) UpdateRoleBinding(modified *v11.RoleBinding) (*v11.RoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateRoleBinding", modified) + ret0, _ := ret[0].(*v11.RoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateRoleBinding indicates an expected call of UpdateRoleBinding +func (mr *MockClientInterfaceMockRecorder) UpdateRoleBinding(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).UpdateRoleBinding), modified) +} + +// DeleteRoleBinding mocks base method +func (m *MockClientInterface) DeleteRoleBinding(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteRoleBinding", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteRoleBinding indicates an expected call of DeleteRoleBinding +func (mr *MockClientInterfaceMockRecorder) DeleteRoleBinding(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).DeleteRoleBinding), namespace, name, options) +} + +// CreateClusterRoleBinding mocks base method +func (m *MockClientInterface) CreateClusterRoleBinding(arg0 *v11.ClusterRoleBinding) (*v11.ClusterRoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateClusterRoleBinding", arg0) + ret0, _ := ret[0].(*v11.ClusterRoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateClusterRoleBinding indicates an expected call of CreateClusterRoleBinding +func (mr *MockClientInterfaceMockRecorder) CreateClusterRoleBinding(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateClusterRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).CreateClusterRoleBinding), arg0) +} + +// GetClusterRoleBinding mocks base method +func (m *MockClientInterface) GetClusterRoleBinding(name string) (*v11.ClusterRoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetClusterRoleBinding", name) + ret0, _ := ret[0].(*v11.ClusterRoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetClusterRoleBinding indicates an expected call of GetClusterRoleBinding +func (mr *MockClientInterfaceMockRecorder) GetClusterRoleBinding(name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClusterRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).GetClusterRoleBinding), name) +} + +// UpdateClusterRoleBinding mocks base method +func (m *MockClientInterface) UpdateClusterRoleBinding(modified *v11.ClusterRoleBinding) (*v11.ClusterRoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateClusterRoleBinding", modified) + ret0, _ := ret[0].(*v11.ClusterRoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateClusterRoleBinding indicates an expected call of UpdateClusterRoleBinding +func (mr *MockClientInterfaceMockRecorder) UpdateClusterRoleBinding(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateClusterRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).UpdateClusterRoleBinding), modified) +} + +// DeleteClusterRoleBinding mocks base method +func (m *MockClientInterface) DeleteClusterRoleBinding(name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteClusterRoleBinding", name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteClusterRoleBinding indicates an expected call of DeleteClusterRoleBinding +func (mr *MockClientInterfaceMockRecorder) DeleteClusterRoleBinding(name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteClusterRoleBinding", reflect.TypeOf((*MockClientInterface)(nil).DeleteClusterRoleBinding), name, options) +} + +// CreateClusterRole mocks base method +func (m *MockClientInterface) CreateClusterRole(arg0 *v11.ClusterRole) (*v11.ClusterRole, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateClusterRole", arg0) + ret0, _ := ret[0].(*v11.ClusterRole) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateClusterRole indicates an expected call of CreateClusterRole +func (mr *MockClientInterfaceMockRecorder) CreateClusterRole(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateClusterRole", reflect.TypeOf((*MockClientInterface)(nil).CreateClusterRole), arg0) +} + +// GetClusterRole mocks base method +func (m *MockClientInterface) GetClusterRole(name string) (*v11.ClusterRole, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetClusterRole", name) + ret0, _ := ret[0].(*v11.ClusterRole) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetClusterRole indicates an expected call of GetClusterRole +func (mr *MockClientInterfaceMockRecorder) GetClusterRole(name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClusterRole", reflect.TypeOf((*MockClientInterface)(nil).GetClusterRole), name) +} + +// UpdateClusterRole mocks base method +func (m *MockClientInterface) UpdateClusterRole(modified *v11.ClusterRole) (*v11.ClusterRole, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateClusterRole", modified) + ret0, _ := ret[0].(*v11.ClusterRole) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateClusterRole indicates an expected call of UpdateClusterRole +func (mr *MockClientInterfaceMockRecorder) UpdateClusterRole(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateClusterRole", reflect.TypeOf((*MockClientInterface)(nil).UpdateClusterRole), modified) +} + +// DeleteClusterRole mocks base method +func (m *MockClientInterface) DeleteClusterRole(name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteClusterRole", name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteClusterRole indicates an expected call of DeleteClusterRole +func (mr *MockClientInterfaceMockRecorder) DeleteClusterRole(name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteClusterRole", reflect.TypeOf((*MockClientInterface)(nil).DeleteClusterRole), name, options) +} + +// GetDeployment mocks base method +func (m *MockClientInterface) GetDeployment(namespace, name string) (*v1.Deployment, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetDeployment", namespace, name) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetDeployment indicates an expected call of GetDeployment +func (mr *MockClientInterfaceMockRecorder) GetDeployment(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetDeployment", reflect.TypeOf((*MockClientInterface)(nil).GetDeployment), namespace, name) +} + +// CreateDeployment mocks base method +func (m *MockClientInterface) CreateDeployment(arg0 *v1.Deployment) (*v1.Deployment, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateDeployment indicates an expected call of CreateDeployment +func (mr *MockClientInterfaceMockRecorder) CreateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateDeployment", reflect.TypeOf((*MockClientInterface)(nil).CreateDeployment), arg0) +} + +// DeleteDeployment mocks base method +func (m *MockClientInterface) DeleteDeployment(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteDeployment", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteDeployment indicates an expected call of DeleteDeployment +func (mr *MockClientInterfaceMockRecorder) DeleteDeployment(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteDeployment", reflect.TypeOf((*MockClientInterface)(nil).DeleteDeployment), namespace, name, options) +} + +// UpdateDeployment mocks base method +func (m *MockClientInterface) UpdateDeployment(arg0 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// UpdateDeployment indicates an expected call of UpdateDeployment +func (mr *MockClientInterfaceMockRecorder) UpdateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateDeployment", reflect.TypeOf((*MockClientInterface)(nil).UpdateDeployment), arg0) +} + +// PatchDeployment mocks base method +func (m *MockClientInterface) PatchDeployment(arg0, arg1 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "PatchDeployment", arg0, arg1) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// PatchDeployment indicates an expected call of PatchDeployment +func (mr *MockClientInterfaceMockRecorder) PatchDeployment(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "PatchDeployment", reflect.TypeOf((*MockClientInterface)(nil).PatchDeployment), arg0, arg1) +} + +// RollingUpdateDeployment mocks base method +func (m *MockClientInterface) RollingUpdateDeployment(arg0 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingUpdateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingUpdateDeployment indicates an expected call of RollingUpdateDeployment +func (mr *MockClientInterfaceMockRecorder) RollingUpdateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingUpdateDeployment", reflect.TypeOf((*MockClientInterface)(nil).RollingUpdateDeployment), arg0) +} + +// RollingPatchDeployment mocks base method +func (m *MockClientInterface) RollingPatchDeployment(arg0, arg1 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingPatchDeployment", arg0, arg1) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingPatchDeployment indicates an expected call of RollingPatchDeployment +func (mr *MockClientInterfaceMockRecorder) RollingPatchDeployment(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingPatchDeployment", reflect.TypeOf((*MockClientInterface)(nil).RollingPatchDeployment), arg0, arg1) +} + +// RollingUpdateDeploymentMigrations mocks base method +func (m *MockClientInterface) RollingUpdateDeploymentMigrations(namespace, name string, f operatorclient.UpdateFunction) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingUpdateDeploymentMigrations", namespace, name, f) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingUpdateDeploymentMigrations indicates an expected call of RollingUpdateDeploymentMigrations +func (mr *MockClientInterfaceMockRecorder) RollingUpdateDeploymentMigrations(namespace, name, f interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingUpdateDeploymentMigrations", reflect.TypeOf((*MockClientInterface)(nil).RollingUpdateDeploymentMigrations), namespace, name, f) +} + +// RollingPatchDeploymentMigrations mocks base method +func (m *MockClientInterface) RollingPatchDeploymentMigrations(namespace, name string, f operatorclient.PatchFunction) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingPatchDeploymentMigrations", namespace, name, f) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingPatchDeploymentMigrations indicates an expected call of RollingPatchDeploymentMigrations +func (mr *MockClientInterfaceMockRecorder) RollingPatchDeploymentMigrations(namespace, name, f interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingPatchDeploymentMigrations", reflect.TypeOf((*MockClientInterface)(nil).RollingPatchDeploymentMigrations), namespace, name, f) +} + +// CreateOrRollingUpdateDeployment mocks base method +func (m *MockClientInterface) CreateOrRollingUpdateDeployment(arg0 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateOrRollingUpdateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// CreateOrRollingUpdateDeployment indicates an expected call of CreateOrRollingUpdateDeployment +func (mr *MockClientInterfaceMockRecorder) CreateOrRollingUpdateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateOrRollingUpdateDeployment", reflect.TypeOf((*MockClientInterface)(nil).CreateOrRollingUpdateDeployment), arg0) +} + +// ListDeploymentsWithLabels mocks base method +func (m *MockClientInterface) ListDeploymentsWithLabels(namespace string, labels labels.Set) (*v1.DeploymentList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListDeploymentsWithLabels", namespace, labels) + ret0, _ := ret[0].(*v1.DeploymentList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListDeploymentsWithLabels indicates an expected call of ListDeploymentsWithLabels +func (mr *MockClientInterfaceMockRecorder) ListDeploymentsWithLabels(namespace, labels interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListDeploymentsWithLabels", reflect.TypeOf((*MockClientInterface)(nil).ListDeploymentsWithLabels), namespace, labels) +} + +// MockCustomResourceClient is a mock of CustomResourceClient interface +type MockCustomResourceClient struct { + ctrl *gomock.Controller + recorder *MockCustomResourceClientMockRecorder +} + +// MockCustomResourceClientMockRecorder is the mock recorder for MockCustomResourceClient +type MockCustomResourceClientMockRecorder struct { + mock *MockCustomResourceClient +} + +// NewMockCustomResourceClient creates a new mock instance +func NewMockCustomResourceClient(ctrl *gomock.Controller) *MockCustomResourceClient { + mock := &MockCustomResourceClient{ctrl: ctrl} + mock.recorder = &MockCustomResourceClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockCustomResourceClient) EXPECT() *MockCustomResourceClientMockRecorder { + return m.recorder +} + +// GetCustomResource mocks base method +func (m *MockCustomResourceClient) GetCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) (*unstructured.Unstructured, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetCustomResource", apiGroup, version, namespace, resourceKind, resourceName) + ret0, _ := ret[0].(*unstructured.Unstructured) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetCustomResource indicates an expected call of GetCustomResource +func (mr *MockCustomResourceClientMockRecorder) GetCustomResource(apiGroup, version, namespace, resourceKind, resourceName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCustomResource", reflect.TypeOf((*MockCustomResourceClient)(nil).GetCustomResource), apiGroup, version, namespace, resourceKind, resourceName) +} + +// GetCustomResourceRaw mocks base method +func (m *MockCustomResourceClient) GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string) ([]byte, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetCustomResourceRaw", apiGroup, version, namespace, resourceKind, resourceName) + ret0, _ := ret[0].([]byte) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetCustomResourceRaw indicates an expected call of GetCustomResourceRaw +func (mr *MockCustomResourceClientMockRecorder) GetCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCustomResourceRaw", reflect.TypeOf((*MockCustomResourceClient)(nil).GetCustomResourceRaw), apiGroup, version, namespace, resourceKind, resourceName) +} + +// CreateCustomResource mocks base method +func (m *MockCustomResourceClient) CreateCustomResource(item *unstructured.Unstructured) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateCustomResource", item) + ret0, _ := ret[0].(error) + return ret0 +} + +// CreateCustomResource indicates an expected call of CreateCustomResource +func (mr *MockCustomResourceClientMockRecorder) CreateCustomResource(item interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateCustomResource", reflect.TypeOf((*MockCustomResourceClient)(nil).CreateCustomResource), item) +} + +// CreateCustomResourceRaw mocks base method +func (m *MockCustomResourceClient) CreateCustomResourceRaw(apiGroup, version, namespace, kind string, data []byte) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateCustomResourceRaw", apiGroup, version, namespace, kind, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// CreateCustomResourceRaw indicates an expected call of CreateCustomResourceRaw +func (mr *MockCustomResourceClientMockRecorder) CreateCustomResourceRaw(apiGroup, version, namespace, kind, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateCustomResourceRaw", reflect.TypeOf((*MockCustomResourceClient)(nil).CreateCustomResourceRaw), apiGroup, version, namespace, kind, data) +} + +// CreateCustomResourceRawIfNotFound mocks base method +func (m *MockCustomResourceClient) CreateCustomResourceRawIfNotFound(apiGroup, version, namespace, kind, name string, data []byte) (bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateCustomResourceRawIfNotFound", apiGroup, version, namespace, kind, name, data) + ret0, _ := ret[0].(bool) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateCustomResourceRawIfNotFound indicates an expected call of CreateCustomResourceRawIfNotFound +func (mr *MockCustomResourceClientMockRecorder) CreateCustomResourceRawIfNotFound(apiGroup, version, namespace, kind, name, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateCustomResourceRawIfNotFound", reflect.TypeOf((*MockCustomResourceClient)(nil).CreateCustomResourceRawIfNotFound), apiGroup, version, namespace, kind, name, data) +} + +// UpdateCustomResource mocks base method +func (m *MockCustomResourceClient) UpdateCustomResource(item *unstructured.Unstructured) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateCustomResource", item) + ret0, _ := ret[0].(error) + return ret0 +} + +// UpdateCustomResource indicates an expected call of UpdateCustomResource +func (mr *MockCustomResourceClientMockRecorder) UpdateCustomResource(item interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateCustomResource", reflect.TypeOf((*MockCustomResourceClient)(nil).UpdateCustomResource), item) +} + +// UpdateCustomResourceRaw mocks base method +func (m *MockCustomResourceClient) UpdateCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateCustomResourceRaw", apiGroup, version, namespace, resourceKind, resourceName, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// UpdateCustomResourceRaw indicates an expected call of UpdateCustomResourceRaw +func (mr *MockCustomResourceClientMockRecorder) UpdateCustomResourceRaw(apiGroup, version, namespace, resourceKind, resourceName, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateCustomResourceRaw", reflect.TypeOf((*MockCustomResourceClient)(nil).UpdateCustomResourceRaw), apiGroup, version, namespace, resourceKind, resourceName, data) +} + +// CreateOrUpdateCustomeResourceRaw mocks base method +func (m *MockCustomResourceClient) CreateOrUpdateCustomeResourceRaw(apiGroup, version, namespace, resourceKind, resourceName string, data []byte) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateOrUpdateCustomeResourceRaw", apiGroup, version, namespace, resourceKind, resourceName, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// CreateOrUpdateCustomeResourceRaw indicates an expected call of CreateOrUpdateCustomeResourceRaw +func (mr *MockCustomResourceClientMockRecorder) CreateOrUpdateCustomeResourceRaw(apiGroup, version, namespace, resourceKind, resourceName, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateOrUpdateCustomeResourceRaw", reflect.TypeOf((*MockCustomResourceClient)(nil).CreateOrUpdateCustomeResourceRaw), apiGroup, version, namespace, resourceKind, resourceName, data) +} + +// DeleteCustomResource mocks base method +func (m *MockCustomResourceClient) DeleteCustomResource(apiGroup, version, namespace, resourceKind, resourceName string) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteCustomResource", apiGroup, version, namespace, resourceKind, resourceName) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteCustomResource indicates an expected call of DeleteCustomResource +func (mr *MockCustomResourceClientMockRecorder) DeleteCustomResource(apiGroup, version, namespace, resourceKind, resourceName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteCustomResource", reflect.TypeOf((*MockCustomResourceClient)(nil).DeleteCustomResource), apiGroup, version, namespace, resourceKind, resourceName) +} + +// AtomicModifyCustomResource mocks base method +func (m *MockCustomResourceClient) AtomicModifyCustomResource(apiGroup, version, namespace, resourceKind, resourceName string, f operatorclient.CustomResourceModifier, data interface{}) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AtomicModifyCustomResource", apiGroup, version, namespace, resourceKind, resourceName, f, data) + ret0, _ := ret[0].(error) + return ret0 +} + +// AtomicModifyCustomResource indicates an expected call of AtomicModifyCustomResource +func (mr *MockCustomResourceClientMockRecorder) AtomicModifyCustomResource(apiGroup, version, namespace, resourceKind, resourceName, f, data interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AtomicModifyCustomResource", reflect.TypeOf((*MockCustomResourceClient)(nil).AtomicModifyCustomResource), apiGroup, version, namespace, resourceKind, resourceName, f, data) +} + +// ListCustomResource mocks base method +func (m *MockCustomResourceClient) ListCustomResource(apiGroup, version, namespace, resourceKind string) (*operatorclient.CustomResourceList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListCustomResource", apiGroup, version, namespace, resourceKind) + ret0, _ := ret[0].(*operatorclient.CustomResourceList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListCustomResource indicates an expected call of ListCustomResource +func (mr *MockCustomResourceClientMockRecorder) ListCustomResource(apiGroup, version, namespace, resourceKind interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListCustomResource", reflect.TypeOf((*MockCustomResourceClient)(nil).ListCustomResource), apiGroup, version, namespace, resourceKind) +} + +// MockAPIServiceClient is a mock of APIServiceClient interface +type MockAPIServiceClient struct { + ctrl *gomock.Controller + recorder *MockAPIServiceClientMockRecorder +} + +// MockAPIServiceClientMockRecorder is the mock recorder for MockAPIServiceClient +type MockAPIServiceClientMockRecorder struct { + mock *MockAPIServiceClient +} + +// NewMockAPIServiceClient creates a new mock instance +func NewMockAPIServiceClient(ctrl *gomock.Controller) *MockAPIServiceClient { + mock := &MockAPIServiceClient{ctrl: ctrl} + mock.recorder = &MockAPIServiceClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockAPIServiceClient) EXPECT() *MockAPIServiceClientMockRecorder { + return m.recorder +} + +// CreateAPIService mocks base method +func (m *MockAPIServiceClient) CreateAPIService(arg0 *v13.APIService) (*v13.APIService, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateAPIService", arg0) + ret0, _ := ret[0].(*v13.APIService) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateAPIService indicates an expected call of CreateAPIService +func (mr *MockAPIServiceClientMockRecorder) CreateAPIService(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateAPIService", reflect.TypeOf((*MockAPIServiceClient)(nil).CreateAPIService), arg0) +} + +// GetAPIService mocks base method +func (m *MockAPIServiceClient) GetAPIService(name string) (*v13.APIService, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetAPIService", name) + ret0, _ := ret[0].(*v13.APIService) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetAPIService indicates an expected call of GetAPIService +func (mr *MockAPIServiceClientMockRecorder) GetAPIService(name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAPIService", reflect.TypeOf((*MockAPIServiceClient)(nil).GetAPIService), name) +} + +// UpdateAPIService mocks base method +func (m *MockAPIServiceClient) UpdateAPIService(modified *v13.APIService) (*v13.APIService, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateAPIService", modified) + ret0, _ := ret[0].(*v13.APIService) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateAPIService indicates an expected call of UpdateAPIService +func (mr *MockAPIServiceClientMockRecorder) UpdateAPIService(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateAPIService", reflect.TypeOf((*MockAPIServiceClient)(nil).UpdateAPIService), modified) +} + +// DeleteAPIService mocks base method +func (m *MockAPIServiceClient) DeleteAPIService(name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteAPIService", name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteAPIService indicates an expected call of DeleteAPIService +func (mr *MockAPIServiceClientMockRecorder) DeleteAPIService(name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteAPIService", reflect.TypeOf((*MockAPIServiceClient)(nil).DeleteAPIService), name, options) +} + +// MockSecretClient is a mock of SecretClient interface +type MockSecretClient struct { + ctrl *gomock.Controller + recorder *MockSecretClientMockRecorder +} + +// MockSecretClientMockRecorder is the mock recorder for MockSecretClient +type MockSecretClientMockRecorder struct { + mock *MockSecretClient +} + +// NewMockSecretClient creates a new mock instance +func NewMockSecretClient(ctrl *gomock.Controller) *MockSecretClient { + mock := &MockSecretClient{ctrl: ctrl} + mock.recorder = &MockSecretClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockSecretClient) EXPECT() *MockSecretClientMockRecorder { + return m.recorder +} + +// CreateSecret mocks base method +func (m *MockSecretClient) CreateSecret(arg0 *v10.Secret) (*v10.Secret, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateSecret", arg0) + ret0, _ := ret[0].(*v10.Secret) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateSecret indicates an expected call of CreateSecret +func (mr *MockSecretClientMockRecorder) CreateSecret(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateSecret", reflect.TypeOf((*MockSecretClient)(nil).CreateSecret), arg0) +} + +// GetSecret mocks base method +func (m *MockSecretClient) GetSecret(namespace, name string) (*v10.Secret, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetSecret", namespace, name) + ret0, _ := ret[0].(*v10.Secret) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetSecret indicates an expected call of GetSecret +func (mr *MockSecretClientMockRecorder) GetSecret(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSecret", reflect.TypeOf((*MockSecretClient)(nil).GetSecret), namespace, name) +} + +// UpdateSecret mocks base method +func (m *MockSecretClient) UpdateSecret(modified *v10.Secret) (*v10.Secret, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateSecret", modified) + ret0, _ := ret[0].(*v10.Secret) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateSecret indicates an expected call of UpdateSecret +func (mr *MockSecretClientMockRecorder) UpdateSecret(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateSecret", reflect.TypeOf((*MockSecretClient)(nil).UpdateSecret), modified) +} + +// DeleteSecret mocks base method +func (m *MockSecretClient) DeleteSecret(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteSecret", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteSecret indicates an expected call of DeleteSecret +func (mr *MockSecretClientMockRecorder) DeleteSecret(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteSecret", reflect.TypeOf((*MockSecretClient)(nil).DeleteSecret), namespace, name, options) +} + +// MockServiceClient is a mock of ServiceClient interface +type MockServiceClient struct { + ctrl *gomock.Controller + recorder *MockServiceClientMockRecorder +} + +// MockServiceClientMockRecorder is the mock recorder for MockServiceClient +type MockServiceClientMockRecorder struct { + mock *MockServiceClient +} + +// NewMockServiceClient creates a new mock instance +func NewMockServiceClient(ctrl *gomock.Controller) *MockServiceClient { + mock := &MockServiceClient{ctrl: ctrl} + mock.recorder = &MockServiceClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockServiceClient) EXPECT() *MockServiceClientMockRecorder { + return m.recorder +} + +// CreateService mocks base method +func (m *MockServiceClient) CreateService(arg0 *v10.Service) (*v10.Service, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateService", arg0) + ret0, _ := ret[0].(*v10.Service) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateService indicates an expected call of CreateService +func (mr *MockServiceClientMockRecorder) CreateService(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateService", reflect.TypeOf((*MockServiceClient)(nil).CreateService), arg0) +} + +// GetService mocks base method +func (m *MockServiceClient) GetService(namespace, name string) (*v10.Service, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetService", namespace, name) + ret0, _ := ret[0].(*v10.Service) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetService indicates an expected call of GetService +func (mr *MockServiceClientMockRecorder) GetService(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetService", reflect.TypeOf((*MockServiceClient)(nil).GetService), namespace, name) +} + +// UpdateService mocks base method +func (m *MockServiceClient) UpdateService(modified *v10.Service) (*v10.Service, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateService", modified) + ret0, _ := ret[0].(*v10.Service) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateService indicates an expected call of UpdateService +func (mr *MockServiceClientMockRecorder) UpdateService(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateService", reflect.TypeOf((*MockServiceClient)(nil).UpdateService), modified) +} + +// DeleteService mocks base method +func (m *MockServiceClient) DeleteService(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteService", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteService indicates an expected call of DeleteService +func (mr *MockServiceClientMockRecorder) DeleteService(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteService", reflect.TypeOf((*MockServiceClient)(nil).DeleteService), namespace, name, options) +} + +// MockServiceAccountClient is a mock of ServiceAccountClient interface +type MockServiceAccountClient struct { + ctrl *gomock.Controller + recorder *MockServiceAccountClientMockRecorder +} + +// MockServiceAccountClientMockRecorder is the mock recorder for MockServiceAccountClient +type MockServiceAccountClientMockRecorder struct { + mock *MockServiceAccountClient +} + +// NewMockServiceAccountClient creates a new mock instance +func NewMockServiceAccountClient(ctrl *gomock.Controller) *MockServiceAccountClient { + mock := &MockServiceAccountClient{ctrl: ctrl} + mock.recorder = &MockServiceAccountClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockServiceAccountClient) EXPECT() *MockServiceAccountClientMockRecorder { + return m.recorder +} + +// CreateServiceAccount mocks base method +func (m *MockServiceAccountClient) CreateServiceAccount(arg0 *v10.ServiceAccount) (*v10.ServiceAccount, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateServiceAccount", arg0) + ret0, _ := ret[0].(*v10.ServiceAccount) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateServiceAccount indicates an expected call of CreateServiceAccount +func (mr *MockServiceAccountClientMockRecorder) CreateServiceAccount(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateServiceAccount", reflect.TypeOf((*MockServiceAccountClient)(nil).CreateServiceAccount), arg0) +} + +// GetServiceAccount mocks base method +func (m *MockServiceAccountClient) GetServiceAccount(namespace, name string) (*v10.ServiceAccount, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetServiceAccount", namespace, name) + ret0, _ := ret[0].(*v10.ServiceAccount) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetServiceAccount indicates an expected call of GetServiceAccount +func (mr *MockServiceAccountClientMockRecorder) GetServiceAccount(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetServiceAccount", reflect.TypeOf((*MockServiceAccountClient)(nil).GetServiceAccount), namespace, name) +} + +// UpdateServiceAccount mocks base method +func (m *MockServiceAccountClient) UpdateServiceAccount(modified *v10.ServiceAccount) (*v10.ServiceAccount, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateServiceAccount", modified) + ret0, _ := ret[0].(*v10.ServiceAccount) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateServiceAccount indicates an expected call of UpdateServiceAccount +func (mr *MockServiceAccountClientMockRecorder) UpdateServiceAccount(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateServiceAccount", reflect.TypeOf((*MockServiceAccountClient)(nil).UpdateServiceAccount), modified) +} + +// DeleteServiceAccount mocks base method +func (m *MockServiceAccountClient) DeleteServiceAccount(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteServiceAccount", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteServiceAccount indicates an expected call of DeleteServiceAccount +func (mr *MockServiceAccountClientMockRecorder) DeleteServiceAccount(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteServiceAccount", reflect.TypeOf((*MockServiceAccountClient)(nil).DeleteServiceAccount), namespace, name, options) +} + +// MockRoleClient is a mock of RoleClient interface +type MockRoleClient struct { + ctrl *gomock.Controller + recorder *MockRoleClientMockRecorder +} + +// MockRoleClientMockRecorder is the mock recorder for MockRoleClient +type MockRoleClientMockRecorder struct { + mock *MockRoleClient +} + +// NewMockRoleClient creates a new mock instance +func NewMockRoleClient(ctrl *gomock.Controller) *MockRoleClient { + mock := &MockRoleClient{ctrl: ctrl} + mock.recorder = &MockRoleClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockRoleClient) EXPECT() *MockRoleClientMockRecorder { + return m.recorder +} + +// CreateRole mocks base method +func (m *MockRoleClient) CreateRole(arg0 *v11.Role) (*v11.Role, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateRole", arg0) + ret0, _ := ret[0].(*v11.Role) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateRole indicates an expected call of CreateRole +func (mr *MockRoleClientMockRecorder) CreateRole(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateRole", reflect.TypeOf((*MockRoleClient)(nil).CreateRole), arg0) +} + +// GetRole mocks base method +func (m *MockRoleClient) GetRole(namespace, name string) (*v11.Role, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetRole", namespace, name) + ret0, _ := ret[0].(*v11.Role) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetRole indicates an expected call of GetRole +func (mr *MockRoleClientMockRecorder) GetRole(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetRole", reflect.TypeOf((*MockRoleClient)(nil).GetRole), namespace, name) +} + +// UpdateRole mocks base method +func (m *MockRoleClient) UpdateRole(modified *v11.Role) (*v11.Role, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateRole", modified) + ret0, _ := ret[0].(*v11.Role) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateRole indicates an expected call of UpdateRole +func (mr *MockRoleClientMockRecorder) UpdateRole(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateRole", reflect.TypeOf((*MockRoleClient)(nil).UpdateRole), modified) +} + +// DeleteRole mocks base method +func (m *MockRoleClient) DeleteRole(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteRole", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteRole indicates an expected call of DeleteRole +func (mr *MockRoleClientMockRecorder) DeleteRole(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteRole", reflect.TypeOf((*MockRoleClient)(nil).DeleteRole), namespace, name, options) +} + +// MockRoleBindingClient is a mock of RoleBindingClient interface +type MockRoleBindingClient struct { + ctrl *gomock.Controller + recorder *MockRoleBindingClientMockRecorder +} + +// MockRoleBindingClientMockRecorder is the mock recorder for MockRoleBindingClient +type MockRoleBindingClientMockRecorder struct { + mock *MockRoleBindingClient +} + +// NewMockRoleBindingClient creates a new mock instance +func NewMockRoleBindingClient(ctrl *gomock.Controller) *MockRoleBindingClient { + mock := &MockRoleBindingClient{ctrl: ctrl} + mock.recorder = &MockRoleBindingClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockRoleBindingClient) EXPECT() *MockRoleBindingClientMockRecorder { + return m.recorder +} + +// CreateRoleBinding mocks base method +func (m *MockRoleBindingClient) CreateRoleBinding(arg0 *v11.RoleBinding) (*v11.RoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateRoleBinding", arg0) + ret0, _ := ret[0].(*v11.RoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateRoleBinding indicates an expected call of CreateRoleBinding +func (mr *MockRoleBindingClientMockRecorder) CreateRoleBinding(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateRoleBinding", reflect.TypeOf((*MockRoleBindingClient)(nil).CreateRoleBinding), arg0) +} + +// GetRoleBinding mocks base method +func (m *MockRoleBindingClient) GetRoleBinding(namespace, name string) (*v11.RoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetRoleBinding", namespace, name) + ret0, _ := ret[0].(*v11.RoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetRoleBinding indicates an expected call of GetRoleBinding +func (mr *MockRoleBindingClientMockRecorder) GetRoleBinding(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetRoleBinding", reflect.TypeOf((*MockRoleBindingClient)(nil).GetRoleBinding), namespace, name) +} + +// UpdateRoleBinding mocks base method +func (m *MockRoleBindingClient) UpdateRoleBinding(modified *v11.RoleBinding) (*v11.RoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateRoleBinding", modified) + ret0, _ := ret[0].(*v11.RoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateRoleBinding indicates an expected call of UpdateRoleBinding +func (mr *MockRoleBindingClientMockRecorder) UpdateRoleBinding(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateRoleBinding", reflect.TypeOf((*MockRoleBindingClient)(nil).UpdateRoleBinding), modified) +} + +// DeleteRoleBinding mocks base method +func (m *MockRoleBindingClient) DeleteRoleBinding(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteRoleBinding", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteRoleBinding indicates an expected call of DeleteRoleBinding +func (mr *MockRoleBindingClientMockRecorder) DeleteRoleBinding(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteRoleBinding", reflect.TypeOf((*MockRoleBindingClient)(nil).DeleteRoleBinding), namespace, name, options) +} + +// MockClusterRoleClient is a mock of ClusterRoleClient interface +type MockClusterRoleClient struct { + ctrl *gomock.Controller + recorder *MockClusterRoleClientMockRecorder +} + +// MockClusterRoleClientMockRecorder is the mock recorder for MockClusterRoleClient +type MockClusterRoleClientMockRecorder struct { + mock *MockClusterRoleClient +} + +// NewMockClusterRoleClient creates a new mock instance +func NewMockClusterRoleClient(ctrl *gomock.Controller) *MockClusterRoleClient { + mock := &MockClusterRoleClient{ctrl: ctrl} + mock.recorder = &MockClusterRoleClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockClusterRoleClient) EXPECT() *MockClusterRoleClientMockRecorder { + return m.recorder +} + +// CreateClusterRole mocks base method +func (m *MockClusterRoleClient) CreateClusterRole(arg0 *v11.ClusterRole) (*v11.ClusterRole, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateClusterRole", arg0) + ret0, _ := ret[0].(*v11.ClusterRole) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateClusterRole indicates an expected call of CreateClusterRole +func (mr *MockClusterRoleClientMockRecorder) CreateClusterRole(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateClusterRole", reflect.TypeOf((*MockClusterRoleClient)(nil).CreateClusterRole), arg0) +} + +// GetClusterRole mocks base method +func (m *MockClusterRoleClient) GetClusterRole(name string) (*v11.ClusterRole, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetClusterRole", name) + ret0, _ := ret[0].(*v11.ClusterRole) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetClusterRole indicates an expected call of GetClusterRole +func (mr *MockClusterRoleClientMockRecorder) GetClusterRole(name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClusterRole", reflect.TypeOf((*MockClusterRoleClient)(nil).GetClusterRole), name) +} + +// UpdateClusterRole mocks base method +func (m *MockClusterRoleClient) UpdateClusterRole(modified *v11.ClusterRole) (*v11.ClusterRole, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateClusterRole", modified) + ret0, _ := ret[0].(*v11.ClusterRole) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateClusterRole indicates an expected call of UpdateClusterRole +func (mr *MockClusterRoleClientMockRecorder) UpdateClusterRole(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateClusterRole", reflect.TypeOf((*MockClusterRoleClient)(nil).UpdateClusterRole), modified) +} + +// DeleteClusterRole mocks base method +func (m *MockClusterRoleClient) DeleteClusterRole(name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteClusterRole", name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteClusterRole indicates an expected call of DeleteClusterRole +func (mr *MockClusterRoleClientMockRecorder) DeleteClusterRole(name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteClusterRole", reflect.TypeOf((*MockClusterRoleClient)(nil).DeleteClusterRole), name, options) +} + +// MockClusterRoleBindingClient is a mock of ClusterRoleBindingClient interface +type MockClusterRoleBindingClient struct { + ctrl *gomock.Controller + recorder *MockClusterRoleBindingClientMockRecorder +} + +// MockClusterRoleBindingClientMockRecorder is the mock recorder for MockClusterRoleBindingClient +type MockClusterRoleBindingClientMockRecorder struct { + mock *MockClusterRoleBindingClient +} + +// NewMockClusterRoleBindingClient creates a new mock instance +func NewMockClusterRoleBindingClient(ctrl *gomock.Controller) *MockClusterRoleBindingClient { + mock := &MockClusterRoleBindingClient{ctrl: ctrl} + mock.recorder = &MockClusterRoleBindingClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockClusterRoleBindingClient) EXPECT() *MockClusterRoleBindingClientMockRecorder { + return m.recorder +} + +// CreateClusterRoleBinding mocks base method +func (m *MockClusterRoleBindingClient) CreateClusterRoleBinding(arg0 *v11.ClusterRoleBinding) (*v11.ClusterRoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateClusterRoleBinding", arg0) + ret0, _ := ret[0].(*v11.ClusterRoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateClusterRoleBinding indicates an expected call of CreateClusterRoleBinding +func (mr *MockClusterRoleBindingClientMockRecorder) CreateClusterRoleBinding(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateClusterRoleBinding", reflect.TypeOf((*MockClusterRoleBindingClient)(nil).CreateClusterRoleBinding), arg0) +} + +// GetClusterRoleBinding mocks base method +func (m *MockClusterRoleBindingClient) GetClusterRoleBinding(name string) (*v11.ClusterRoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetClusterRoleBinding", name) + ret0, _ := ret[0].(*v11.ClusterRoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetClusterRoleBinding indicates an expected call of GetClusterRoleBinding +func (mr *MockClusterRoleBindingClientMockRecorder) GetClusterRoleBinding(name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClusterRoleBinding", reflect.TypeOf((*MockClusterRoleBindingClient)(nil).GetClusterRoleBinding), name) +} + +// UpdateClusterRoleBinding mocks base method +func (m *MockClusterRoleBindingClient) UpdateClusterRoleBinding(modified *v11.ClusterRoleBinding) (*v11.ClusterRoleBinding, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateClusterRoleBinding", modified) + ret0, _ := ret[0].(*v11.ClusterRoleBinding) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateClusterRoleBinding indicates an expected call of UpdateClusterRoleBinding +func (mr *MockClusterRoleBindingClientMockRecorder) UpdateClusterRoleBinding(modified interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateClusterRoleBinding", reflect.TypeOf((*MockClusterRoleBindingClient)(nil).UpdateClusterRoleBinding), modified) +} + +// DeleteClusterRoleBinding mocks base method +func (m *MockClusterRoleBindingClient) DeleteClusterRoleBinding(name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteClusterRoleBinding", name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteClusterRoleBinding indicates an expected call of DeleteClusterRoleBinding +func (mr *MockClusterRoleBindingClientMockRecorder) DeleteClusterRoleBinding(name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteClusterRoleBinding", reflect.TypeOf((*MockClusterRoleBindingClient)(nil).DeleteClusterRoleBinding), name, options) +} + +// MockDeploymentClient is a mock of DeploymentClient interface +type MockDeploymentClient struct { + ctrl *gomock.Controller + recorder *MockDeploymentClientMockRecorder +} + +// MockDeploymentClientMockRecorder is the mock recorder for MockDeploymentClient +type MockDeploymentClientMockRecorder struct { + mock *MockDeploymentClient +} + +// NewMockDeploymentClient creates a new mock instance +func NewMockDeploymentClient(ctrl *gomock.Controller) *MockDeploymentClient { + mock := &MockDeploymentClient{ctrl: ctrl} + mock.recorder = &MockDeploymentClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use +func (m *MockDeploymentClient) EXPECT() *MockDeploymentClientMockRecorder { + return m.recorder +} + +// GetDeployment mocks base method +func (m *MockDeploymentClient) GetDeployment(namespace, name string) (*v1.Deployment, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetDeployment", namespace, name) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetDeployment indicates an expected call of GetDeployment +func (mr *MockDeploymentClientMockRecorder) GetDeployment(namespace, name interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).GetDeployment), namespace, name) +} + +// CreateDeployment mocks base method +func (m *MockDeploymentClient) CreateDeployment(arg0 *v1.Deployment) (*v1.Deployment, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateDeployment indicates an expected call of CreateDeployment +func (mr *MockDeploymentClientMockRecorder) CreateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).CreateDeployment), arg0) +} + +// DeleteDeployment mocks base method +func (m *MockDeploymentClient) DeleteDeployment(namespace, name string, options *v12.DeleteOptions) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteDeployment", namespace, name, options) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteDeployment indicates an expected call of DeleteDeployment +func (mr *MockDeploymentClientMockRecorder) DeleteDeployment(namespace, name, options interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).DeleteDeployment), namespace, name, options) +} + +// UpdateDeployment mocks base method +func (m *MockDeploymentClient) UpdateDeployment(arg0 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// UpdateDeployment indicates an expected call of UpdateDeployment +func (mr *MockDeploymentClientMockRecorder) UpdateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).UpdateDeployment), arg0) +} + +// PatchDeployment mocks base method +func (m *MockDeploymentClient) PatchDeployment(arg0, arg1 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "PatchDeployment", arg0, arg1) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// PatchDeployment indicates an expected call of PatchDeployment +func (mr *MockDeploymentClientMockRecorder) PatchDeployment(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "PatchDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).PatchDeployment), arg0, arg1) +} + +// RollingUpdateDeployment mocks base method +func (m *MockDeploymentClient) RollingUpdateDeployment(arg0 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingUpdateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingUpdateDeployment indicates an expected call of RollingUpdateDeployment +func (mr *MockDeploymentClientMockRecorder) RollingUpdateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingUpdateDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).RollingUpdateDeployment), arg0) +} + +// RollingPatchDeployment mocks base method +func (m *MockDeploymentClient) RollingPatchDeployment(arg0, arg1 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingPatchDeployment", arg0, arg1) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingPatchDeployment indicates an expected call of RollingPatchDeployment +func (mr *MockDeploymentClientMockRecorder) RollingPatchDeployment(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingPatchDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).RollingPatchDeployment), arg0, arg1) +} + +// RollingUpdateDeploymentMigrations mocks base method +func (m *MockDeploymentClient) RollingUpdateDeploymentMigrations(namespace, name string, f operatorclient.UpdateFunction) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingUpdateDeploymentMigrations", namespace, name, f) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingUpdateDeploymentMigrations indicates an expected call of RollingUpdateDeploymentMigrations +func (mr *MockDeploymentClientMockRecorder) RollingUpdateDeploymentMigrations(namespace, name, f interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingUpdateDeploymentMigrations", reflect.TypeOf((*MockDeploymentClient)(nil).RollingUpdateDeploymentMigrations), namespace, name, f) +} + +// RollingPatchDeploymentMigrations mocks base method +func (m *MockDeploymentClient) RollingPatchDeploymentMigrations(namespace, name string, f operatorclient.PatchFunction) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RollingPatchDeploymentMigrations", namespace, name, f) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// RollingPatchDeploymentMigrations indicates an expected call of RollingPatchDeploymentMigrations +func (mr *MockDeploymentClientMockRecorder) RollingPatchDeploymentMigrations(namespace, name, f interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RollingPatchDeploymentMigrations", reflect.TypeOf((*MockDeploymentClient)(nil).RollingPatchDeploymentMigrations), namespace, name, f) +} + +// CreateOrRollingUpdateDeployment mocks base method +func (m *MockDeploymentClient) CreateOrRollingUpdateDeployment(arg0 *v1.Deployment) (*v1.Deployment, bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateOrRollingUpdateDeployment", arg0) + ret0, _ := ret[0].(*v1.Deployment) + ret1, _ := ret[1].(bool) + ret2, _ := ret[2].(error) + return ret0, ret1, ret2 +} + +// CreateOrRollingUpdateDeployment indicates an expected call of CreateOrRollingUpdateDeployment +func (mr *MockDeploymentClientMockRecorder) CreateOrRollingUpdateDeployment(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateOrRollingUpdateDeployment", reflect.TypeOf((*MockDeploymentClient)(nil).CreateOrRollingUpdateDeployment), arg0) +} + +// ListDeploymentsWithLabels mocks base method +func (m *MockDeploymentClient) ListDeploymentsWithLabels(namespace string, labels labels.Set) (*v1.DeploymentList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListDeploymentsWithLabels", namespace, labels) + ret0, _ := ret[0].(*v1.DeploymentList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListDeploymentsWithLabels indicates an expected call of ListDeploymentsWithLabels +func (mr *MockDeploymentClientMockRecorder) ListDeploymentsWithLabels(namespace, labels interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListDeploymentsWithLabels", reflect.TypeOf((*MockDeploymentClient)(nil).ListDeploymentsWithLabels), namespace, labels) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/patch.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/patch.go new file mode 100644 index 000000000..6c9881fc2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/patch.go @@ -0,0 +1,367 @@ +package operatorclient + +import ( + "encoding/json" + "fmt" + + appsv1 "k8s.io/api/apps/v1" + v1 "k8s.io/api/core/v1" + extensionsv1beta1 "k8s.io/api/extensions/v1beta1" + v1beta1ext "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/strategicpatch" +) + +// UpdateFunction defines a function that updates an object in an Update* function. The function +// provides the current instance of the object retrieved from the apiserver. The function should +// return the updated object to be applied. +type UpdateFunction func(current metav1.Object) (metav1.Object, error) + +// Update returns a default UpdateFunction implementation that passes its argument through to the +// Update* function directly, ignoring the current object. +// +// Example usage: +// +// client.UpdateDaemonSet(namespace, name, types.Update(obj)) +func Update(obj metav1.Object) UpdateFunction { + return func(_ metav1.Object) (metav1.Object, error) { + return obj, nil + } +} + +// PatchFunction defines a function that is used to provide patch objects for a 3-way merge. The +// function provides the current instance of the object retrieved from the apiserver. The function +// should return the "original" and "modified" objects (in that order) for 3-way patch computation. +type PatchFunction func(current metav1.Object) (metav1.Object, metav1.Object, error) + +// Patch returns a default PatchFunction implementation that passes its arguments through to the +// patcher directly, ignoring the current object. +// +// Example usage: +// +// client.PatchDaemonSet(namespace, name, types.Patch(original, current)) +func Patch(original metav1.Object, modified metav1.Object) PatchFunction { + return func(_ metav1.Object) (metav1.Object, metav1.Object, error) { + return original, modified, nil + } +} + +// updateToPatch wraps an UpdateFunction as a PatchFunction. +func updateToPatch(f UpdateFunction) PatchFunction { + return func(obj metav1.Object) (metav1.Object, metav1.Object, error) { + obj, err := f(obj) + return nil, obj, err + } +} + +func createPatch(original, modified runtime.Object) ([]byte, error) { + originalData, err := json.Marshal(original) + if err != nil { + return nil, err + } + modifiedData, err := json.Marshal(modified) + if err != nil { + return nil, err + } + return strategicpatch.CreateTwoWayMergePatch(originalData, modifiedData, original) +} + +func createThreeWayMergePatchPreservingCommands(original, modified, current runtime.Object) ([]byte, error) { + var datastruct runtime.Object + switch { + case original != nil: + datastruct = original + case modified != nil: + datastruct = modified + case current != nil: + datastruct = current + default: + return nil, nil // A 3-way merge of `nil`s is `nil`. + } + patchMeta, err := strategicpatch.NewPatchMetaFromStruct(datastruct) + if err != nil { + return nil, err + } + + // Create normalized clones of objects. + original, err = cloneAndNormalizeObject(original) + if err != nil { + return nil, err + } + modified, err = cloneAndNormalizeObject(modified) + if err != nil { + return nil, err + } + current, err = cloneAndNormalizeObject(current) + if err != nil { + return nil, err + } + // Perform 3-way merge of annotations and labels. + if err := mergeAnnotationsAndLabels(original, modified, current); err != nil { + return nil, err + } + // Construct 3-way JSON merge patch. + originalData, err := json.Marshal(original) + if err != nil { + return nil, err + } + modifiedData, err := json.Marshal(modified) + if err != nil { + return nil, err + } + currentData, err := json.Marshal(current) + if err != nil { + return nil, err + } + return strategicpatch.CreateThreeWayMergePatch(originalData, modifiedData, currentData, patchMeta, false /* overwrite */) +} + +func cloneAndNormalizeObject(obj runtime.Object) (runtime.Object, error) { + if obj == nil { + return obj, nil + } + + // Clone the object since it will be modified. + obj = obj.DeepCopyObject() + switch obj := obj.(type) { + case *appsv1.DaemonSet: + if obj != nil { + // These are only extracted from current; should not be considered for diffs. + obj.ObjectMeta.ResourceVersion = "" + obj.ObjectMeta.CreationTimestamp = metav1.Time{} + obj.Status = appsv1.DaemonSetStatus{} + } + case *appsv1.Deployment: + if obj != nil { + // These are only extracted from current; should not be considered for diffs. + obj.ObjectMeta.ResourceVersion = "" + obj.ObjectMeta.CreationTimestamp = metav1.Time{} + obj.Status = appsv1.DeploymentStatus{} + } + case *v1.Service: + if obj != nil { + // These are only extracted from current; should not be considered for diffs. + obj.ObjectMeta.ResourceVersion = "" + obj.ObjectMeta.CreationTimestamp = metav1.Time{} + obj.Status = v1.ServiceStatus{} + // ClusterIP for service is immutable, so cannot patch. + obj.Spec.ClusterIP = "" + } + case *extensionsv1beta1.Ingress: + if obj != nil { + // These are only extracted from current; should not be considered for diffs. + obj.ObjectMeta.ResourceVersion = "" + obj.ObjectMeta.CreationTimestamp = metav1.Time{} + obj.Status = extensionsv1beta1.IngressStatus{} + } + case *v1beta1ext.CustomResourceDefinition: + if obj != nil { + // These are only extracted from current; should not be considered for diffs. + obj.ObjectMeta.ResourceVersion = "" + obj.ObjectMeta.CreationTimestamp = metav1.Time{} + obj.ObjectMeta.SelfLink = "" + obj.ObjectMeta.UID = "" + obj.Status = v1beta1ext.CustomResourceDefinitionStatus{} + } + default: + return nil, fmt.Errorf("unhandled type: %T", obj) + } + return obj, nil +} + +// mergeAnnotationsAndLabels performs a 3-way merge of all annotations and labels using custom +// 3-way merge logic defined in mergeMaps() below. +func mergeAnnotationsAndLabels(original, modified, current runtime.Object) error { + if original == nil || modified == nil || current == nil { + return nil + } + + accessor := meta.NewAccessor() + if err := mergeMaps(original, modified, current, accessor.Annotations, accessor.SetAnnotations); err != nil { + return err + } + if err := mergeMaps(original, modified, current, accessor.Labels, accessor.SetLabels); err != nil { + return err + } + + switch current := current.(type) { + case *appsv1.DaemonSet: + getter := func(obj runtime.Object) (map[string]string, error) { + return obj.(*appsv1.DaemonSet).Spec.Template.Annotations, nil + } + setter := func(obj runtime.Object, val map[string]string) error { + obj.(*appsv1.DaemonSet).Spec.Template.Annotations = val + return nil + } + if err := mergeMaps(original, modified, current, getter, setter); err != nil { + return err + } + getter = func(obj runtime.Object) (map[string]string, error) { + return obj.(*appsv1.DaemonSet).Spec.Template.Labels, nil + } + setter = func(obj runtime.Object, val map[string]string) error { + obj.(*appsv1.DaemonSet).Spec.Template.Labels = val + return nil + } + if err := mergeMaps(original, modified, current, getter, setter); err != nil { + return err + } + case *appsv1.Deployment: + getter := func(obj runtime.Object) (map[string]string, error) { + return obj.(*appsv1.Deployment).Spec.Template.Annotations, nil + } + setter := func(obj runtime.Object, val map[string]string) error { + obj.(*appsv1.Deployment).Spec.Template.Annotations = val + return nil + } + if err := mergeMaps(original, modified, current, getter, setter); err != nil { + return err + } + getter = func(obj runtime.Object) (map[string]string, error) { + return obj.(*appsv1.Deployment).Spec.Template.Labels, nil + } + setter = func(obj runtime.Object, val map[string]string) error { + obj.(*appsv1.Deployment).Spec.Template.Labels = val + return nil + } + if err := mergeMaps(original, modified, current, getter, setter); err != nil { + return err + } + } + return nil +} + +// mergeMaps creates a patch using createThreeWayMapPatch and if the patch is non-empty applies +// the patch to the input. The getter and setter are used to access the map inside the given +// objects. +func mergeMaps(original, modified, current runtime.Object, getter func(runtime.Object) (map[string]string, error), setter func(runtime.Object, map[string]string) error) error { + originalMap, err := getter(original) + if err != nil { + return err + } + modifiedMap, err := getter(modified) + if err != nil { + return err + } + currentMap, err := getter(current) + if err != nil { + return err + } + + patch, err := createThreeWayMapPatch(originalMap, modifiedMap, currentMap) + if err != nil { + return err + } + if len(patch) == 0 { + return nil // nothing to apply. + } + modifiedMap = applyMapPatch(originalMap, currentMap, patch) + + if err := setter(original, originalMap); err != nil { + return err + } + if err := setter(modified, modifiedMap); err != nil { + return err + } + return setter(current, currentMap) +} + +// applyMapPatch creates a copy of current and applies the three-way map patch to it. +func applyMapPatch(original, current map[string]string, patch map[string]interface{}) map[string]string { + merged := make(map[string]string, len(current)) + for k, v := range current { + merged[k] = v + } + for k, v := range patch { + if v == nil { + delete(merged, k) + } else { + merged[k] = v.(string) + if _, ok := current[k]; !ok { + // If we are re-adding something that may have already been in original then ensure it is + // removed from `original` to avoid a conflict in upstream patch code. + delete(original, k) + } + } + } + return merged +} + +// createThreeWayMapPatch constructs a 3-way patch between original, modified, and current. The +// patch contains only keys that are added, keys that are removed (with their values set to nil) or +// keys whose values are modified. Returns an error if there is a conflict for any key. +// +// The behavior is defined as follows: +// +// - If an item is present in modified, ensure it exists in current. +// - If an item is present in original and removed in modified, remove it from current. +// - If an item is present only in current, leave it as-is. +// +// This effectively "enforces" that all items present in modified are present in current, and all +// items deleted from original => modified are deleted in current. +// +// The following will cause a conflict: +// +// (1) An item was deleted from original => modified but modified from original => current. +// (2) An item was modified differently from original => modified and original => current. +func createThreeWayMapPatch(original, modified, current map[string]string) (map[string]interface{}, error) { + // Create union of keys. + keys := make(map[string]struct{}) + for k := range original { + keys[k] = struct{}{} + } + for k := range modified { + keys[k] = struct{}{} + } + for k := range current { + keys[k] = struct{}{} + } + + // Create patch according to rules. + patch := make(map[string]interface{}) + for k := range keys { + oVal, oOk := original[k] + mVal, mOk := modified[k] + cVal, cOk := current[k] + + switch { + case oOk && mOk && cOk: + // present in all three. + if mVal != cVal { + if oVal != cVal { + // conflict type 2: changed to different values in modified and current. + return nil, fmt.Errorf("conflict at key %v: original = %v, modified = %v, current = %v", k, oVal, mVal, cVal) + } + patch[k] = mVal + } + case !oOk && mOk && cOk: + // added in modified and current. + if mVal != cVal { + // conflict type 2: added different values in modified and current. + return nil, fmt.Errorf("conflict at key %v: original = , modified = %v, current = %v", k, mVal, cVal) + } + case oOk && !mOk && cOk: + // deleted in modified. + if oVal != cVal { + // conflict type 1: changed from original to current, removed in modified. + return nil, fmt.Errorf("conflict at key %v, original = %v, modified = , current = %v", k, oVal, cVal) + } + patch[k] = nil + case oOk && mOk && !cOk: + // deleted in current. + patch[k] = mVal + case !oOk && !mOk && cOk: + // only exists in current. + case !oOk && mOk && !cOk: + // added in modified. + patch[k] = mVal + case oOk && !mOk && !cOk: + // deleted in both modified and current. + case !oOk && !mOk && !cOk: + // unreachable. + } + } + return patch, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/role.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/role.go new file mode 100755 index 000000000..fc07d73ac --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/role.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" +) + +// CreateRole creates the role. +func (c *Client) CreateRole(r *rbacv1.Role) (*rbacv1.Role, error) { + return c.RbacV1().Roles(r.GetNamespace()).Create(r) +} + +// GetRole returns the existing role. +func (c *Client) GetRole(namespace, name string) (*rbacv1.Role, error) { + return c.RbacV1().Roles(namespace).Get(name, metav1.GetOptions{}) +} + +// DeleteRole deletes the role. +func (c *Client) DeleteRole(namespace, name string, options *metav1.DeleteOptions) error { + return c.RbacV1().Roles(namespace).Delete(name, options) +} + +// UpdateRole will update the given Role resource. +func (c *Client) UpdateRole(crb *rbacv1.Role) (*rbacv1.Role, error) { + glog.V(4).Infof("[UPDATE Role]: %s", crb.GetName()) + oldCrb, err := c.GetRole(crb.GetNamespace(), crb.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldCrb, crb) + if err != nil { + return nil, fmt.Errorf("error creating patch for Role: %v", err) + } + return c.RbacV1().Roles(crb.GetNamespace()).Patch(crb.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/rolebinding.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/rolebinding.go new file mode 100755 index 000000000..e9d084e85 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/rolebinding.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + rbacv1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" +) + +// CreateRoleBinding creates the roleBinding. +func (c *Client) CreateRoleBinding(ig *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) { + return c.RbacV1().RoleBindings(ig.GetNamespace()).Create(ig) +} + +// GetRoleBinding returns the existing roleBinding. +func (c *Client) GetRoleBinding(namespace, name string) (*rbacv1.RoleBinding, error) { + return c.RbacV1().RoleBindings(namespace).Get(name, metav1.GetOptions{}) +} + +// DeleteRoleBinding deletes the roleBinding. +func (c *Client) DeleteRoleBinding(namespace, name string, options *metav1.DeleteOptions) error { + return c.RbacV1().RoleBindings(namespace).Delete(name, options) +} + +// UpdateRoleBinding will update the given RoleBinding resource. +func (c *Client) UpdateRoleBinding(crb *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) { + glog.V(4).Infof("[UPDATE RoleBinding]: %s", crb.GetName()) + oldCrb, err := c.GetRoleBinding(crb.GetNamespace(), crb.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldCrb, crb) + if err != nil { + return nil, fmt.Errorf("error creating patch for RoleBinding: %v", err) + } + return c.RbacV1().RoleBindings(crb.GetNamespace()).Patch(crb.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/secret.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/secret.go new file mode 100644 index 000000000..e20d3d8b6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/secret.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" +) + +// CreateSecret creates the Secret. +func (c *Client) CreateSecret(ig *v1.Secret) (*v1.Secret, error) { + return c.CoreV1().Secrets(ig.GetNamespace()).Create(ig) +} + +// GetSecret returns the existing Secret. +func (c *Client) GetSecret(namespace, name string) (*v1.Secret, error) { + return c.CoreV1().Secrets(namespace).Get(name, metav1.GetOptions{}) +} + +// DeleteSecret deletes the Secret. +func (c *Client) DeleteSecret(namespace, name string, options *metav1.DeleteOptions) error { + return c.CoreV1().Secrets(namespace).Delete(name, options) +} + +// UpdateSecret will update the given Secret resource. +func (c *Client) UpdateSecret(secret *v1.Secret) (*v1.Secret, error) { + glog.V(4).Infof("[UPDATE Secret]: %s", secret.GetName()) + oldSa, err := c.GetSecret(secret.GetNamespace(), secret.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldSa, secret) + if err != nil { + return nil, fmt.Errorf("error creating patch for Secret: %v", err) + } + return c.CoreV1().Secrets(secret.GetNamespace()).Patch(secret.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/service.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/service.go new file mode 100644 index 000000000..4491233d7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/service.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" +) + +// CreateService creates the Service. +func (c *Client) CreateService(ig *v1.Service) (*v1.Service, error) { + return c.CoreV1().Services(ig.GetNamespace()).Create(ig) +} + +// GetService returns the existing Service. +func (c *Client) GetService(namespace, name string) (*v1.Service, error) { + return c.CoreV1().Services(namespace).Get(name, metav1.GetOptions{}) +} + +// DeleteService deletes the Service. +func (c *Client) DeleteService(namespace, name string, options *metav1.DeleteOptions) error { + return c.CoreV1().Services(namespace).Delete(name, options) +} + +// UpdateService will update the given Service resource. +func (c *Client) UpdateService(service *v1.Service) (*v1.Service, error) { + glog.V(4).Infof("[UPDATE Service]: %s", service.GetName()) + oldSa, err := c.GetService(service.GetNamespace(), service.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldSa, service) + if err != nil { + return nil, fmt.Errorf("error creating patch for Service: %v", err) + } + return c.CoreV1().Services(service.GetNamespace()).Patch(service.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/serviceaccount.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/serviceaccount.go new file mode 100644 index 000000000..8af9c5d2d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient/serviceaccount.go @@ -0,0 +1,39 @@ +package operatorclient + +import ( + "fmt" + + "github.com/golang/glog" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" +) + +// CreateServiceAccount creates the serviceAccount. +func (c *Client) CreateServiceAccount(ig *v1.ServiceAccount) (*v1.ServiceAccount, error) { + return c.CoreV1().ServiceAccounts(ig.GetNamespace()).Create(ig) +} + +// GetServiceAccount returns the existing serviceAccount. +func (c *Client) GetServiceAccount(namespace, name string) (*v1.ServiceAccount, error) { + return c.CoreV1().ServiceAccounts(namespace).Get(name, metav1.GetOptions{}) +} + +// DeleteServiceAccount deletes the serviceAccount. +func (c *Client) DeleteServiceAccount(namespace, name string, options *metav1.DeleteOptions) error { + return c.CoreV1().ServiceAccounts(namespace).Delete(name, options) +} + +// UpdateServiceAccount will update the given ServiceAccount resource. +func (c *Client) UpdateServiceAccount(sa *v1.ServiceAccount) (*v1.ServiceAccount, error) { + glog.V(4).Infof("[UPDATE ServiceAccount]: %s", sa.GetName()) + oldSa, err := c.GetServiceAccount(sa.GetNamespace(), sa.GetName()) + if err != nil { + return nil, err + } + patchBytes, err := createPatch(oldSa, sa) + if err != nil { + return nil, fmt.Errorf("error creating patch for ServiceAccount: %v", err) + } + return c.CoreV1().ServiceAccounts(sa.GetNamespace()).Patch(sa.GetName(), types.StrategicMergePatchType, patchBytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/apiservice.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/apiservice.go new file mode 100644 index 000000000..5de0879c2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/apiservice.go @@ -0,0 +1,55 @@ +package operatorlister + +import ( + "fmt" + "sync" + + "k8s.io/apimachinery/pkg/labels" + v1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" + aregv1 "k8s.io/kube-aggregator/pkg/client/listers/apiregistration/v1" +) + +// UnionAPIServiceLister is a custom implementation of an APIService lister that allows a new +// Lister to be registered on the fly +type UnionAPIServiceLister struct { + apiServiceLister aregv1.APIServiceLister + apiServiceLock sync.RWMutex +} + +// List lists all APIServices in the indexer. +func (ual *UnionAPIServiceLister) List(selector labels.Selector) (ret []*v1.APIService, err error) { + ual.apiServiceLock.RLock() + defer ual.apiServiceLock.RUnlock() + + if ual.apiServiceLister == nil { + return nil, fmt.Errorf("no apiService lister registered") + } + return ual.apiServiceLister.List(selector) +} + +// Get retrieves the APIService with the given name +func (ual *UnionAPIServiceLister) Get(name string) (*v1.APIService, error) { + ual.apiServiceLock.RLock() + defer ual.apiServiceLock.RUnlock() + + if ual.apiServiceLister == nil { + return nil, fmt.Errorf("no apiService lister registered") + } + return ual.apiServiceLister.Get(name) +} + +// RegisterAPIServiceLister registers a new APIServiceLister +func (ual *UnionAPIServiceLister) RegisterAPIServiceLister(lister aregv1.APIServiceLister) { + ual.apiServiceLock.Lock() + defer ual.apiServiceLock.Unlock() + + ual.apiServiceLister = lister +} + +func (l *apiRegistrationV1Lister) RegisterAPIServiceLister(lister aregv1.APIServiceLister) { + l.apiServiceLister.RegisterAPIServiceLister(lister) +} + +func (l *apiRegistrationV1Lister) APIServiceLister() aregv1.APIServiceLister { + return l.apiServiceLister +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/catalogsources.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/catalogsources.go new file mode 100644 index 000000000..683659540 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/catalogsources.go @@ -0,0 +1,96 @@ +package operatorlister + +import ( + "fmt" + "sync" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" +) + +type UnionCatalogSourceLister struct { + catsrcListers map[string]listers.CatalogSourceLister + catsrcLock sync.RWMutex +} + +// List lists all CatalogSources in the indexer. +func (ucl *UnionCatalogSourceLister) List(selector labels.Selector) (ret []*v1alpha1.CatalogSource, err error) { + ucl.catsrcLock.RLock() + defer ucl.catsrcLock.RUnlock() + + set := make(map[types.UID]*v1alpha1.CatalogSource) + for _, cl := range ucl.catsrcListers { + catsrcs, err := cl.List(selector) + if err != nil { + return nil, err + } + + for _, catsrc := range catsrcs { + set[catsrc.GetUID()] = catsrc + } + } + + for _, catsrc := range set { + ret = append(ret, catsrc) + } + + return +} + +// CatalogSources returns an object that can list and get CatalogSources. +func (ucl *UnionCatalogSourceLister) CatalogSources(namespace string) listers.CatalogSourceNamespaceLister { + ucl.catsrcLock.RLock() + defer ucl.catsrcLock.RUnlock() + + // Check for specific namespace listers + if cl, ok := ucl.catsrcListers[namespace]; ok { + return cl.CatalogSources(namespace) + } + + // Check for any namespace-all listers + if cl, ok := ucl.catsrcListers[metav1.NamespaceAll]; ok { + return cl.CatalogSources(namespace) + } + + return &NullCatalogSourceNamespaceLister{} +} + +func (ucl *UnionCatalogSourceLister) RegisterCatalogSourceLister(namespace string, lister listers.CatalogSourceLister) { + ucl.catsrcLock.Lock() + defer ucl.catsrcLock.Unlock() + + if ucl.catsrcListers == nil { + ucl.catsrcListers = make(map[string]listers.CatalogSourceLister) + } + + ucl.catsrcListers[namespace] = lister +} + +func (l *operatorsV1alpha1Lister) RegisterCatalogSourceLister(namespace string, lister listers.CatalogSourceLister) { + l.catalogSourceLister.RegisterCatalogSourceLister(namespace, lister) +} + +func (l *operatorsV1alpha1Lister) CatalogSourceLister() listers.CatalogSourceLister { + return l.catalogSourceLister +} + +// NullCatalogSourceNamespaceLister is an implementation of a null CatalogSourceNamespaceLister. It is +// used to prevent nil pointers when no CatalogSourceNamespaceLister has been registered for a given +// namespace. +type NullCatalogSourceNamespaceLister struct { + listers.CatalogSourceNamespaceLister +} + +// List returns nil and an error explaining that this is a NullCatalogSourceNamespaceLister. +func (n *NullCatalogSourceNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CatalogSource, err error) { + return nil, fmt.Errorf("cannot list CatalogSources with a NullCatalogSourceNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullCatalogSourceNamespaceLister. +func (n *NullCatalogSourceNamespaceLister) Get(name string) (*v1alpha1.CatalogSource, error) { + return nil, fmt.Errorf("cannot get CatalogSource with a NullCatalogSourceNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterrole.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterrole.go new file mode 100644 index 000000000..174ffa1da --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterrole.go @@ -0,0 +1,51 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/rbac/v1" + "k8s.io/apimachinery/pkg/labels" + rbacv1 "k8s.io/client-go/listers/rbac/v1" +) + +type UnionClusterRoleLister struct { + clusterRoleLister rbacv1.ClusterRoleLister + clusterRoleLock sync.RWMutex +} + +// List lists all ClusterRoles in the indexer. +func (ucl *UnionClusterRoleLister) List(selector labels.Selector) (ret []*v1.ClusterRole, err error) { + ucl.clusterRoleLock.RLock() + defer ucl.clusterRoleLock.RUnlock() + + if ucl.clusterRoleLister == nil { + return nil, fmt.Errorf("no clusterRole lister registered") + } + return ucl.clusterRoleLister.List(selector) +} + +func (ucl *UnionClusterRoleLister) Get(name string) (*v1.ClusterRole, error) { + ucl.clusterRoleLock.RLock() + defer ucl.clusterRoleLock.RUnlock() + + if ucl.clusterRoleLister == nil { + return nil, fmt.Errorf("no clusterRole lister registered") + } + return ucl.clusterRoleLister.Get(name) +} + +func (ucl *UnionClusterRoleLister) RegisterClusterRoleLister(lister rbacv1.ClusterRoleLister) { + ucl.clusterRoleLock.Lock() + defer ucl.clusterRoleLock.Unlock() + + ucl.clusterRoleLister = lister +} + +func (l *rbacV1Lister) RegisterClusterRoleLister(lister rbacv1.ClusterRoleLister) { + l.clusterRoleLister.RegisterClusterRoleLister(lister) +} + +func (l *rbacV1Lister) ClusterRoleLister() rbacv1.ClusterRoleLister { + return l.clusterRoleLister +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterrolebinding.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterrolebinding.go new file mode 100644 index 000000000..c0ed5c744 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterrolebinding.go @@ -0,0 +1,51 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/rbac/v1" + "k8s.io/apimachinery/pkg/labels" + rbacv1 "k8s.io/client-go/listers/rbac/v1" +) + +type UnionClusterRoleBindingLister struct { + clusterRoleBindingLister rbacv1.ClusterRoleBindingLister + clusterRoleBindingLock sync.RWMutex +} + +// List lists all ClusterRoleBindings in the indexer. +func (ucl *UnionClusterRoleBindingLister) List(selector labels.Selector) (ret []*v1.ClusterRoleBinding, err error) { + ucl.clusterRoleBindingLock.RLock() + defer ucl.clusterRoleBindingLock.RUnlock() + + if ucl.clusterRoleBindingLister == nil { + return nil, fmt.Errorf("no clusterRoleBinding lister registered") + } + return ucl.clusterRoleBindingLister.List(selector) +} + +func (ucl *UnionClusterRoleBindingLister) Get(name string) (*v1.ClusterRoleBinding, error) { + ucl.clusterRoleBindingLock.RLock() + defer ucl.clusterRoleBindingLock.RUnlock() + + if ucl.clusterRoleBindingLister == nil { + return nil, fmt.Errorf("no clusterRoleBinding lister registered") + } + return ucl.clusterRoleBindingLister.Get(name) +} + +func (ucl *UnionClusterRoleBindingLister) RegisterClusterRoleBindingLister(lister rbacv1.ClusterRoleBindingLister) { + ucl.clusterRoleBindingLock.Lock() + defer ucl.clusterRoleBindingLock.Unlock() + + ucl.clusterRoleBindingLister = lister +} + +func (l *rbacV1Lister) RegisterClusterRoleBindingLister(lister rbacv1.ClusterRoleBindingLister) { + l.clusterRoleBindingLister.RegisterClusterRoleBindingLister(lister) +} + +func (l *rbacV1Lister) ClusterRoleBindingLister() rbacv1.ClusterRoleBindingLister { + return l.clusterRoleBindingLister +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterserviceversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterserviceversion.go new file mode 100644 index 000000000..a0f99ce00 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/clusterserviceversion.go @@ -0,0 +1,96 @@ +package operatorlister + +import ( + "fmt" + "sync" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" +) + +type UnionClusterServiceVersionLister struct { + csvListers map[string]listers.ClusterServiceVersionLister + csvLock sync.RWMutex +} + +// List lists all ClusterServiceVersions in the indexer. +func (ucl *UnionClusterServiceVersionLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterServiceVersion, err error) { + ucl.csvLock.RLock() + defer ucl.csvLock.RUnlock() + + set := make(map[types.UID]*v1alpha1.ClusterServiceVersion) + for _, cl := range ucl.csvListers { + csvs, err := cl.List(selector) + if err != nil { + return nil, err + } + + for _, csv := range csvs { + set[csv.GetUID()] = csv + } + } + + for _, csv := range set { + ret = append(ret, csv) + } + + return +} + +// ClusterServiceVersions returns an object that can list and get ClusterServiceVersions. +func (ucl *UnionClusterServiceVersionLister) ClusterServiceVersions(namespace string) listers.ClusterServiceVersionNamespaceLister { + ucl.csvLock.RLock() + defer ucl.csvLock.RUnlock() + + // Check for specific namespace listers + if cl, ok := ucl.csvListers[namespace]; ok { + return cl.ClusterServiceVersions(namespace) + } + + // Check for any namespace-all listers + if cl, ok := ucl.csvListers[metav1.NamespaceAll]; ok { + return cl.ClusterServiceVersions(namespace) + } + + return &NullClusterServiceVersionNamespaceLister{} +} + +func (ucl *UnionClusterServiceVersionLister) RegisterClusterServiceVersionLister(namespace string, lister listers.ClusterServiceVersionLister) { + ucl.csvLock.Lock() + defer ucl.csvLock.Unlock() + + if ucl.csvListers == nil { + ucl.csvListers = make(map[string]listers.ClusterServiceVersionLister) + } + + ucl.csvListers[namespace] = lister +} + +func (l *operatorsV1alpha1Lister) RegisterClusterServiceVersionLister(namespace string, lister listers.ClusterServiceVersionLister) { + l.clusterServiceVersionLister.RegisterClusterServiceVersionLister(namespace, lister) +} + +func (l *operatorsV1alpha1Lister) ClusterServiceVersionLister() listers.ClusterServiceVersionLister { + return l.clusterServiceVersionLister +} + +// NullClusterServiceVersionNamespaceLister is an implementation of a null ClusterServiceVersionNamespaceLister. It is +// used to prevent nil pointers when no ClusterServiceVersionNamespaceLister has been registered for a given +// namespace. +type NullClusterServiceVersionNamespaceLister struct { + listers.ClusterServiceVersionNamespaceLister +} + +// List returns nil and an error explaining that this is a NullClusterServiceVersionNamespaceLister. +func (n *NullClusterServiceVersionNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterServiceVersion, err error) { + return nil, fmt.Errorf("cannot list ClusterServiceVersions with a NullClusterServiceVersionNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullClusterServiceVersionNamespaceLister. +func (n *NullClusterServiceVersionNamespaceLister) Get(name string) (*v1alpha1.ClusterServiceVersion, error) { + return nil, fmt.Errorf("cannot get ClusterServiceVersion with a NullClusterServiceVersionNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/configmap.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/configmap.go new file mode 100644 index 000000000..e15132103 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/configmap.go @@ -0,0 +1,94 @@ +package operatorlister + +import ( + "fmt" + "sync" + + "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + corev1 "k8s.io/client-go/listers/core/v1" +) + +type UnionConfigMapLister struct { + configMapListers map[string]corev1.ConfigMapLister + configMapLock sync.RWMutex +} + +// List lists all ConfigMaps in the indexer. +func (usl *UnionConfigMapLister) List(selector labels.Selector) (ret []*v1.ConfigMap, err error) { + usl.configMapLock.RLock() + defer usl.configMapLock.RUnlock() + + set := make(map[types.UID]*v1.ConfigMap) + for _, sl := range usl.configMapListers { + configMaps, err := sl.List(selector) + if err != nil { + return nil, err + } + + for _, configMap := range configMaps { + set[configMap.GetUID()] = configMap + } + } + + for _, configMap := range set { + ret = append(ret, configMap) + } + + return +} + +// ConfigMaps returns an object that can list and get ConfigMaps. +func (usl *UnionConfigMapLister) ConfigMaps(namespace string) corev1.ConfigMapNamespaceLister { + usl.configMapLock.RLock() + defer usl.configMapLock.RUnlock() + + // Check for specific namespace listers + if sl, ok := usl.configMapListers[namespace]; ok { + return sl.ConfigMaps(namespace) + } + + // Check for any namespace-all listers + if sl, ok := usl.configMapListers[metav1.NamespaceAll]; ok { + return sl.ConfigMaps(namespace) + } + + return &NullConfigMapNamespaceLister{} +} + +func (usl *UnionConfigMapLister) RegisterConfigMapLister(namespace string, lister corev1.ConfigMapLister) { + usl.configMapLock.Lock() + defer usl.configMapLock.Unlock() + + if usl.configMapListers == nil { + usl.configMapListers = make(map[string]corev1.ConfigMapLister) + } + usl.configMapListers[namespace] = lister +} + +func (l *coreV1Lister) RegisterConfigMapLister(namespace string, lister corev1.ConfigMapLister) { + l.configMapLister.RegisterConfigMapLister(namespace, lister) +} + +func (l *coreV1Lister) ConfigMapLister() corev1.ConfigMapLister { + return l.configMapLister +} + +// NullConfigMapNamespaceLister is an implementation of a null ConfigMapNamespaceLister. It is +// used to prevent nil pointers when no ConfigMapNamespaceLister has been registered for a given +// namespace. +type NullConfigMapNamespaceLister struct { + corev1.ConfigMapNamespaceLister +} + +// List returns nil and an error explaining that this is a NullConfigMapNamespaceLister. +func (n *NullConfigMapNamespaceLister) List(selector labels.Selector) (ret []*v1.ConfigMap, err error) { + return nil, fmt.Errorf("cannot list ConfigMaps with a NullConfigMapNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullConfigMapNamespaceLister. +func (n *NullConfigMapNamespaceLister) Get(name string) (*v1.ConfigMap, error) { + return nil, fmt.Errorf("cannot get ConfigMap with a NullConfigMapNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/customresourcedefinition.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/customresourcedefinition.go new file mode 100644 index 000000000..9bbc6ce19 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/customresourcedefinition.go @@ -0,0 +1,55 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + aextv1beta1 "k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1" + "k8s.io/apimachinery/pkg/labels" +) + +// UnionCustomResourceDefinitionLister is a custom implementation of an CustomResourceDefinition lister that allows a new +// Lister to be registered on the fly +type UnionCustomResourceDefinitionLister struct { + CustomResourceDefinitionLister aextv1beta1.CustomResourceDefinitionLister + CustomResourceDefinitionLock sync.RWMutex +} + +// List lists all CustomResourceDefinitions in the indexer. +func (ucl *UnionCustomResourceDefinitionLister) List(selector labels.Selector) (ret []*v1beta1.CustomResourceDefinition, err error) { + ucl.CustomResourceDefinitionLock.RLock() + defer ucl.CustomResourceDefinitionLock.RUnlock() + + if ucl.CustomResourceDefinitionLister == nil { + return nil, fmt.Errorf("no CustomResourceDefinition lister registered") + } + return ucl.CustomResourceDefinitionLister.List(selector) +} + +// Get retrieves the CustomResourceDefinition with the given name +func (ucl *UnionCustomResourceDefinitionLister) Get(name string) (*v1beta1.CustomResourceDefinition, error) { + ucl.CustomResourceDefinitionLock.RLock() + defer ucl.CustomResourceDefinitionLock.RUnlock() + + if ucl.CustomResourceDefinitionLister == nil { + return nil, fmt.Errorf("no CustomResourceDefinition lister registered") + } + return ucl.CustomResourceDefinitionLister.Get(name) +} + +// RegisterCustomResourceDefinitionLister registers a new CustomResourceDefinitionLister +func (ucl *UnionCustomResourceDefinitionLister) RegisterCustomResourceDefinitionLister(lister aextv1beta1.CustomResourceDefinitionLister) { + ucl.CustomResourceDefinitionLock.Lock() + defer ucl.CustomResourceDefinitionLock.Unlock() + + ucl.CustomResourceDefinitionLister = lister +} + +func (l *apiExtensionsV1beta1Lister) RegisterCustomResourceDefinitionLister(lister aextv1beta1.CustomResourceDefinitionLister) { + l.customResourceDefinitionLister.RegisterCustomResourceDefinitionLister(lister) +} + +func (l *apiExtensionsV1beta1Lister) CustomResourceDefinitionLister() aextv1beta1.CustomResourceDefinitionLister { + return l.customResourceDefinitionLister +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/deployment.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/deployment.go new file mode 100644 index 000000000..af7fea9a7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/deployment.go @@ -0,0 +1,117 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/apps/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + appsv1 "k8s.io/client-go/listers/apps/v1" +) + +type UnionDeploymentLister struct { + deploymentListers map[string]appsv1.DeploymentLister + deploymentLock sync.RWMutex +} + +// List lists all Deployments in the indexer. +func (udl *UnionDeploymentLister) List(selector labels.Selector) (ret []*v1.Deployment, err error) { + udl.deploymentLock.RLock() + defer udl.deploymentLock.RUnlock() + + var set map[types.UID]*v1.Deployment + for _, dl := range udl.deploymentListers { + deployments, err := dl.List(selector) + if err != nil { + return nil, err + } + + for _, deployment := range deployments { + set[deployment.GetUID()] = deployment + } + } + + for _, deployment := range set { + ret = append(ret, deployment) + } + + return +} + +// Deployments returns an object that can list and get Deployments. +func (udl *UnionDeploymentLister) Deployments(namespace string) appsv1.DeploymentNamespaceLister { + udl.deploymentLock.RLock() + defer udl.deploymentLock.RUnlock() + + // Check for specific namespace listers + if dl, ok := udl.deploymentListers[namespace]; ok { + return dl.Deployments(namespace) + } + + // Check for any namespace-all listers + if dl, ok := udl.deploymentListers[metav1.NamespaceAll]; ok { + return dl.Deployments(namespace) + } + + return &NullDeploymentNamespaceLister{} +} + +func (udl *UnionDeploymentLister) GetDeploymentsForReplicaSet(rs *v1.ReplicaSet) ([]*v1.Deployment, error) { + udl.deploymentLock.RLock() + defer udl.deploymentLock.RUnlock() + + // Check for specific namespace listers + if dl, ok := udl.deploymentListers[rs.GetNamespace()]; ok { + return dl.GetDeploymentsForReplicaSet(rs) + } + + // Check for any namespace-all listers + if dl, ok := udl.deploymentListers[metav1.NamespaceAll]; ok { + return dl.GetDeploymentsForReplicaSet(rs) + } + + return nil, fmt.Errorf("no listers found for namespace %s", rs.GetNamespace()) +} + +func (udl *UnionDeploymentLister) RegisterDeploymentLister(namespace string, lister appsv1.DeploymentLister) { + udl.deploymentLock.Lock() + defer udl.deploymentLock.Unlock() + + if udl.deploymentListers == nil { + udl.deploymentListers = make(map[string]appsv1.DeploymentLister) + } + + udl.deploymentListers[namespace] = lister +} + +func (l *appsV1Lister) RegisterDeploymentLister(namespace string, lister appsv1.DeploymentLister) { + l.deploymentLister.RegisterDeploymentLister(namespace, lister) +} + +func (l *appsV1Lister) DeploymentLister() appsv1.DeploymentLister { + return l.deploymentLister +} + +// NullDeploymentNamespaceLister is an implementation of a null DeploymentNamespaceLister. It is +// used to prevent nil pointers when no DeploymentNamespaceLister has been registered for a given +// namespace. +type NullDeploymentNamespaceLister struct { + appsv1.DeploymentNamespaceLister +} + +// List returns nil and an error explaining that this is a NullDeploymentNamespaceLister. +func (n *NullDeploymentNamespaceLister) List(selector labels.Selector) (ret []*v1.Deployment, err error) { + return nil, fmt.Errorf("cannot list Deployments with a NullDeploymentNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullDeploymentNamespaceLister. +func (n *NullDeploymentNamespaceLister) Get(name string) (*v1.Deployment, error) { + return nil, fmt.Errorf("cannot get Deployment with a NullDeploymentNamespaceLister") +} + +// GetDeploymentsForReplicaSet returns nil and an error explaining that this is a NullDeploymentNamespaceLister +func (n *NullDeploymentNamespaceLister) GetDeploymentsForReplicaSet(rs *v1.ReplicaSet) ([]*v1.Deployment, error) { + return nil, fmt.Errorf("cannot get Deployments for a ReplicaSet with a NullDeploymentNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/installplan.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/installplan.go new file mode 100644 index 000000000..9dad11201 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/installplan.go @@ -0,0 +1,96 @@ +package operatorlister + +import ( + "fmt" + "sync" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" +) + +type UnionInstallPlanLister struct { + ipListers map[string]listers.InstallPlanLister + ipLock sync.RWMutex +} + +// List lists all InstallPlans in the indexer. +func (u *UnionInstallPlanLister) List(selector labels.Selector) (ret []*v1alpha1.InstallPlan, err error) { + u.ipLock.RLock() + defer u.ipLock.RUnlock() + + set := make(map[types.UID]*v1alpha1.InstallPlan) + for _, cl := range u.ipListers { + ips, err := cl.List(selector) + if err != nil { + return nil, err + } + + for _, ip := range ips { + set[ip.GetUID()] = ip + } + } + + for _, ip := range set { + ret = append(ret, ip) + } + + return +} + +// InstallPlans returns an object that can list and get InstallPlans. +func (u *UnionInstallPlanLister) InstallPlans(namespace string) listers.InstallPlanNamespaceLister { + u.ipLock.RLock() + defer u.ipLock.RUnlock() + + // Check for specific namespace listers + if cl, ok := u.ipListers[namespace]; ok { + return cl.InstallPlans(namespace) + } + + // Check for any namespace-all listers + if cl, ok := u.ipListers[metav1.NamespaceAll]; ok { + return cl.InstallPlans(namespace) + } + + return &NullInstallPlanNamespaceLister{} +} + +func (u *UnionInstallPlanLister) RegisterInstallPlanLister(namespace string, lister listers.InstallPlanLister) { + u.ipLock.Lock() + defer u.ipLock.Unlock() + + if u.ipListers == nil { + u.ipListers = make(map[string]listers.InstallPlanLister) + } + + u.ipListers[namespace] = lister +} + +func (l *operatorsV1alpha1Lister) RegisterInstallPlanLister(namespace string, lister listers.InstallPlanLister) { + l.installPlanLister.RegisterInstallPlanLister(namespace, lister) +} + +func (l *operatorsV1alpha1Lister) InstallPlanLister() listers.InstallPlanLister { + return l.installPlanLister +} + +// NullInstallPlanNamespaceLister is an implementation of a null InstallPlanNamespaceLister. It is +// used to prevent nil pointers when no InstallPlanNamespaceLister has been registered for a given +// namespace. +type NullInstallPlanNamespaceLister struct { + listers.InstallPlanNamespaceLister +} + +// List returns nil and an error explaining that this is a NullInstallPlanNamespaceLister. +func (n *NullInstallPlanNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.InstallPlan, err error) { + return nil, fmt.Errorf("cannot list InstallPlans with a NullInstallPlanNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullInstallPlanNamespaceLister. +func (n *NullInstallPlanNamespaceLister) Get(name string) (*v1alpha1.InstallPlan, error) { + return nil, fmt.Errorf("cannot get InstallPlan with a NullInstallPlanNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/lister.go new file mode 100644 index 000000000..41c409a40 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/lister.go @@ -0,0 +1,244 @@ +package operatorlister + +import ( + aextv1beta1 "k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1" + appsv1 "k8s.io/client-go/listers/apps/v1" + corev1 "k8s.io/client-go/listers/core/v1" + rbacv1 "k8s.io/client-go/listers/rbac/v1" + aregv1 "k8s.io/kube-aggregator/pkg/client/listers/apiregistration/v1" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" +) + +// OperatorLister is a union of versioned informer listers +//go:generate counterfeiter . OperatorLister +type OperatorLister interface { + AppsV1() AppsV1Lister + CoreV1() CoreV1Lister + RbacV1() RbacV1Lister + APIRegistrationV1() APIRegistrationV1Lister + APIExtensionsV1beta1() APIExtensionsV1beta1Lister + + OperatorsV1alpha1() OperatorsV1alpha1Lister + OperatorsV1() OperatorsV1Lister +} + +//go:generate counterfeiter . AppsV1Lister +type AppsV1Lister interface { + DeploymentLister() appsv1.DeploymentLister + + RegisterDeploymentLister(namespace string, lister appsv1.DeploymentLister) +} + +//go:generate counterfeiter . CoreV1Lister +type CoreV1Lister interface { + RegisterSecretLister(namespace string, lister corev1.SecretLister) + RegisterServiceLister(namespace string, lister corev1.ServiceLister) + RegisterServiceAccountLister(namespace string, lister corev1.ServiceAccountLister) + RegisterPodLister(namespace string, lister corev1.PodLister) + RegisterConfigMapLister(namespace string, lister corev1.ConfigMapLister) + RegisterNamespaceLister(lister corev1.NamespaceLister) + + SecretLister() corev1.SecretLister + ServiceLister() corev1.ServiceLister + ServiceAccountLister() corev1.ServiceAccountLister + NamespaceLister() corev1.NamespaceLister + PodLister() corev1.PodLister + ConfigMapLister() corev1.ConfigMapLister +} + +//go:generate counterfeiter . RbacV1Lister +type RbacV1Lister interface { + RegisterClusterRoleLister(lister rbacv1.ClusterRoleLister) + RegisterClusterRoleBindingLister(lister rbacv1.ClusterRoleBindingLister) + RegisterRoleLister(namespace string, lister rbacv1.RoleLister) + RegisterRoleBindingLister(namespace string, lister rbacv1.RoleBindingLister) + + ClusterRoleLister() rbacv1.ClusterRoleLister + ClusterRoleBindingLister() rbacv1.ClusterRoleBindingLister + RoleLister() rbacv1.RoleLister + RoleBindingLister() rbacv1.RoleBindingLister +} + +//go:generate counterfeiter . APIRegistrationV1Lister +type APIRegistrationV1Lister interface { + RegisterAPIServiceLister(lister aregv1.APIServiceLister) + + APIServiceLister() aregv1.APIServiceLister +} + +//go:generate counterfeiter . APIExtensionsV1beta1Lister +type APIExtensionsV1beta1Lister interface { + RegisterCustomResourceDefinitionLister(lister aextv1beta1.CustomResourceDefinitionLister) + + CustomResourceDefinitionLister() aextv1beta1.CustomResourceDefinitionLister +} + +//go:generate counterfeiter . OperatorsV1alpha1Lister +type OperatorsV1alpha1Lister interface { + RegisterClusterServiceVersionLister(namespace string, lister v1alpha1.ClusterServiceVersionLister) + RegisterCatalogSourceLister(namespace string, lister v1alpha1.CatalogSourceLister) + RegisterSubscriptionLister(namespace string, lister v1alpha1.SubscriptionLister) + RegisterInstallPlanLister(namespace string, lister v1alpha1.InstallPlanLister) + + ClusterServiceVersionLister() v1alpha1.ClusterServiceVersionLister + CatalogSourceLister() v1alpha1.CatalogSourceLister + SubscriptionLister() v1alpha1.SubscriptionLister + InstallPlanLister() v1alpha1.InstallPlanLister +} + +//go:generate counterfeiter . OperatorsV1Lister +type OperatorsV1Lister interface { + RegisterOperatorGroupLister(namespace string, lister v1.OperatorGroupLister) + + OperatorGroupLister() v1.OperatorGroupLister +} + +type appsV1Lister struct { + deploymentLister *UnionDeploymentLister +} + +func newAppsV1Lister() *appsV1Lister { + return &appsV1Lister{ + deploymentLister: &UnionDeploymentLister{}, + } +} + +type coreV1Lister struct { + secretLister *UnionSecretLister + serviceLister *UnionServiceLister + serviceAccountLister *UnionServiceAccountLister + namespaceLister *UnionNamespaceLister + podLister *UnionPodLister + configMapLister *UnionConfigMapLister +} + +func newCoreV1Lister() *coreV1Lister { + return &coreV1Lister{ + secretLister: &UnionSecretLister{}, + serviceLister: &UnionServiceLister{}, + serviceAccountLister: &UnionServiceAccountLister{}, + namespaceLister: &UnionNamespaceLister{}, + podLister: &UnionPodLister{}, + configMapLister: &UnionConfigMapLister{}, + } +} + +type rbacV1Lister struct { + roleLister *UnionRoleLister + roleBindingLister *UnionRoleBindingLister + clusterRoleLister *UnionClusterRoleLister + clusterRoleBindingLister *UnionClusterRoleBindingLister +} + +func newRbacV1Lister() *rbacV1Lister { + return &rbacV1Lister{ + roleLister: &UnionRoleLister{}, + roleBindingLister: &UnionRoleBindingLister{}, + clusterRoleLister: &UnionClusterRoleLister{}, + clusterRoleBindingLister: &UnionClusterRoleBindingLister{}, + } +} + +type apiRegistrationV1Lister struct { + apiServiceLister *UnionAPIServiceLister +} + +func newAPIRegistrationV1Lister() *apiRegistrationV1Lister { + return &apiRegistrationV1Lister{ + apiServiceLister: &UnionAPIServiceLister{}, + } +} + +type apiExtensionsV1beta1Lister struct { + customResourceDefinitionLister *UnionCustomResourceDefinitionLister +} + +func newAPIExtensionsV1beta1Lister() *apiExtensionsV1beta1Lister { + return &apiExtensionsV1beta1Lister{ + customResourceDefinitionLister: &UnionCustomResourceDefinitionLister{}, + } +} + +type operatorsV1alpha1Lister struct { + clusterServiceVersionLister *UnionClusterServiceVersionLister + catalogSourceLister *UnionCatalogSourceLister + subscriptionLister *UnionSubscriptionLister + installPlanLister *UnionInstallPlanLister +} + +func newOperatorsV1alpha1Lister() *operatorsV1alpha1Lister { + return &operatorsV1alpha1Lister{ + clusterServiceVersionLister: &UnionClusterServiceVersionLister{}, + catalogSourceLister: &UnionCatalogSourceLister{}, + subscriptionLister: &UnionSubscriptionLister{}, + installPlanLister: &UnionInstallPlanLister{}, + } +} + +type operatorsV1Lister struct { + operatorGroupLister *UnionOperatorGroupLister +} + +func newOperatorsV1Lister() *operatorsV1Lister { + return &operatorsV1Lister{ + operatorGroupLister: &UnionOperatorGroupLister{}, + } +} + +// Interface assertion +var _ OperatorLister = &lister{} + +type lister struct { + appsV1Lister *appsV1Lister + coreV1Lister *coreV1Lister + rbacV1Lister *rbacV1Lister + apiRegistrationV1Lister *apiRegistrationV1Lister + apiExtensionsV1beta1Lister *apiExtensionsV1beta1Lister + + operatorsV1alpha1Lister *operatorsV1alpha1Lister + operatorsV1Lister *operatorsV1Lister +} + +func (l *lister) AppsV1() AppsV1Lister { + return l.appsV1Lister +} + +func (l *lister) CoreV1() CoreV1Lister { + return l.coreV1Lister +} + +func (l *lister) RbacV1() RbacV1Lister { + return l.rbacV1Lister +} + +func (l *lister) APIRegistrationV1() APIRegistrationV1Lister { + return l.apiRegistrationV1Lister +} + +func (l *lister) APIExtensionsV1beta1() APIExtensionsV1beta1Lister { + return l.apiExtensionsV1beta1Lister +} + +func (l *lister) OperatorsV1alpha1() OperatorsV1alpha1Lister { + return l.operatorsV1alpha1Lister +} + +func (l *lister) OperatorsV1() OperatorsV1Lister { + return l.operatorsV1Lister +} + +func NewLister() OperatorLister { + // TODO: better initialization + return &lister{ + appsV1Lister: newAppsV1Lister(), + coreV1Lister: newCoreV1Lister(), + rbacV1Lister: newRbacV1Lister(), + apiRegistrationV1Lister: newAPIRegistrationV1Lister(), + apiExtensionsV1beta1Lister: newAPIExtensionsV1beta1Lister(), + + operatorsV1alpha1Lister: newOperatorsV1alpha1Lister(), + operatorsV1Lister: newOperatorsV1Lister(), + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/namespace.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/namespace.go new file mode 100644 index 000000000..1aaf302eb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/namespace.go @@ -0,0 +1,51 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/labels" + corev1 "k8s.io/client-go/listers/core/v1" +) + +type UnionNamespaceLister struct { + namespaceLister corev1.NamespaceLister + namespaceLock sync.RWMutex +} + +// List lists all Namespaces in the indexer. +func (unl *UnionNamespaceLister) List(selector labels.Selector) (ret []*v1.Namespace, err error) { + unl.namespaceLock.RLock() + defer unl.namespaceLock.RUnlock() + + if unl.namespaceLister == nil { + return nil, fmt.Errorf("no namespace lister registered") + } + return unl.namespaceLister.List(selector) +} + +func (unl *UnionNamespaceLister) Get(name string) (*v1.Namespace, error) { + unl.namespaceLock.RLock() + defer unl.namespaceLock.RUnlock() + + if unl.namespaceLister == nil { + return nil, fmt.Errorf("no namespace lister registered") + } + return unl.namespaceLister.Get(name) +} + +func (unl *UnionNamespaceLister) RegisterNamespaceLister(lister corev1.NamespaceLister) { + unl.namespaceLock.Lock() + defer unl.namespaceLock.Unlock() + + unl.namespaceLister = lister +} + +func (l *coreV1Lister) RegisterNamespaceLister(lister corev1.NamespaceLister) { + l.namespaceLister.RegisterNamespaceLister(lister) +} + +func (l *coreV1Lister) NamespaceLister() corev1.NamespaceLister { + return l.namespaceLister +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorgroup.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorgroup.go new file mode 100644 index 000000000..75111f69d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorgroup.go @@ -0,0 +1,96 @@ +package operatorlister + +import ( + "fmt" + "sync" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1" +) + +type UnionOperatorGroupLister struct { + csvListers map[string]listers.OperatorGroupLister + csvLock sync.RWMutex +} + +// List lists all OperatorGroups in the indexer. +func (uol *UnionOperatorGroupLister) List(selector labels.Selector) (ret []*v1.OperatorGroup, err error) { + uol.csvLock.RLock() + defer uol.csvLock.RUnlock() + + set := make(map[types.UID]*v1.OperatorGroup) + for _, cl := range uol.csvListers { + csvs, err := cl.List(selector) + if err != nil { + return nil, err + } + + for _, csv := range csvs { + set[csv.GetUID()] = csv + } + } + + for _, csv := range set { + ret = append(ret, csv) + } + + return +} + +// OperatorGroups returns an object that can list and get OperatorGroups. +func (uol *UnionOperatorGroupLister) OperatorGroups(namespace string) listers.OperatorGroupNamespaceLister { + uol.csvLock.RLock() + defer uol.csvLock.RUnlock() + + // Check for specific namespace listers + if cl, ok := uol.csvListers[namespace]; ok { + return cl.OperatorGroups(namespace) + } + + // Check for any namespace-all listers + if cl, ok := uol.csvListers[metav1.NamespaceAll]; ok { + return cl.OperatorGroups(namespace) + } + + return &NullOperatorGroupNamespaceLister{} +} + +func (uol *UnionOperatorGroupLister) RegisterOperatorGroupLister(namespace string, lister listers.OperatorGroupLister) { + uol.csvLock.Lock() + defer uol.csvLock.Unlock() + + if uol.csvListers == nil { + uol.csvListers = make(map[string]listers.OperatorGroupLister) + } + + uol.csvListers[namespace] = lister +} + +func (l *operatorsV1Lister) RegisterOperatorGroupLister(namespace string, lister listers.OperatorGroupLister) { + l.operatorGroupLister.RegisterOperatorGroupLister(namespace, lister) +} + +func (l *operatorsV1Lister) OperatorGroupLister() listers.OperatorGroupLister { + return l.operatorGroupLister +} + +// NullOperatorGroupNamespaceLister is an implementation of a null OperatorGroupNamespaceLister. It is +// used to prevent nil pointers when no OperatorGroupNamespaceLister has been registered for a given +// namespace. +type NullOperatorGroupNamespaceLister struct { + listers.OperatorGroupNamespaceLister +} + +// List returns nil and an error explaining that this is a NullOperatorGroupNamespaceLister. +func (n *NullOperatorGroupNamespaceLister) List(selector labels.Selector) (ret []*v1.OperatorGroup, err error) { + return nil, fmt.Errorf("cannot list OperatorGroups with a NullOperatorGroupNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullOperatorGroupNamespaceLister. +func (n *NullOperatorGroupNamespaceLister) Get(name string) (*v1.OperatorGroup, error) { + return nil, fmt.Errorf("cannot get OperatorGroup with a NullOperatorGroupNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apiextensions_v1beta1lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apiextensions_v1beta1lister.go new file mode 100644 index 000000000..a691dfec8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apiextensions_v1beta1lister.go @@ -0,0 +1,140 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + "k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1" +) + +type FakeAPIExtensionsV1beta1Lister struct { + CustomResourceDefinitionListerStub func() v1beta1.CustomResourceDefinitionLister + customResourceDefinitionListerMutex sync.RWMutex + customResourceDefinitionListerArgsForCall []struct { + } + customResourceDefinitionListerReturns struct { + result1 v1beta1.CustomResourceDefinitionLister + } + customResourceDefinitionListerReturnsOnCall map[int]struct { + result1 v1beta1.CustomResourceDefinitionLister + } + RegisterCustomResourceDefinitionListerStub func(v1beta1.CustomResourceDefinitionLister) + registerCustomResourceDefinitionListerMutex sync.RWMutex + registerCustomResourceDefinitionListerArgsForCall []struct { + arg1 v1beta1.CustomResourceDefinitionLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeAPIExtensionsV1beta1Lister) CustomResourceDefinitionLister() v1beta1.CustomResourceDefinitionLister { + fake.customResourceDefinitionListerMutex.Lock() + ret, specificReturn := fake.customResourceDefinitionListerReturnsOnCall[len(fake.customResourceDefinitionListerArgsForCall)] + fake.customResourceDefinitionListerArgsForCall = append(fake.customResourceDefinitionListerArgsForCall, struct { + }{}) + fake.recordInvocation("CustomResourceDefinitionLister", []interface{}{}) + fake.customResourceDefinitionListerMutex.Unlock() + if fake.CustomResourceDefinitionListerStub != nil { + return fake.CustomResourceDefinitionListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.customResourceDefinitionListerReturns + return fakeReturns.result1 +} + +func (fake *FakeAPIExtensionsV1beta1Lister) CustomResourceDefinitionListerCallCount() int { + fake.customResourceDefinitionListerMutex.RLock() + defer fake.customResourceDefinitionListerMutex.RUnlock() + return len(fake.customResourceDefinitionListerArgsForCall) +} + +func (fake *FakeAPIExtensionsV1beta1Lister) CustomResourceDefinitionListerCalls(stub func() v1beta1.CustomResourceDefinitionLister) { + fake.customResourceDefinitionListerMutex.Lock() + defer fake.customResourceDefinitionListerMutex.Unlock() + fake.CustomResourceDefinitionListerStub = stub +} + +func (fake *FakeAPIExtensionsV1beta1Lister) CustomResourceDefinitionListerReturns(result1 v1beta1.CustomResourceDefinitionLister) { + fake.customResourceDefinitionListerMutex.Lock() + defer fake.customResourceDefinitionListerMutex.Unlock() + fake.CustomResourceDefinitionListerStub = nil + fake.customResourceDefinitionListerReturns = struct { + result1 v1beta1.CustomResourceDefinitionLister + }{result1} +} + +func (fake *FakeAPIExtensionsV1beta1Lister) CustomResourceDefinitionListerReturnsOnCall(i int, result1 v1beta1.CustomResourceDefinitionLister) { + fake.customResourceDefinitionListerMutex.Lock() + defer fake.customResourceDefinitionListerMutex.Unlock() + fake.CustomResourceDefinitionListerStub = nil + if fake.customResourceDefinitionListerReturnsOnCall == nil { + fake.customResourceDefinitionListerReturnsOnCall = make(map[int]struct { + result1 v1beta1.CustomResourceDefinitionLister + }) + } + fake.customResourceDefinitionListerReturnsOnCall[i] = struct { + result1 v1beta1.CustomResourceDefinitionLister + }{result1} +} + +func (fake *FakeAPIExtensionsV1beta1Lister) RegisterCustomResourceDefinitionLister(arg1 v1beta1.CustomResourceDefinitionLister) { + fake.registerCustomResourceDefinitionListerMutex.Lock() + fake.registerCustomResourceDefinitionListerArgsForCall = append(fake.registerCustomResourceDefinitionListerArgsForCall, struct { + arg1 v1beta1.CustomResourceDefinitionLister + }{arg1}) + fake.recordInvocation("RegisterCustomResourceDefinitionLister", []interface{}{arg1}) + fake.registerCustomResourceDefinitionListerMutex.Unlock() + if fake.RegisterCustomResourceDefinitionListerStub != nil { + fake.RegisterCustomResourceDefinitionListerStub(arg1) + } +} + +func (fake *FakeAPIExtensionsV1beta1Lister) RegisterCustomResourceDefinitionListerCallCount() int { + fake.registerCustomResourceDefinitionListerMutex.RLock() + defer fake.registerCustomResourceDefinitionListerMutex.RUnlock() + return len(fake.registerCustomResourceDefinitionListerArgsForCall) +} + +func (fake *FakeAPIExtensionsV1beta1Lister) RegisterCustomResourceDefinitionListerCalls(stub func(v1beta1.CustomResourceDefinitionLister)) { + fake.registerCustomResourceDefinitionListerMutex.Lock() + defer fake.registerCustomResourceDefinitionListerMutex.Unlock() + fake.RegisterCustomResourceDefinitionListerStub = stub +} + +func (fake *FakeAPIExtensionsV1beta1Lister) RegisterCustomResourceDefinitionListerArgsForCall(i int) v1beta1.CustomResourceDefinitionLister { + fake.registerCustomResourceDefinitionListerMutex.RLock() + defer fake.registerCustomResourceDefinitionListerMutex.RUnlock() + argsForCall := fake.registerCustomResourceDefinitionListerArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeAPIExtensionsV1beta1Lister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.customResourceDefinitionListerMutex.RLock() + defer fake.customResourceDefinitionListerMutex.RUnlock() + fake.registerCustomResourceDefinitionListerMutex.RLock() + defer fake.registerCustomResourceDefinitionListerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeAPIExtensionsV1beta1Lister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.APIExtensionsV1beta1Lister = new(FakeAPIExtensionsV1beta1Lister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apiregistration_v1lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apiregistration_v1lister.go new file mode 100644 index 000000000..edd9834b6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apiregistration_v1lister.go @@ -0,0 +1,140 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + v1 "k8s.io/kube-aggregator/pkg/client/listers/apiregistration/v1" +) + +type FakeAPIRegistrationV1Lister struct { + APIServiceListerStub func() v1.APIServiceLister + aPIServiceListerMutex sync.RWMutex + aPIServiceListerArgsForCall []struct { + } + aPIServiceListerReturns struct { + result1 v1.APIServiceLister + } + aPIServiceListerReturnsOnCall map[int]struct { + result1 v1.APIServiceLister + } + RegisterAPIServiceListerStub func(v1.APIServiceLister) + registerAPIServiceListerMutex sync.RWMutex + registerAPIServiceListerArgsForCall []struct { + arg1 v1.APIServiceLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeAPIRegistrationV1Lister) APIServiceLister() v1.APIServiceLister { + fake.aPIServiceListerMutex.Lock() + ret, specificReturn := fake.aPIServiceListerReturnsOnCall[len(fake.aPIServiceListerArgsForCall)] + fake.aPIServiceListerArgsForCall = append(fake.aPIServiceListerArgsForCall, struct { + }{}) + fake.recordInvocation("APIServiceLister", []interface{}{}) + fake.aPIServiceListerMutex.Unlock() + if fake.APIServiceListerStub != nil { + return fake.APIServiceListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.aPIServiceListerReturns + return fakeReturns.result1 +} + +func (fake *FakeAPIRegistrationV1Lister) APIServiceListerCallCount() int { + fake.aPIServiceListerMutex.RLock() + defer fake.aPIServiceListerMutex.RUnlock() + return len(fake.aPIServiceListerArgsForCall) +} + +func (fake *FakeAPIRegistrationV1Lister) APIServiceListerCalls(stub func() v1.APIServiceLister) { + fake.aPIServiceListerMutex.Lock() + defer fake.aPIServiceListerMutex.Unlock() + fake.APIServiceListerStub = stub +} + +func (fake *FakeAPIRegistrationV1Lister) APIServiceListerReturns(result1 v1.APIServiceLister) { + fake.aPIServiceListerMutex.Lock() + defer fake.aPIServiceListerMutex.Unlock() + fake.APIServiceListerStub = nil + fake.aPIServiceListerReturns = struct { + result1 v1.APIServiceLister + }{result1} +} + +func (fake *FakeAPIRegistrationV1Lister) APIServiceListerReturnsOnCall(i int, result1 v1.APIServiceLister) { + fake.aPIServiceListerMutex.Lock() + defer fake.aPIServiceListerMutex.Unlock() + fake.APIServiceListerStub = nil + if fake.aPIServiceListerReturnsOnCall == nil { + fake.aPIServiceListerReturnsOnCall = make(map[int]struct { + result1 v1.APIServiceLister + }) + } + fake.aPIServiceListerReturnsOnCall[i] = struct { + result1 v1.APIServiceLister + }{result1} +} + +func (fake *FakeAPIRegistrationV1Lister) RegisterAPIServiceLister(arg1 v1.APIServiceLister) { + fake.registerAPIServiceListerMutex.Lock() + fake.registerAPIServiceListerArgsForCall = append(fake.registerAPIServiceListerArgsForCall, struct { + arg1 v1.APIServiceLister + }{arg1}) + fake.recordInvocation("RegisterAPIServiceLister", []interface{}{arg1}) + fake.registerAPIServiceListerMutex.Unlock() + if fake.RegisterAPIServiceListerStub != nil { + fake.RegisterAPIServiceListerStub(arg1) + } +} + +func (fake *FakeAPIRegistrationV1Lister) RegisterAPIServiceListerCallCount() int { + fake.registerAPIServiceListerMutex.RLock() + defer fake.registerAPIServiceListerMutex.RUnlock() + return len(fake.registerAPIServiceListerArgsForCall) +} + +func (fake *FakeAPIRegistrationV1Lister) RegisterAPIServiceListerCalls(stub func(v1.APIServiceLister)) { + fake.registerAPIServiceListerMutex.Lock() + defer fake.registerAPIServiceListerMutex.Unlock() + fake.RegisterAPIServiceListerStub = stub +} + +func (fake *FakeAPIRegistrationV1Lister) RegisterAPIServiceListerArgsForCall(i int) v1.APIServiceLister { + fake.registerAPIServiceListerMutex.RLock() + defer fake.registerAPIServiceListerMutex.RUnlock() + argsForCall := fake.registerAPIServiceListerArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeAPIRegistrationV1Lister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.aPIServiceListerMutex.RLock() + defer fake.aPIServiceListerMutex.RUnlock() + fake.registerAPIServiceListerMutex.RLock() + defer fake.registerAPIServiceListerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeAPIRegistrationV1Lister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.APIRegistrationV1Lister = new(FakeAPIRegistrationV1Lister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apps_v1lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apps_v1lister.go new file mode 100644 index 000000000..b40fa7c14 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_apps_v1lister.go @@ -0,0 +1,142 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + v1 "k8s.io/client-go/listers/apps/v1" +) + +type FakeAppsV1Lister struct { + DeploymentListerStub func() v1.DeploymentLister + deploymentListerMutex sync.RWMutex + deploymentListerArgsForCall []struct { + } + deploymentListerReturns struct { + result1 v1.DeploymentLister + } + deploymentListerReturnsOnCall map[int]struct { + result1 v1.DeploymentLister + } + RegisterDeploymentListerStub func(string, v1.DeploymentLister) + registerDeploymentListerMutex sync.RWMutex + registerDeploymentListerArgsForCall []struct { + arg1 string + arg2 v1.DeploymentLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeAppsV1Lister) DeploymentLister() v1.DeploymentLister { + fake.deploymentListerMutex.Lock() + ret, specificReturn := fake.deploymentListerReturnsOnCall[len(fake.deploymentListerArgsForCall)] + fake.deploymentListerArgsForCall = append(fake.deploymentListerArgsForCall, struct { + }{}) + fake.recordInvocation("DeploymentLister", []interface{}{}) + fake.deploymentListerMutex.Unlock() + if fake.DeploymentListerStub != nil { + return fake.DeploymentListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.deploymentListerReturns + return fakeReturns.result1 +} + +func (fake *FakeAppsV1Lister) DeploymentListerCallCount() int { + fake.deploymentListerMutex.RLock() + defer fake.deploymentListerMutex.RUnlock() + return len(fake.deploymentListerArgsForCall) +} + +func (fake *FakeAppsV1Lister) DeploymentListerCalls(stub func() v1.DeploymentLister) { + fake.deploymentListerMutex.Lock() + defer fake.deploymentListerMutex.Unlock() + fake.DeploymentListerStub = stub +} + +func (fake *FakeAppsV1Lister) DeploymentListerReturns(result1 v1.DeploymentLister) { + fake.deploymentListerMutex.Lock() + defer fake.deploymentListerMutex.Unlock() + fake.DeploymentListerStub = nil + fake.deploymentListerReturns = struct { + result1 v1.DeploymentLister + }{result1} +} + +func (fake *FakeAppsV1Lister) DeploymentListerReturnsOnCall(i int, result1 v1.DeploymentLister) { + fake.deploymentListerMutex.Lock() + defer fake.deploymentListerMutex.Unlock() + fake.DeploymentListerStub = nil + if fake.deploymentListerReturnsOnCall == nil { + fake.deploymentListerReturnsOnCall = make(map[int]struct { + result1 v1.DeploymentLister + }) + } + fake.deploymentListerReturnsOnCall[i] = struct { + result1 v1.DeploymentLister + }{result1} +} + +func (fake *FakeAppsV1Lister) RegisterDeploymentLister(arg1 string, arg2 v1.DeploymentLister) { + fake.registerDeploymentListerMutex.Lock() + fake.registerDeploymentListerArgsForCall = append(fake.registerDeploymentListerArgsForCall, struct { + arg1 string + arg2 v1.DeploymentLister + }{arg1, arg2}) + fake.recordInvocation("RegisterDeploymentLister", []interface{}{arg1, arg2}) + fake.registerDeploymentListerMutex.Unlock() + if fake.RegisterDeploymentListerStub != nil { + fake.RegisterDeploymentListerStub(arg1, arg2) + } +} + +func (fake *FakeAppsV1Lister) RegisterDeploymentListerCallCount() int { + fake.registerDeploymentListerMutex.RLock() + defer fake.registerDeploymentListerMutex.RUnlock() + return len(fake.registerDeploymentListerArgsForCall) +} + +func (fake *FakeAppsV1Lister) RegisterDeploymentListerCalls(stub func(string, v1.DeploymentLister)) { + fake.registerDeploymentListerMutex.Lock() + defer fake.registerDeploymentListerMutex.Unlock() + fake.RegisterDeploymentListerStub = stub +} + +func (fake *FakeAppsV1Lister) RegisterDeploymentListerArgsForCall(i int) (string, v1.DeploymentLister) { + fake.registerDeploymentListerMutex.RLock() + defer fake.registerDeploymentListerMutex.RUnlock() + argsForCall := fake.registerDeploymentListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeAppsV1Lister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.deploymentListerMutex.RLock() + defer fake.deploymentListerMutex.RUnlock() + fake.registerDeploymentListerMutex.RLock() + defer fake.registerDeploymentListerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeAppsV1Lister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.AppsV1Lister = new(FakeAppsV1Lister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_core_v1lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_core_v1lister.go new file mode 100644 index 000000000..f4ecad035 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_core_v1lister.go @@ -0,0 +1,660 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + v1 "k8s.io/client-go/listers/core/v1" +) + +type FakeCoreV1Lister struct { + ConfigMapListerStub func() v1.ConfigMapLister + configMapListerMutex sync.RWMutex + configMapListerArgsForCall []struct { + } + configMapListerReturns struct { + result1 v1.ConfigMapLister + } + configMapListerReturnsOnCall map[int]struct { + result1 v1.ConfigMapLister + } + NamespaceListerStub func() v1.NamespaceLister + namespaceListerMutex sync.RWMutex + namespaceListerArgsForCall []struct { + } + namespaceListerReturns struct { + result1 v1.NamespaceLister + } + namespaceListerReturnsOnCall map[int]struct { + result1 v1.NamespaceLister + } + PodListerStub func() v1.PodLister + podListerMutex sync.RWMutex + podListerArgsForCall []struct { + } + podListerReturns struct { + result1 v1.PodLister + } + podListerReturnsOnCall map[int]struct { + result1 v1.PodLister + } + RegisterConfigMapListerStub func(string, v1.ConfigMapLister) + registerConfigMapListerMutex sync.RWMutex + registerConfigMapListerArgsForCall []struct { + arg1 string + arg2 v1.ConfigMapLister + } + RegisterNamespaceListerStub func(v1.NamespaceLister) + registerNamespaceListerMutex sync.RWMutex + registerNamespaceListerArgsForCall []struct { + arg1 v1.NamespaceLister + } + RegisterPodListerStub func(string, v1.PodLister) + registerPodListerMutex sync.RWMutex + registerPodListerArgsForCall []struct { + arg1 string + arg2 v1.PodLister + } + RegisterSecretListerStub func(string, v1.SecretLister) + registerSecretListerMutex sync.RWMutex + registerSecretListerArgsForCall []struct { + arg1 string + arg2 v1.SecretLister + } + RegisterServiceAccountListerStub func(string, v1.ServiceAccountLister) + registerServiceAccountListerMutex sync.RWMutex + registerServiceAccountListerArgsForCall []struct { + arg1 string + arg2 v1.ServiceAccountLister + } + RegisterServiceListerStub func(string, v1.ServiceLister) + registerServiceListerMutex sync.RWMutex + registerServiceListerArgsForCall []struct { + arg1 string + arg2 v1.ServiceLister + } + SecretListerStub func() v1.SecretLister + secretListerMutex sync.RWMutex + secretListerArgsForCall []struct { + } + secretListerReturns struct { + result1 v1.SecretLister + } + secretListerReturnsOnCall map[int]struct { + result1 v1.SecretLister + } + ServiceAccountListerStub func() v1.ServiceAccountLister + serviceAccountListerMutex sync.RWMutex + serviceAccountListerArgsForCall []struct { + } + serviceAccountListerReturns struct { + result1 v1.ServiceAccountLister + } + serviceAccountListerReturnsOnCall map[int]struct { + result1 v1.ServiceAccountLister + } + ServiceListerStub func() v1.ServiceLister + serviceListerMutex sync.RWMutex + serviceListerArgsForCall []struct { + } + serviceListerReturns struct { + result1 v1.ServiceLister + } + serviceListerReturnsOnCall map[int]struct { + result1 v1.ServiceLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeCoreV1Lister) ConfigMapLister() v1.ConfigMapLister { + fake.configMapListerMutex.Lock() + ret, specificReturn := fake.configMapListerReturnsOnCall[len(fake.configMapListerArgsForCall)] + fake.configMapListerArgsForCall = append(fake.configMapListerArgsForCall, struct { + }{}) + fake.recordInvocation("ConfigMapLister", []interface{}{}) + fake.configMapListerMutex.Unlock() + if fake.ConfigMapListerStub != nil { + return fake.ConfigMapListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.configMapListerReturns + return fakeReturns.result1 +} + +func (fake *FakeCoreV1Lister) ConfigMapListerCallCount() int { + fake.configMapListerMutex.RLock() + defer fake.configMapListerMutex.RUnlock() + return len(fake.configMapListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) ConfigMapListerCalls(stub func() v1.ConfigMapLister) { + fake.configMapListerMutex.Lock() + defer fake.configMapListerMutex.Unlock() + fake.ConfigMapListerStub = stub +} + +func (fake *FakeCoreV1Lister) ConfigMapListerReturns(result1 v1.ConfigMapLister) { + fake.configMapListerMutex.Lock() + defer fake.configMapListerMutex.Unlock() + fake.ConfigMapListerStub = nil + fake.configMapListerReturns = struct { + result1 v1.ConfigMapLister + }{result1} +} + +func (fake *FakeCoreV1Lister) ConfigMapListerReturnsOnCall(i int, result1 v1.ConfigMapLister) { + fake.configMapListerMutex.Lock() + defer fake.configMapListerMutex.Unlock() + fake.ConfigMapListerStub = nil + if fake.configMapListerReturnsOnCall == nil { + fake.configMapListerReturnsOnCall = make(map[int]struct { + result1 v1.ConfigMapLister + }) + } + fake.configMapListerReturnsOnCall[i] = struct { + result1 v1.ConfigMapLister + }{result1} +} + +func (fake *FakeCoreV1Lister) NamespaceLister() v1.NamespaceLister { + fake.namespaceListerMutex.Lock() + ret, specificReturn := fake.namespaceListerReturnsOnCall[len(fake.namespaceListerArgsForCall)] + fake.namespaceListerArgsForCall = append(fake.namespaceListerArgsForCall, struct { + }{}) + fake.recordInvocation("NamespaceLister", []interface{}{}) + fake.namespaceListerMutex.Unlock() + if fake.NamespaceListerStub != nil { + return fake.NamespaceListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.namespaceListerReturns + return fakeReturns.result1 +} + +func (fake *FakeCoreV1Lister) NamespaceListerCallCount() int { + fake.namespaceListerMutex.RLock() + defer fake.namespaceListerMutex.RUnlock() + return len(fake.namespaceListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) NamespaceListerCalls(stub func() v1.NamespaceLister) { + fake.namespaceListerMutex.Lock() + defer fake.namespaceListerMutex.Unlock() + fake.NamespaceListerStub = stub +} + +func (fake *FakeCoreV1Lister) NamespaceListerReturns(result1 v1.NamespaceLister) { + fake.namespaceListerMutex.Lock() + defer fake.namespaceListerMutex.Unlock() + fake.NamespaceListerStub = nil + fake.namespaceListerReturns = struct { + result1 v1.NamespaceLister + }{result1} +} + +func (fake *FakeCoreV1Lister) NamespaceListerReturnsOnCall(i int, result1 v1.NamespaceLister) { + fake.namespaceListerMutex.Lock() + defer fake.namespaceListerMutex.Unlock() + fake.NamespaceListerStub = nil + if fake.namespaceListerReturnsOnCall == nil { + fake.namespaceListerReturnsOnCall = make(map[int]struct { + result1 v1.NamespaceLister + }) + } + fake.namespaceListerReturnsOnCall[i] = struct { + result1 v1.NamespaceLister + }{result1} +} + +func (fake *FakeCoreV1Lister) PodLister() v1.PodLister { + fake.podListerMutex.Lock() + ret, specificReturn := fake.podListerReturnsOnCall[len(fake.podListerArgsForCall)] + fake.podListerArgsForCall = append(fake.podListerArgsForCall, struct { + }{}) + fake.recordInvocation("PodLister", []interface{}{}) + fake.podListerMutex.Unlock() + if fake.PodListerStub != nil { + return fake.PodListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.podListerReturns + return fakeReturns.result1 +} + +func (fake *FakeCoreV1Lister) PodListerCallCount() int { + fake.podListerMutex.RLock() + defer fake.podListerMutex.RUnlock() + return len(fake.podListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) PodListerCalls(stub func() v1.PodLister) { + fake.podListerMutex.Lock() + defer fake.podListerMutex.Unlock() + fake.PodListerStub = stub +} + +func (fake *FakeCoreV1Lister) PodListerReturns(result1 v1.PodLister) { + fake.podListerMutex.Lock() + defer fake.podListerMutex.Unlock() + fake.PodListerStub = nil + fake.podListerReturns = struct { + result1 v1.PodLister + }{result1} +} + +func (fake *FakeCoreV1Lister) PodListerReturnsOnCall(i int, result1 v1.PodLister) { + fake.podListerMutex.Lock() + defer fake.podListerMutex.Unlock() + fake.PodListerStub = nil + if fake.podListerReturnsOnCall == nil { + fake.podListerReturnsOnCall = make(map[int]struct { + result1 v1.PodLister + }) + } + fake.podListerReturnsOnCall[i] = struct { + result1 v1.PodLister + }{result1} +} + +func (fake *FakeCoreV1Lister) RegisterConfigMapLister(arg1 string, arg2 v1.ConfigMapLister) { + fake.registerConfigMapListerMutex.Lock() + fake.registerConfigMapListerArgsForCall = append(fake.registerConfigMapListerArgsForCall, struct { + arg1 string + arg2 v1.ConfigMapLister + }{arg1, arg2}) + fake.recordInvocation("RegisterConfigMapLister", []interface{}{arg1, arg2}) + fake.registerConfigMapListerMutex.Unlock() + if fake.RegisterConfigMapListerStub != nil { + fake.RegisterConfigMapListerStub(arg1, arg2) + } +} + +func (fake *FakeCoreV1Lister) RegisterConfigMapListerCallCount() int { + fake.registerConfigMapListerMutex.RLock() + defer fake.registerConfigMapListerMutex.RUnlock() + return len(fake.registerConfigMapListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) RegisterConfigMapListerCalls(stub func(string, v1.ConfigMapLister)) { + fake.registerConfigMapListerMutex.Lock() + defer fake.registerConfigMapListerMutex.Unlock() + fake.RegisterConfigMapListerStub = stub +} + +func (fake *FakeCoreV1Lister) RegisterConfigMapListerArgsForCall(i int) (string, v1.ConfigMapLister) { + fake.registerConfigMapListerMutex.RLock() + defer fake.registerConfigMapListerMutex.RUnlock() + argsForCall := fake.registerConfigMapListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCoreV1Lister) RegisterNamespaceLister(arg1 v1.NamespaceLister) { + fake.registerNamespaceListerMutex.Lock() + fake.registerNamespaceListerArgsForCall = append(fake.registerNamespaceListerArgsForCall, struct { + arg1 v1.NamespaceLister + }{arg1}) + fake.recordInvocation("RegisterNamespaceLister", []interface{}{arg1}) + fake.registerNamespaceListerMutex.Unlock() + if fake.RegisterNamespaceListerStub != nil { + fake.RegisterNamespaceListerStub(arg1) + } +} + +func (fake *FakeCoreV1Lister) RegisterNamespaceListerCallCount() int { + fake.registerNamespaceListerMutex.RLock() + defer fake.registerNamespaceListerMutex.RUnlock() + return len(fake.registerNamespaceListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) RegisterNamespaceListerCalls(stub func(v1.NamespaceLister)) { + fake.registerNamespaceListerMutex.Lock() + defer fake.registerNamespaceListerMutex.Unlock() + fake.RegisterNamespaceListerStub = stub +} + +func (fake *FakeCoreV1Lister) RegisterNamespaceListerArgsForCall(i int) v1.NamespaceLister { + fake.registerNamespaceListerMutex.RLock() + defer fake.registerNamespaceListerMutex.RUnlock() + argsForCall := fake.registerNamespaceListerArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeCoreV1Lister) RegisterPodLister(arg1 string, arg2 v1.PodLister) { + fake.registerPodListerMutex.Lock() + fake.registerPodListerArgsForCall = append(fake.registerPodListerArgsForCall, struct { + arg1 string + arg2 v1.PodLister + }{arg1, arg2}) + fake.recordInvocation("RegisterPodLister", []interface{}{arg1, arg2}) + fake.registerPodListerMutex.Unlock() + if fake.RegisterPodListerStub != nil { + fake.RegisterPodListerStub(arg1, arg2) + } +} + +func (fake *FakeCoreV1Lister) RegisterPodListerCallCount() int { + fake.registerPodListerMutex.RLock() + defer fake.registerPodListerMutex.RUnlock() + return len(fake.registerPodListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) RegisterPodListerCalls(stub func(string, v1.PodLister)) { + fake.registerPodListerMutex.Lock() + defer fake.registerPodListerMutex.Unlock() + fake.RegisterPodListerStub = stub +} + +func (fake *FakeCoreV1Lister) RegisterPodListerArgsForCall(i int) (string, v1.PodLister) { + fake.registerPodListerMutex.RLock() + defer fake.registerPodListerMutex.RUnlock() + argsForCall := fake.registerPodListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCoreV1Lister) RegisterSecretLister(arg1 string, arg2 v1.SecretLister) { + fake.registerSecretListerMutex.Lock() + fake.registerSecretListerArgsForCall = append(fake.registerSecretListerArgsForCall, struct { + arg1 string + arg2 v1.SecretLister + }{arg1, arg2}) + fake.recordInvocation("RegisterSecretLister", []interface{}{arg1, arg2}) + fake.registerSecretListerMutex.Unlock() + if fake.RegisterSecretListerStub != nil { + fake.RegisterSecretListerStub(arg1, arg2) + } +} + +func (fake *FakeCoreV1Lister) RegisterSecretListerCallCount() int { + fake.registerSecretListerMutex.RLock() + defer fake.registerSecretListerMutex.RUnlock() + return len(fake.registerSecretListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) RegisterSecretListerCalls(stub func(string, v1.SecretLister)) { + fake.registerSecretListerMutex.Lock() + defer fake.registerSecretListerMutex.Unlock() + fake.RegisterSecretListerStub = stub +} + +func (fake *FakeCoreV1Lister) RegisterSecretListerArgsForCall(i int) (string, v1.SecretLister) { + fake.registerSecretListerMutex.RLock() + defer fake.registerSecretListerMutex.RUnlock() + argsForCall := fake.registerSecretListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCoreV1Lister) RegisterServiceAccountLister(arg1 string, arg2 v1.ServiceAccountLister) { + fake.registerServiceAccountListerMutex.Lock() + fake.registerServiceAccountListerArgsForCall = append(fake.registerServiceAccountListerArgsForCall, struct { + arg1 string + arg2 v1.ServiceAccountLister + }{arg1, arg2}) + fake.recordInvocation("RegisterServiceAccountLister", []interface{}{arg1, arg2}) + fake.registerServiceAccountListerMutex.Unlock() + if fake.RegisterServiceAccountListerStub != nil { + fake.RegisterServiceAccountListerStub(arg1, arg2) + } +} + +func (fake *FakeCoreV1Lister) RegisterServiceAccountListerCallCount() int { + fake.registerServiceAccountListerMutex.RLock() + defer fake.registerServiceAccountListerMutex.RUnlock() + return len(fake.registerServiceAccountListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) RegisterServiceAccountListerCalls(stub func(string, v1.ServiceAccountLister)) { + fake.registerServiceAccountListerMutex.Lock() + defer fake.registerServiceAccountListerMutex.Unlock() + fake.RegisterServiceAccountListerStub = stub +} + +func (fake *FakeCoreV1Lister) RegisterServiceAccountListerArgsForCall(i int) (string, v1.ServiceAccountLister) { + fake.registerServiceAccountListerMutex.RLock() + defer fake.registerServiceAccountListerMutex.RUnlock() + argsForCall := fake.registerServiceAccountListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCoreV1Lister) RegisterServiceLister(arg1 string, arg2 v1.ServiceLister) { + fake.registerServiceListerMutex.Lock() + fake.registerServiceListerArgsForCall = append(fake.registerServiceListerArgsForCall, struct { + arg1 string + arg2 v1.ServiceLister + }{arg1, arg2}) + fake.recordInvocation("RegisterServiceLister", []interface{}{arg1, arg2}) + fake.registerServiceListerMutex.Unlock() + if fake.RegisterServiceListerStub != nil { + fake.RegisterServiceListerStub(arg1, arg2) + } +} + +func (fake *FakeCoreV1Lister) RegisterServiceListerCallCount() int { + fake.registerServiceListerMutex.RLock() + defer fake.registerServiceListerMutex.RUnlock() + return len(fake.registerServiceListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) RegisterServiceListerCalls(stub func(string, v1.ServiceLister)) { + fake.registerServiceListerMutex.Lock() + defer fake.registerServiceListerMutex.Unlock() + fake.RegisterServiceListerStub = stub +} + +func (fake *FakeCoreV1Lister) RegisterServiceListerArgsForCall(i int) (string, v1.ServiceLister) { + fake.registerServiceListerMutex.RLock() + defer fake.registerServiceListerMutex.RUnlock() + argsForCall := fake.registerServiceListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCoreV1Lister) SecretLister() v1.SecretLister { + fake.secretListerMutex.Lock() + ret, specificReturn := fake.secretListerReturnsOnCall[len(fake.secretListerArgsForCall)] + fake.secretListerArgsForCall = append(fake.secretListerArgsForCall, struct { + }{}) + fake.recordInvocation("SecretLister", []interface{}{}) + fake.secretListerMutex.Unlock() + if fake.SecretListerStub != nil { + return fake.SecretListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.secretListerReturns + return fakeReturns.result1 +} + +func (fake *FakeCoreV1Lister) SecretListerCallCount() int { + fake.secretListerMutex.RLock() + defer fake.secretListerMutex.RUnlock() + return len(fake.secretListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) SecretListerCalls(stub func() v1.SecretLister) { + fake.secretListerMutex.Lock() + defer fake.secretListerMutex.Unlock() + fake.SecretListerStub = stub +} + +func (fake *FakeCoreV1Lister) SecretListerReturns(result1 v1.SecretLister) { + fake.secretListerMutex.Lock() + defer fake.secretListerMutex.Unlock() + fake.SecretListerStub = nil + fake.secretListerReturns = struct { + result1 v1.SecretLister + }{result1} +} + +func (fake *FakeCoreV1Lister) SecretListerReturnsOnCall(i int, result1 v1.SecretLister) { + fake.secretListerMutex.Lock() + defer fake.secretListerMutex.Unlock() + fake.SecretListerStub = nil + if fake.secretListerReturnsOnCall == nil { + fake.secretListerReturnsOnCall = make(map[int]struct { + result1 v1.SecretLister + }) + } + fake.secretListerReturnsOnCall[i] = struct { + result1 v1.SecretLister + }{result1} +} + +func (fake *FakeCoreV1Lister) ServiceAccountLister() v1.ServiceAccountLister { + fake.serviceAccountListerMutex.Lock() + ret, specificReturn := fake.serviceAccountListerReturnsOnCall[len(fake.serviceAccountListerArgsForCall)] + fake.serviceAccountListerArgsForCall = append(fake.serviceAccountListerArgsForCall, struct { + }{}) + fake.recordInvocation("ServiceAccountLister", []interface{}{}) + fake.serviceAccountListerMutex.Unlock() + if fake.ServiceAccountListerStub != nil { + return fake.ServiceAccountListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.serviceAccountListerReturns + return fakeReturns.result1 +} + +func (fake *FakeCoreV1Lister) ServiceAccountListerCallCount() int { + fake.serviceAccountListerMutex.RLock() + defer fake.serviceAccountListerMutex.RUnlock() + return len(fake.serviceAccountListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) ServiceAccountListerCalls(stub func() v1.ServiceAccountLister) { + fake.serviceAccountListerMutex.Lock() + defer fake.serviceAccountListerMutex.Unlock() + fake.ServiceAccountListerStub = stub +} + +func (fake *FakeCoreV1Lister) ServiceAccountListerReturns(result1 v1.ServiceAccountLister) { + fake.serviceAccountListerMutex.Lock() + defer fake.serviceAccountListerMutex.Unlock() + fake.ServiceAccountListerStub = nil + fake.serviceAccountListerReturns = struct { + result1 v1.ServiceAccountLister + }{result1} +} + +func (fake *FakeCoreV1Lister) ServiceAccountListerReturnsOnCall(i int, result1 v1.ServiceAccountLister) { + fake.serviceAccountListerMutex.Lock() + defer fake.serviceAccountListerMutex.Unlock() + fake.ServiceAccountListerStub = nil + if fake.serviceAccountListerReturnsOnCall == nil { + fake.serviceAccountListerReturnsOnCall = make(map[int]struct { + result1 v1.ServiceAccountLister + }) + } + fake.serviceAccountListerReturnsOnCall[i] = struct { + result1 v1.ServiceAccountLister + }{result1} +} + +func (fake *FakeCoreV1Lister) ServiceLister() v1.ServiceLister { + fake.serviceListerMutex.Lock() + ret, specificReturn := fake.serviceListerReturnsOnCall[len(fake.serviceListerArgsForCall)] + fake.serviceListerArgsForCall = append(fake.serviceListerArgsForCall, struct { + }{}) + fake.recordInvocation("ServiceLister", []interface{}{}) + fake.serviceListerMutex.Unlock() + if fake.ServiceListerStub != nil { + return fake.ServiceListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.serviceListerReturns + return fakeReturns.result1 +} + +func (fake *FakeCoreV1Lister) ServiceListerCallCount() int { + fake.serviceListerMutex.RLock() + defer fake.serviceListerMutex.RUnlock() + return len(fake.serviceListerArgsForCall) +} + +func (fake *FakeCoreV1Lister) ServiceListerCalls(stub func() v1.ServiceLister) { + fake.serviceListerMutex.Lock() + defer fake.serviceListerMutex.Unlock() + fake.ServiceListerStub = stub +} + +func (fake *FakeCoreV1Lister) ServiceListerReturns(result1 v1.ServiceLister) { + fake.serviceListerMutex.Lock() + defer fake.serviceListerMutex.Unlock() + fake.ServiceListerStub = nil + fake.serviceListerReturns = struct { + result1 v1.ServiceLister + }{result1} +} + +func (fake *FakeCoreV1Lister) ServiceListerReturnsOnCall(i int, result1 v1.ServiceLister) { + fake.serviceListerMutex.Lock() + defer fake.serviceListerMutex.Unlock() + fake.ServiceListerStub = nil + if fake.serviceListerReturnsOnCall == nil { + fake.serviceListerReturnsOnCall = make(map[int]struct { + result1 v1.ServiceLister + }) + } + fake.serviceListerReturnsOnCall[i] = struct { + result1 v1.ServiceLister + }{result1} +} + +func (fake *FakeCoreV1Lister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.configMapListerMutex.RLock() + defer fake.configMapListerMutex.RUnlock() + fake.namespaceListerMutex.RLock() + defer fake.namespaceListerMutex.RUnlock() + fake.podListerMutex.RLock() + defer fake.podListerMutex.RUnlock() + fake.registerConfigMapListerMutex.RLock() + defer fake.registerConfigMapListerMutex.RUnlock() + fake.registerNamespaceListerMutex.RLock() + defer fake.registerNamespaceListerMutex.RUnlock() + fake.registerPodListerMutex.RLock() + defer fake.registerPodListerMutex.RUnlock() + fake.registerSecretListerMutex.RLock() + defer fake.registerSecretListerMutex.RUnlock() + fake.registerServiceAccountListerMutex.RLock() + defer fake.registerServiceAccountListerMutex.RUnlock() + fake.registerServiceListerMutex.RLock() + defer fake.registerServiceListerMutex.RUnlock() + fake.secretListerMutex.RLock() + defer fake.secretListerMutex.RUnlock() + fake.serviceAccountListerMutex.RLock() + defer fake.serviceAccountListerMutex.RUnlock() + fake.serviceListerMutex.RLock() + defer fake.serviceListerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeCoreV1Lister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.CoreV1Lister = new(FakeCoreV1Lister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operator_lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operator_lister.go new file mode 100644 index 000000000..9173faefb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operator_lister.go @@ -0,0 +1,485 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +type FakeOperatorLister struct { + APIExtensionsV1beta1Stub func() operatorlister.APIExtensionsV1beta1Lister + aPIExtensionsV1beta1Mutex sync.RWMutex + aPIExtensionsV1beta1ArgsForCall []struct { + } + aPIExtensionsV1beta1Returns struct { + result1 operatorlister.APIExtensionsV1beta1Lister + } + aPIExtensionsV1beta1ReturnsOnCall map[int]struct { + result1 operatorlister.APIExtensionsV1beta1Lister + } + APIRegistrationV1Stub func() operatorlister.APIRegistrationV1Lister + aPIRegistrationV1Mutex sync.RWMutex + aPIRegistrationV1ArgsForCall []struct { + } + aPIRegistrationV1Returns struct { + result1 operatorlister.APIRegistrationV1Lister + } + aPIRegistrationV1ReturnsOnCall map[int]struct { + result1 operatorlister.APIRegistrationV1Lister + } + AppsV1Stub func() operatorlister.AppsV1Lister + appsV1Mutex sync.RWMutex + appsV1ArgsForCall []struct { + } + appsV1Returns struct { + result1 operatorlister.AppsV1Lister + } + appsV1ReturnsOnCall map[int]struct { + result1 operatorlister.AppsV1Lister + } + CoreV1Stub func() operatorlister.CoreV1Lister + coreV1Mutex sync.RWMutex + coreV1ArgsForCall []struct { + } + coreV1Returns struct { + result1 operatorlister.CoreV1Lister + } + coreV1ReturnsOnCall map[int]struct { + result1 operatorlister.CoreV1Lister + } + OperatorsV1Stub func() operatorlister.OperatorsV1Lister + operatorsV1Mutex sync.RWMutex + operatorsV1ArgsForCall []struct { + } + operatorsV1Returns struct { + result1 operatorlister.OperatorsV1Lister + } + operatorsV1ReturnsOnCall map[int]struct { + result1 operatorlister.OperatorsV1Lister + } + OperatorsV1alpha1Stub func() operatorlister.OperatorsV1alpha1Lister + operatorsV1alpha1Mutex sync.RWMutex + operatorsV1alpha1ArgsForCall []struct { + } + operatorsV1alpha1Returns struct { + result1 operatorlister.OperatorsV1alpha1Lister + } + operatorsV1alpha1ReturnsOnCall map[int]struct { + result1 operatorlister.OperatorsV1alpha1Lister + } + RbacV1Stub func() operatorlister.RbacV1Lister + rbacV1Mutex sync.RWMutex + rbacV1ArgsForCall []struct { + } + rbacV1Returns struct { + result1 operatorlister.RbacV1Lister + } + rbacV1ReturnsOnCall map[int]struct { + result1 operatorlister.RbacV1Lister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeOperatorLister) APIExtensionsV1beta1() operatorlister.APIExtensionsV1beta1Lister { + fake.aPIExtensionsV1beta1Mutex.Lock() + ret, specificReturn := fake.aPIExtensionsV1beta1ReturnsOnCall[len(fake.aPIExtensionsV1beta1ArgsForCall)] + fake.aPIExtensionsV1beta1ArgsForCall = append(fake.aPIExtensionsV1beta1ArgsForCall, struct { + }{}) + fake.recordInvocation("APIExtensionsV1beta1", []interface{}{}) + fake.aPIExtensionsV1beta1Mutex.Unlock() + if fake.APIExtensionsV1beta1Stub != nil { + return fake.APIExtensionsV1beta1Stub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.aPIExtensionsV1beta1Returns + return fakeReturns.result1 +} + +func (fake *FakeOperatorLister) APIExtensionsV1beta1CallCount() int { + fake.aPIExtensionsV1beta1Mutex.RLock() + defer fake.aPIExtensionsV1beta1Mutex.RUnlock() + return len(fake.aPIExtensionsV1beta1ArgsForCall) +} + +func (fake *FakeOperatorLister) APIExtensionsV1beta1Calls(stub func() operatorlister.APIExtensionsV1beta1Lister) { + fake.aPIExtensionsV1beta1Mutex.Lock() + defer fake.aPIExtensionsV1beta1Mutex.Unlock() + fake.APIExtensionsV1beta1Stub = stub +} + +func (fake *FakeOperatorLister) APIExtensionsV1beta1Returns(result1 operatorlister.APIExtensionsV1beta1Lister) { + fake.aPIExtensionsV1beta1Mutex.Lock() + defer fake.aPIExtensionsV1beta1Mutex.Unlock() + fake.APIExtensionsV1beta1Stub = nil + fake.aPIExtensionsV1beta1Returns = struct { + result1 operatorlister.APIExtensionsV1beta1Lister + }{result1} +} + +func (fake *FakeOperatorLister) APIExtensionsV1beta1ReturnsOnCall(i int, result1 operatorlister.APIExtensionsV1beta1Lister) { + fake.aPIExtensionsV1beta1Mutex.Lock() + defer fake.aPIExtensionsV1beta1Mutex.Unlock() + fake.APIExtensionsV1beta1Stub = nil + if fake.aPIExtensionsV1beta1ReturnsOnCall == nil { + fake.aPIExtensionsV1beta1ReturnsOnCall = make(map[int]struct { + result1 operatorlister.APIExtensionsV1beta1Lister + }) + } + fake.aPIExtensionsV1beta1ReturnsOnCall[i] = struct { + result1 operatorlister.APIExtensionsV1beta1Lister + }{result1} +} + +func (fake *FakeOperatorLister) APIRegistrationV1() operatorlister.APIRegistrationV1Lister { + fake.aPIRegistrationV1Mutex.Lock() + ret, specificReturn := fake.aPIRegistrationV1ReturnsOnCall[len(fake.aPIRegistrationV1ArgsForCall)] + fake.aPIRegistrationV1ArgsForCall = append(fake.aPIRegistrationV1ArgsForCall, struct { + }{}) + fake.recordInvocation("APIRegistrationV1", []interface{}{}) + fake.aPIRegistrationV1Mutex.Unlock() + if fake.APIRegistrationV1Stub != nil { + return fake.APIRegistrationV1Stub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.aPIRegistrationV1Returns + return fakeReturns.result1 +} + +func (fake *FakeOperatorLister) APIRegistrationV1CallCount() int { + fake.aPIRegistrationV1Mutex.RLock() + defer fake.aPIRegistrationV1Mutex.RUnlock() + return len(fake.aPIRegistrationV1ArgsForCall) +} + +func (fake *FakeOperatorLister) APIRegistrationV1Calls(stub func() operatorlister.APIRegistrationV1Lister) { + fake.aPIRegistrationV1Mutex.Lock() + defer fake.aPIRegistrationV1Mutex.Unlock() + fake.APIRegistrationV1Stub = stub +} + +func (fake *FakeOperatorLister) APIRegistrationV1Returns(result1 operatorlister.APIRegistrationV1Lister) { + fake.aPIRegistrationV1Mutex.Lock() + defer fake.aPIRegistrationV1Mutex.Unlock() + fake.APIRegistrationV1Stub = nil + fake.aPIRegistrationV1Returns = struct { + result1 operatorlister.APIRegistrationV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) APIRegistrationV1ReturnsOnCall(i int, result1 operatorlister.APIRegistrationV1Lister) { + fake.aPIRegistrationV1Mutex.Lock() + defer fake.aPIRegistrationV1Mutex.Unlock() + fake.APIRegistrationV1Stub = nil + if fake.aPIRegistrationV1ReturnsOnCall == nil { + fake.aPIRegistrationV1ReturnsOnCall = make(map[int]struct { + result1 operatorlister.APIRegistrationV1Lister + }) + } + fake.aPIRegistrationV1ReturnsOnCall[i] = struct { + result1 operatorlister.APIRegistrationV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) AppsV1() operatorlister.AppsV1Lister { + fake.appsV1Mutex.Lock() + ret, specificReturn := fake.appsV1ReturnsOnCall[len(fake.appsV1ArgsForCall)] + fake.appsV1ArgsForCall = append(fake.appsV1ArgsForCall, struct { + }{}) + fake.recordInvocation("AppsV1", []interface{}{}) + fake.appsV1Mutex.Unlock() + if fake.AppsV1Stub != nil { + return fake.AppsV1Stub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.appsV1Returns + return fakeReturns.result1 +} + +func (fake *FakeOperatorLister) AppsV1CallCount() int { + fake.appsV1Mutex.RLock() + defer fake.appsV1Mutex.RUnlock() + return len(fake.appsV1ArgsForCall) +} + +func (fake *FakeOperatorLister) AppsV1Calls(stub func() operatorlister.AppsV1Lister) { + fake.appsV1Mutex.Lock() + defer fake.appsV1Mutex.Unlock() + fake.AppsV1Stub = stub +} + +func (fake *FakeOperatorLister) AppsV1Returns(result1 operatorlister.AppsV1Lister) { + fake.appsV1Mutex.Lock() + defer fake.appsV1Mutex.Unlock() + fake.AppsV1Stub = nil + fake.appsV1Returns = struct { + result1 operatorlister.AppsV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) AppsV1ReturnsOnCall(i int, result1 operatorlister.AppsV1Lister) { + fake.appsV1Mutex.Lock() + defer fake.appsV1Mutex.Unlock() + fake.AppsV1Stub = nil + if fake.appsV1ReturnsOnCall == nil { + fake.appsV1ReturnsOnCall = make(map[int]struct { + result1 operatorlister.AppsV1Lister + }) + } + fake.appsV1ReturnsOnCall[i] = struct { + result1 operatorlister.AppsV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) CoreV1() operatorlister.CoreV1Lister { + fake.coreV1Mutex.Lock() + ret, specificReturn := fake.coreV1ReturnsOnCall[len(fake.coreV1ArgsForCall)] + fake.coreV1ArgsForCall = append(fake.coreV1ArgsForCall, struct { + }{}) + fake.recordInvocation("CoreV1", []interface{}{}) + fake.coreV1Mutex.Unlock() + if fake.CoreV1Stub != nil { + return fake.CoreV1Stub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.coreV1Returns + return fakeReturns.result1 +} + +func (fake *FakeOperatorLister) CoreV1CallCount() int { + fake.coreV1Mutex.RLock() + defer fake.coreV1Mutex.RUnlock() + return len(fake.coreV1ArgsForCall) +} + +func (fake *FakeOperatorLister) CoreV1Calls(stub func() operatorlister.CoreV1Lister) { + fake.coreV1Mutex.Lock() + defer fake.coreV1Mutex.Unlock() + fake.CoreV1Stub = stub +} + +func (fake *FakeOperatorLister) CoreV1Returns(result1 operatorlister.CoreV1Lister) { + fake.coreV1Mutex.Lock() + defer fake.coreV1Mutex.Unlock() + fake.CoreV1Stub = nil + fake.coreV1Returns = struct { + result1 operatorlister.CoreV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) CoreV1ReturnsOnCall(i int, result1 operatorlister.CoreV1Lister) { + fake.coreV1Mutex.Lock() + defer fake.coreV1Mutex.Unlock() + fake.CoreV1Stub = nil + if fake.coreV1ReturnsOnCall == nil { + fake.coreV1ReturnsOnCall = make(map[int]struct { + result1 operatorlister.CoreV1Lister + }) + } + fake.coreV1ReturnsOnCall[i] = struct { + result1 operatorlister.CoreV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) OperatorsV1() operatorlister.OperatorsV1Lister { + fake.operatorsV1Mutex.Lock() + ret, specificReturn := fake.operatorsV1ReturnsOnCall[len(fake.operatorsV1ArgsForCall)] + fake.operatorsV1ArgsForCall = append(fake.operatorsV1ArgsForCall, struct { + }{}) + fake.recordInvocation("OperatorsV1", []interface{}{}) + fake.operatorsV1Mutex.Unlock() + if fake.OperatorsV1Stub != nil { + return fake.OperatorsV1Stub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.operatorsV1Returns + return fakeReturns.result1 +} + +func (fake *FakeOperatorLister) OperatorsV1CallCount() int { + fake.operatorsV1Mutex.RLock() + defer fake.operatorsV1Mutex.RUnlock() + return len(fake.operatorsV1ArgsForCall) +} + +func (fake *FakeOperatorLister) OperatorsV1Calls(stub func() operatorlister.OperatorsV1Lister) { + fake.operatorsV1Mutex.Lock() + defer fake.operatorsV1Mutex.Unlock() + fake.OperatorsV1Stub = stub +} + +func (fake *FakeOperatorLister) OperatorsV1Returns(result1 operatorlister.OperatorsV1Lister) { + fake.operatorsV1Mutex.Lock() + defer fake.operatorsV1Mutex.Unlock() + fake.OperatorsV1Stub = nil + fake.operatorsV1Returns = struct { + result1 operatorlister.OperatorsV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) OperatorsV1ReturnsOnCall(i int, result1 operatorlister.OperatorsV1Lister) { + fake.operatorsV1Mutex.Lock() + defer fake.operatorsV1Mutex.Unlock() + fake.OperatorsV1Stub = nil + if fake.operatorsV1ReturnsOnCall == nil { + fake.operatorsV1ReturnsOnCall = make(map[int]struct { + result1 operatorlister.OperatorsV1Lister + }) + } + fake.operatorsV1ReturnsOnCall[i] = struct { + result1 operatorlister.OperatorsV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) OperatorsV1alpha1() operatorlister.OperatorsV1alpha1Lister { + fake.operatorsV1alpha1Mutex.Lock() + ret, specificReturn := fake.operatorsV1alpha1ReturnsOnCall[len(fake.operatorsV1alpha1ArgsForCall)] + fake.operatorsV1alpha1ArgsForCall = append(fake.operatorsV1alpha1ArgsForCall, struct { + }{}) + fake.recordInvocation("OperatorsV1alpha1", []interface{}{}) + fake.operatorsV1alpha1Mutex.Unlock() + if fake.OperatorsV1alpha1Stub != nil { + return fake.OperatorsV1alpha1Stub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.operatorsV1alpha1Returns + return fakeReturns.result1 +} + +func (fake *FakeOperatorLister) OperatorsV1alpha1CallCount() int { + fake.operatorsV1alpha1Mutex.RLock() + defer fake.operatorsV1alpha1Mutex.RUnlock() + return len(fake.operatorsV1alpha1ArgsForCall) +} + +func (fake *FakeOperatorLister) OperatorsV1alpha1Calls(stub func() operatorlister.OperatorsV1alpha1Lister) { + fake.operatorsV1alpha1Mutex.Lock() + defer fake.operatorsV1alpha1Mutex.Unlock() + fake.OperatorsV1alpha1Stub = stub +} + +func (fake *FakeOperatorLister) OperatorsV1alpha1Returns(result1 operatorlister.OperatorsV1alpha1Lister) { + fake.operatorsV1alpha1Mutex.Lock() + defer fake.operatorsV1alpha1Mutex.Unlock() + fake.OperatorsV1alpha1Stub = nil + fake.operatorsV1alpha1Returns = struct { + result1 operatorlister.OperatorsV1alpha1Lister + }{result1} +} + +func (fake *FakeOperatorLister) OperatorsV1alpha1ReturnsOnCall(i int, result1 operatorlister.OperatorsV1alpha1Lister) { + fake.operatorsV1alpha1Mutex.Lock() + defer fake.operatorsV1alpha1Mutex.Unlock() + fake.OperatorsV1alpha1Stub = nil + if fake.operatorsV1alpha1ReturnsOnCall == nil { + fake.operatorsV1alpha1ReturnsOnCall = make(map[int]struct { + result1 operatorlister.OperatorsV1alpha1Lister + }) + } + fake.operatorsV1alpha1ReturnsOnCall[i] = struct { + result1 operatorlister.OperatorsV1alpha1Lister + }{result1} +} + +func (fake *FakeOperatorLister) RbacV1() operatorlister.RbacV1Lister { + fake.rbacV1Mutex.Lock() + ret, specificReturn := fake.rbacV1ReturnsOnCall[len(fake.rbacV1ArgsForCall)] + fake.rbacV1ArgsForCall = append(fake.rbacV1ArgsForCall, struct { + }{}) + fake.recordInvocation("RbacV1", []interface{}{}) + fake.rbacV1Mutex.Unlock() + if fake.RbacV1Stub != nil { + return fake.RbacV1Stub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.rbacV1Returns + return fakeReturns.result1 +} + +func (fake *FakeOperatorLister) RbacV1CallCount() int { + fake.rbacV1Mutex.RLock() + defer fake.rbacV1Mutex.RUnlock() + return len(fake.rbacV1ArgsForCall) +} + +func (fake *FakeOperatorLister) RbacV1Calls(stub func() operatorlister.RbacV1Lister) { + fake.rbacV1Mutex.Lock() + defer fake.rbacV1Mutex.Unlock() + fake.RbacV1Stub = stub +} + +func (fake *FakeOperatorLister) RbacV1Returns(result1 operatorlister.RbacV1Lister) { + fake.rbacV1Mutex.Lock() + defer fake.rbacV1Mutex.Unlock() + fake.RbacV1Stub = nil + fake.rbacV1Returns = struct { + result1 operatorlister.RbacV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) RbacV1ReturnsOnCall(i int, result1 operatorlister.RbacV1Lister) { + fake.rbacV1Mutex.Lock() + defer fake.rbacV1Mutex.Unlock() + fake.RbacV1Stub = nil + if fake.rbacV1ReturnsOnCall == nil { + fake.rbacV1ReturnsOnCall = make(map[int]struct { + result1 operatorlister.RbacV1Lister + }) + } + fake.rbacV1ReturnsOnCall[i] = struct { + result1 operatorlister.RbacV1Lister + }{result1} +} + +func (fake *FakeOperatorLister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.aPIExtensionsV1beta1Mutex.RLock() + defer fake.aPIExtensionsV1beta1Mutex.RUnlock() + fake.aPIRegistrationV1Mutex.RLock() + defer fake.aPIRegistrationV1Mutex.RUnlock() + fake.appsV1Mutex.RLock() + defer fake.appsV1Mutex.RUnlock() + fake.coreV1Mutex.RLock() + defer fake.coreV1Mutex.RUnlock() + fake.operatorsV1Mutex.RLock() + defer fake.operatorsV1Mutex.RUnlock() + fake.operatorsV1alpha1Mutex.RLock() + defer fake.operatorsV1alpha1Mutex.RUnlock() + fake.rbacV1Mutex.RLock() + defer fake.rbacV1Mutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeOperatorLister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.OperatorLister = new(FakeOperatorLister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operators_v1alpha1lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operators_v1alpha1lister.go new file mode 100644 index 000000000..4885d924b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operators_v1alpha1lister.go @@ -0,0 +1,454 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +type FakeOperatorsV1alpha1Lister struct { + CatalogSourceListerStub func() v1alpha1.CatalogSourceLister + catalogSourceListerMutex sync.RWMutex + catalogSourceListerArgsForCall []struct { + } + catalogSourceListerReturns struct { + result1 v1alpha1.CatalogSourceLister + } + catalogSourceListerReturnsOnCall map[int]struct { + result1 v1alpha1.CatalogSourceLister + } + ClusterServiceVersionListerStub func() v1alpha1.ClusterServiceVersionLister + clusterServiceVersionListerMutex sync.RWMutex + clusterServiceVersionListerArgsForCall []struct { + } + clusterServiceVersionListerReturns struct { + result1 v1alpha1.ClusterServiceVersionLister + } + clusterServiceVersionListerReturnsOnCall map[int]struct { + result1 v1alpha1.ClusterServiceVersionLister + } + InstallPlanListerStub func() v1alpha1.InstallPlanLister + installPlanListerMutex sync.RWMutex + installPlanListerArgsForCall []struct { + } + installPlanListerReturns struct { + result1 v1alpha1.InstallPlanLister + } + installPlanListerReturnsOnCall map[int]struct { + result1 v1alpha1.InstallPlanLister + } + RegisterCatalogSourceListerStub func(string, v1alpha1.CatalogSourceLister) + registerCatalogSourceListerMutex sync.RWMutex + registerCatalogSourceListerArgsForCall []struct { + arg1 string + arg2 v1alpha1.CatalogSourceLister + } + RegisterClusterServiceVersionListerStub func(string, v1alpha1.ClusterServiceVersionLister) + registerClusterServiceVersionListerMutex sync.RWMutex + registerClusterServiceVersionListerArgsForCall []struct { + arg1 string + arg2 v1alpha1.ClusterServiceVersionLister + } + RegisterInstallPlanListerStub func(string, v1alpha1.InstallPlanLister) + registerInstallPlanListerMutex sync.RWMutex + registerInstallPlanListerArgsForCall []struct { + arg1 string + arg2 v1alpha1.InstallPlanLister + } + RegisterSubscriptionListerStub func(string, v1alpha1.SubscriptionLister) + registerSubscriptionListerMutex sync.RWMutex + registerSubscriptionListerArgsForCall []struct { + arg1 string + arg2 v1alpha1.SubscriptionLister + } + SubscriptionListerStub func() v1alpha1.SubscriptionLister + subscriptionListerMutex sync.RWMutex + subscriptionListerArgsForCall []struct { + } + subscriptionListerReturns struct { + result1 v1alpha1.SubscriptionLister + } + subscriptionListerReturnsOnCall map[int]struct { + result1 v1alpha1.SubscriptionLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeOperatorsV1alpha1Lister) CatalogSourceLister() v1alpha1.CatalogSourceLister { + fake.catalogSourceListerMutex.Lock() + ret, specificReturn := fake.catalogSourceListerReturnsOnCall[len(fake.catalogSourceListerArgsForCall)] + fake.catalogSourceListerArgsForCall = append(fake.catalogSourceListerArgsForCall, struct { + }{}) + fake.recordInvocation("CatalogSourceLister", []interface{}{}) + fake.catalogSourceListerMutex.Unlock() + if fake.CatalogSourceListerStub != nil { + return fake.CatalogSourceListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.catalogSourceListerReturns + return fakeReturns.result1 +} + +func (fake *FakeOperatorsV1alpha1Lister) CatalogSourceListerCallCount() int { + fake.catalogSourceListerMutex.RLock() + defer fake.catalogSourceListerMutex.RUnlock() + return len(fake.catalogSourceListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) CatalogSourceListerCalls(stub func() v1alpha1.CatalogSourceLister) { + fake.catalogSourceListerMutex.Lock() + defer fake.catalogSourceListerMutex.Unlock() + fake.CatalogSourceListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) CatalogSourceListerReturns(result1 v1alpha1.CatalogSourceLister) { + fake.catalogSourceListerMutex.Lock() + defer fake.catalogSourceListerMutex.Unlock() + fake.CatalogSourceListerStub = nil + fake.catalogSourceListerReturns = struct { + result1 v1alpha1.CatalogSourceLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) CatalogSourceListerReturnsOnCall(i int, result1 v1alpha1.CatalogSourceLister) { + fake.catalogSourceListerMutex.Lock() + defer fake.catalogSourceListerMutex.Unlock() + fake.CatalogSourceListerStub = nil + if fake.catalogSourceListerReturnsOnCall == nil { + fake.catalogSourceListerReturnsOnCall = make(map[int]struct { + result1 v1alpha1.CatalogSourceLister + }) + } + fake.catalogSourceListerReturnsOnCall[i] = struct { + result1 v1alpha1.CatalogSourceLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) ClusterServiceVersionLister() v1alpha1.ClusterServiceVersionLister { + fake.clusterServiceVersionListerMutex.Lock() + ret, specificReturn := fake.clusterServiceVersionListerReturnsOnCall[len(fake.clusterServiceVersionListerArgsForCall)] + fake.clusterServiceVersionListerArgsForCall = append(fake.clusterServiceVersionListerArgsForCall, struct { + }{}) + fake.recordInvocation("ClusterServiceVersionLister", []interface{}{}) + fake.clusterServiceVersionListerMutex.Unlock() + if fake.ClusterServiceVersionListerStub != nil { + return fake.ClusterServiceVersionListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.clusterServiceVersionListerReturns + return fakeReturns.result1 +} + +func (fake *FakeOperatorsV1alpha1Lister) ClusterServiceVersionListerCallCount() int { + fake.clusterServiceVersionListerMutex.RLock() + defer fake.clusterServiceVersionListerMutex.RUnlock() + return len(fake.clusterServiceVersionListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) ClusterServiceVersionListerCalls(stub func() v1alpha1.ClusterServiceVersionLister) { + fake.clusterServiceVersionListerMutex.Lock() + defer fake.clusterServiceVersionListerMutex.Unlock() + fake.ClusterServiceVersionListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) ClusterServiceVersionListerReturns(result1 v1alpha1.ClusterServiceVersionLister) { + fake.clusterServiceVersionListerMutex.Lock() + defer fake.clusterServiceVersionListerMutex.Unlock() + fake.ClusterServiceVersionListerStub = nil + fake.clusterServiceVersionListerReturns = struct { + result1 v1alpha1.ClusterServiceVersionLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) ClusterServiceVersionListerReturnsOnCall(i int, result1 v1alpha1.ClusterServiceVersionLister) { + fake.clusterServiceVersionListerMutex.Lock() + defer fake.clusterServiceVersionListerMutex.Unlock() + fake.ClusterServiceVersionListerStub = nil + if fake.clusterServiceVersionListerReturnsOnCall == nil { + fake.clusterServiceVersionListerReturnsOnCall = make(map[int]struct { + result1 v1alpha1.ClusterServiceVersionLister + }) + } + fake.clusterServiceVersionListerReturnsOnCall[i] = struct { + result1 v1alpha1.ClusterServiceVersionLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) InstallPlanLister() v1alpha1.InstallPlanLister { + fake.installPlanListerMutex.Lock() + ret, specificReturn := fake.installPlanListerReturnsOnCall[len(fake.installPlanListerArgsForCall)] + fake.installPlanListerArgsForCall = append(fake.installPlanListerArgsForCall, struct { + }{}) + fake.recordInvocation("InstallPlanLister", []interface{}{}) + fake.installPlanListerMutex.Unlock() + if fake.InstallPlanListerStub != nil { + return fake.InstallPlanListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.installPlanListerReturns + return fakeReturns.result1 +} + +func (fake *FakeOperatorsV1alpha1Lister) InstallPlanListerCallCount() int { + fake.installPlanListerMutex.RLock() + defer fake.installPlanListerMutex.RUnlock() + return len(fake.installPlanListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) InstallPlanListerCalls(stub func() v1alpha1.InstallPlanLister) { + fake.installPlanListerMutex.Lock() + defer fake.installPlanListerMutex.Unlock() + fake.InstallPlanListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) InstallPlanListerReturns(result1 v1alpha1.InstallPlanLister) { + fake.installPlanListerMutex.Lock() + defer fake.installPlanListerMutex.Unlock() + fake.InstallPlanListerStub = nil + fake.installPlanListerReturns = struct { + result1 v1alpha1.InstallPlanLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) InstallPlanListerReturnsOnCall(i int, result1 v1alpha1.InstallPlanLister) { + fake.installPlanListerMutex.Lock() + defer fake.installPlanListerMutex.Unlock() + fake.InstallPlanListerStub = nil + if fake.installPlanListerReturnsOnCall == nil { + fake.installPlanListerReturnsOnCall = make(map[int]struct { + result1 v1alpha1.InstallPlanLister + }) + } + fake.installPlanListerReturnsOnCall[i] = struct { + result1 v1alpha1.InstallPlanLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterCatalogSourceLister(arg1 string, arg2 v1alpha1.CatalogSourceLister) { + fake.registerCatalogSourceListerMutex.Lock() + fake.registerCatalogSourceListerArgsForCall = append(fake.registerCatalogSourceListerArgsForCall, struct { + arg1 string + arg2 v1alpha1.CatalogSourceLister + }{arg1, arg2}) + fake.recordInvocation("RegisterCatalogSourceLister", []interface{}{arg1, arg2}) + fake.registerCatalogSourceListerMutex.Unlock() + if fake.RegisterCatalogSourceListerStub != nil { + fake.RegisterCatalogSourceListerStub(arg1, arg2) + } +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterCatalogSourceListerCallCount() int { + fake.registerCatalogSourceListerMutex.RLock() + defer fake.registerCatalogSourceListerMutex.RUnlock() + return len(fake.registerCatalogSourceListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterCatalogSourceListerCalls(stub func(string, v1alpha1.CatalogSourceLister)) { + fake.registerCatalogSourceListerMutex.Lock() + defer fake.registerCatalogSourceListerMutex.Unlock() + fake.RegisterCatalogSourceListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterCatalogSourceListerArgsForCall(i int) (string, v1alpha1.CatalogSourceLister) { + fake.registerCatalogSourceListerMutex.RLock() + defer fake.registerCatalogSourceListerMutex.RUnlock() + argsForCall := fake.registerCatalogSourceListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterClusterServiceVersionLister(arg1 string, arg2 v1alpha1.ClusterServiceVersionLister) { + fake.registerClusterServiceVersionListerMutex.Lock() + fake.registerClusterServiceVersionListerArgsForCall = append(fake.registerClusterServiceVersionListerArgsForCall, struct { + arg1 string + arg2 v1alpha1.ClusterServiceVersionLister + }{arg1, arg2}) + fake.recordInvocation("RegisterClusterServiceVersionLister", []interface{}{arg1, arg2}) + fake.registerClusterServiceVersionListerMutex.Unlock() + if fake.RegisterClusterServiceVersionListerStub != nil { + fake.RegisterClusterServiceVersionListerStub(arg1, arg2) + } +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterClusterServiceVersionListerCallCount() int { + fake.registerClusterServiceVersionListerMutex.RLock() + defer fake.registerClusterServiceVersionListerMutex.RUnlock() + return len(fake.registerClusterServiceVersionListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterClusterServiceVersionListerCalls(stub func(string, v1alpha1.ClusterServiceVersionLister)) { + fake.registerClusterServiceVersionListerMutex.Lock() + defer fake.registerClusterServiceVersionListerMutex.Unlock() + fake.RegisterClusterServiceVersionListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterClusterServiceVersionListerArgsForCall(i int) (string, v1alpha1.ClusterServiceVersionLister) { + fake.registerClusterServiceVersionListerMutex.RLock() + defer fake.registerClusterServiceVersionListerMutex.RUnlock() + argsForCall := fake.registerClusterServiceVersionListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterInstallPlanLister(arg1 string, arg2 v1alpha1.InstallPlanLister) { + fake.registerInstallPlanListerMutex.Lock() + fake.registerInstallPlanListerArgsForCall = append(fake.registerInstallPlanListerArgsForCall, struct { + arg1 string + arg2 v1alpha1.InstallPlanLister + }{arg1, arg2}) + fake.recordInvocation("RegisterInstallPlanLister", []interface{}{arg1, arg2}) + fake.registerInstallPlanListerMutex.Unlock() + if fake.RegisterInstallPlanListerStub != nil { + fake.RegisterInstallPlanListerStub(arg1, arg2) + } +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterInstallPlanListerCallCount() int { + fake.registerInstallPlanListerMutex.RLock() + defer fake.registerInstallPlanListerMutex.RUnlock() + return len(fake.registerInstallPlanListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterInstallPlanListerCalls(stub func(string, v1alpha1.InstallPlanLister)) { + fake.registerInstallPlanListerMutex.Lock() + defer fake.registerInstallPlanListerMutex.Unlock() + fake.RegisterInstallPlanListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterInstallPlanListerArgsForCall(i int) (string, v1alpha1.InstallPlanLister) { + fake.registerInstallPlanListerMutex.RLock() + defer fake.registerInstallPlanListerMutex.RUnlock() + argsForCall := fake.registerInstallPlanListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterSubscriptionLister(arg1 string, arg2 v1alpha1.SubscriptionLister) { + fake.registerSubscriptionListerMutex.Lock() + fake.registerSubscriptionListerArgsForCall = append(fake.registerSubscriptionListerArgsForCall, struct { + arg1 string + arg2 v1alpha1.SubscriptionLister + }{arg1, arg2}) + fake.recordInvocation("RegisterSubscriptionLister", []interface{}{arg1, arg2}) + fake.registerSubscriptionListerMutex.Unlock() + if fake.RegisterSubscriptionListerStub != nil { + fake.RegisterSubscriptionListerStub(arg1, arg2) + } +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterSubscriptionListerCallCount() int { + fake.registerSubscriptionListerMutex.RLock() + defer fake.registerSubscriptionListerMutex.RUnlock() + return len(fake.registerSubscriptionListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterSubscriptionListerCalls(stub func(string, v1alpha1.SubscriptionLister)) { + fake.registerSubscriptionListerMutex.Lock() + defer fake.registerSubscriptionListerMutex.Unlock() + fake.RegisterSubscriptionListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) RegisterSubscriptionListerArgsForCall(i int) (string, v1alpha1.SubscriptionLister) { + fake.registerSubscriptionListerMutex.RLock() + defer fake.registerSubscriptionListerMutex.RUnlock() + argsForCall := fake.registerSubscriptionListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeOperatorsV1alpha1Lister) SubscriptionLister() v1alpha1.SubscriptionLister { + fake.subscriptionListerMutex.Lock() + ret, specificReturn := fake.subscriptionListerReturnsOnCall[len(fake.subscriptionListerArgsForCall)] + fake.subscriptionListerArgsForCall = append(fake.subscriptionListerArgsForCall, struct { + }{}) + fake.recordInvocation("SubscriptionLister", []interface{}{}) + fake.subscriptionListerMutex.Unlock() + if fake.SubscriptionListerStub != nil { + return fake.SubscriptionListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.subscriptionListerReturns + return fakeReturns.result1 +} + +func (fake *FakeOperatorsV1alpha1Lister) SubscriptionListerCallCount() int { + fake.subscriptionListerMutex.RLock() + defer fake.subscriptionListerMutex.RUnlock() + return len(fake.subscriptionListerArgsForCall) +} + +func (fake *FakeOperatorsV1alpha1Lister) SubscriptionListerCalls(stub func() v1alpha1.SubscriptionLister) { + fake.subscriptionListerMutex.Lock() + defer fake.subscriptionListerMutex.Unlock() + fake.SubscriptionListerStub = stub +} + +func (fake *FakeOperatorsV1alpha1Lister) SubscriptionListerReturns(result1 v1alpha1.SubscriptionLister) { + fake.subscriptionListerMutex.Lock() + defer fake.subscriptionListerMutex.Unlock() + fake.SubscriptionListerStub = nil + fake.subscriptionListerReturns = struct { + result1 v1alpha1.SubscriptionLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) SubscriptionListerReturnsOnCall(i int, result1 v1alpha1.SubscriptionLister) { + fake.subscriptionListerMutex.Lock() + defer fake.subscriptionListerMutex.Unlock() + fake.SubscriptionListerStub = nil + if fake.subscriptionListerReturnsOnCall == nil { + fake.subscriptionListerReturnsOnCall = make(map[int]struct { + result1 v1alpha1.SubscriptionLister + }) + } + fake.subscriptionListerReturnsOnCall[i] = struct { + result1 v1alpha1.SubscriptionLister + }{result1} +} + +func (fake *FakeOperatorsV1alpha1Lister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.catalogSourceListerMutex.RLock() + defer fake.catalogSourceListerMutex.RUnlock() + fake.clusterServiceVersionListerMutex.RLock() + defer fake.clusterServiceVersionListerMutex.RUnlock() + fake.installPlanListerMutex.RLock() + defer fake.installPlanListerMutex.RUnlock() + fake.registerCatalogSourceListerMutex.RLock() + defer fake.registerCatalogSourceListerMutex.RUnlock() + fake.registerClusterServiceVersionListerMutex.RLock() + defer fake.registerClusterServiceVersionListerMutex.RUnlock() + fake.registerInstallPlanListerMutex.RLock() + defer fake.registerInstallPlanListerMutex.RUnlock() + fake.registerSubscriptionListerMutex.RLock() + defer fake.registerSubscriptionListerMutex.RUnlock() + fake.subscriptionListerMutex.RLock() + defer fake.subscriptionListerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeOperatorsV1alpha1Lister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.OperatorsV1alpha1Lister = new(FakeOperatorsV1alpha1Lister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operators_v1lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operators_v1lister.go new file mode 100644 index 000000000..e6e6c91e9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_operators_v1lister.go @@ -0,0 +1,142 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" +) + +type FakeOperatorsV1Lister struct { + OperatorGroupListerStub func() v1.OperatorGroupLister + operatorGroupListerMutex sync.RWMutex + operatorGroupListerArgsForCall []struct { + } + operatorGroupListerReturns struct { + result1 v1.OperatorGroupLister + } + operatorGroupListerReturnsOnCall map[int]struct { + result1 v1.OperatorGroupLister + } + RegisterOperatorGroupListerStub func(string, v1.OperatorGroupLister) + registerOperatorGroupListerMutex sync.RWMutex + registerOperatorGroupListerArgsForCall []struct { + arg1 string + arg2 v1.OperatorGroupLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeOperatorsV1Lister) OperatorGroupLister() v1.OperatorGroupLister { + fake.operatorGroupListerMutex.Lock() + ret, specificReturn := fake.operatorGroupListerReturnsOnCall[len(fake.operatorGroupListerArgsForCall)] + fake.operatorGroupListerArgsForCall = append(fake.operatorGroupListerArgsForCall, struct { + }{}) + fake.recordInvocation("OperatorGroupLister", []interface{}{}) + fake.operatorGroupListerMutex.Unlock() + if fake.OperatorGroupListerStub != nil { + return fake.OperatorGroupListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.operatorGroupListerReturns + return fakeReturns.result1 +} + +func (fake *FakeOperatorsV1Lister) OperatorGroupListerCallCount() int { + fake.operatorGroupListerMutex.RLock() + defer fake.operatorGroupListerMutex.RUnlock() + return len(fake.operatorGroupListerArgsForCall) +} + +func (fake *FakeOperatorsV1Lister) OperatorGroupListerCalls(stub func() v1.OperatorGroupLister) { + fake.operatorGroupListerMutex.Lock() + defer fake.operatorGroupListerMutex.Unlock() + fake.OperatorGroupListerStub = stub +} + +func (fake *FakeOperatorsV1Lister) OperatorGroupListerReturns(result1 v1.OperatorGroupLister) { + fake.operatorGroupListerMutex.Lock() + defer fake.operatorGroupListerMutex.Unlock() + fake.OperatorGroupListerStub = nil + fake.operatorGroupListerReturns = struct { + result1 v1.OperatorGroupLister + }{result1} +} + +func (fake *FakeOperatorsV1Lister) OperatorGroupListerReturnsOnCall(i int, result1 v1.OperatorGroupLister) { + fake.operatorGroupListerMutex.Lock() + defer fake.operatorGroupListerMutex.Unlock() + fake.OperatorGroupListerStub = nil + if fake.operatorGroupListerReturnsOnCall == nil { + fake.operatorGroupListerReturnsOnCall = make(map[int]struct { + result1 v1.OperatorGroupLister + }) + } + fake.operatorGroupListerReturnsOnCall[i] = struct { + result1 v1.OperatorGroupLister + }{result1} +} + +func (fake *FakeOperatorsV1Lister) RegisterOperatorGroupLister(arg1 string, arg2 v1.OperatorGroupLister) { + fake.registerOperatorGroupListerMutex.Lock() + fake.registerOperatorGroupListerArgsForCall = append(fake.registerOperatorGroupListerArgsForCall, struct { + arg1 string + arg2 v1.OperatorGroupLister + }{arg1, arg2}) + fake.recordInvocation("RegisterOperatorGroupLister", []interface{}{arg1, arg2}) + fake.registerOperatorGroupListerMutex.Unlock() + if fake.RegisterOperatorGroupListerStub != nil { + fake.RegisterOperatorGroupListerStub(arg1, arg2) + } +} + +func (fake *FakeOperatorsV1Lister) RegisterOperatorGroupListerCallCount() int { + fake.registerOperatorGroupListerMutex.RLock() + defer fake.registerOperatorGroupListerMutex.RUnlock() + return len(fake.registerOperatorGroupListerArgsForCall) +} + +func (fake *FakeOperatorsV1Lister) RegisterOperatorGroupListerCalls(stub func(string, v1.OperatorGroupLister)) { + fake.registerOperatorGroupListerMutex.Lock() + defer fake.registerOperatorGroupListerMutex.Unlock() + fake.RegisterOperatorGroupListerStub = stub +} + +func (fake *FakeOperatorsV1Lister) RegisterOperatorGroupListerArgsForCall(i int) (string, v1.OperatorGroupLister) { + fake.registerOperatorGroupListerMutex.RLock() + defer fake.registerOperatorGroupListerMutex.RUnlock() + argsForCall := fake.registerOperatorGroupListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeOperatorsV1Lister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.operatorGroupListerMutex.RLock() + defer fake.operatorGroupListerMutex.RUnlock() + fake.registerOperatorGroupListerMutex.RLock() + defer fake.registerOperatorGroupListerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeOperatorsV1Lister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.OperatorsV1Lister = new(FakeOperatorsV1Lister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_rbac_v1lister.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_rbac_v1lister.go new file mode 100644 index 000000000..051aa6473 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/operatorlisterfakes/fake_rbac_v1lister.go @@ -0,0 +1,450 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package operatorlisterfakes + +import ( + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister" + v1 "k8s.io/client-go/listers/rbac/v1" +) + +type FakeRbacV1Lister struct { + ClusterRoleBindingListerStub func() v1.ClusterRoleBindingLister + clusterRoleBindingListerMutex sync.RWMutex + clusterRoleBindingListerArgsForCall []struct { + } + clusterRoleBindingListerReturns struct { + result1 v1.ClusterRoleBindingLister + } + clusterRoleBindingListerReturnsOnCall map[int]struct { + result1 v1.ClusterRoleBindingLister + } + ClusterRoleListerStub func() v1.ClusterRoleLister + clusterRoleListerMutex sync.RWMutex + clusterRoleListerArgsForCall []struct { + } + clusterRoleListerReturns struct { + result1 v1.ClusterRoleLister + } + clusterRoleListerReturnsOnCall map[int]struct { + result1 v1.ClusterRoleLister + } + RegisterClusterRoleBindingListerStub func(v1.ClusterRoleBindingLister) + registerClusterRoleBindingListerMutex sync.RWMutex + registerClusterRoleBindingListerArgsForCall []struct { + arg1 v1.ClusterRoleBindingLister + } + RegisterClusterRoleListerStub func(v1.ClusterRoleLister) + registerClusterRoleListerMutex sync.RWMutex + registerClusterRoleListerArgsForCall []struct { + arg1 v1.ClusterRoleLister + } + RegisterRoleBindingListerStub func(string, v1.RoleBindingLister) + registerRoleBindingListerMutex sync.RWMutex + registerRoleBindingListerArgsForCall []struct { + arg1 string + arg2 v1.RoleBindingLister + } + RegisterRoleListerStub func(string, v1.RoleLister) + registerRoleListerMutex sync.RWMutex + registerRoleListerArgsForCall []struct { + arg1 string + arg2 v1.RoleLister + } + RoleBindingListerStub func() v1.RoleBindingLister + roleBindingListerMutex sync.RWMutex + roleBindingListerArgsForCall []struct { + } + roleBindingListerReturns struct { + result1 v1.RoleBindingLister + } + roleBindingListerReturnsOnCall map[int]struct { + result1 v1.RoleBindingLister + } + RoleListerStub func() v1.RoleLister + roleListerMutex sync.RWMutex + roleListerArgsForCall []struct { + } + roleListerReturns struct { + result1 v1.RoleLister + } + roleListerReturnsOnCall map[int]struct { + result1 v1.RoleLister + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeRbacV1Lister) ClusterRoleBindingLister() v1.ClusterRoleBindingLister { + fake.clusterRoleBindingListerMutex.Lock() + ret, specificReturn := fake.clusterRoleBindingListerReturnsOnCall[len(fake.clusterRoleBindingListerArgsForCall)] + fake.clusterRoleBindingListerArgsForCall = append(fake.clusterRoleBindingListerArgsForCall, struct { + }{}) + fake.recordInvocation("ClusterRoleBindingLister", []interface{}{}) + fake.clusterRoleBindingListerMutex.Unlock() + if fake.ClusterRoleBindingListerStub != nil { + return fake.ClusterRoleBindingListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.clusterRoleBindingListerReturns + return fakeReturns.result1 +} + +func (fake *FakeRbacV1Lister) ClusterRoleBindingListerCallCount() int { + fake.clusterRoleBindingListerMutex.RLock() + defer fake.clusterRoleBindingListerMutex.RUnlock() + return len(fake.clusterRoleBindingListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) ClusterRoleBindingListerCalls(stub func() v1.ClusterRoleBindingLister) { + fake.clusterRoleBindingListerMutex.Lock() + defer fake.clusterRoleBindingListerMutex.Unlock() + fake.ClusterRoleBindingListerStub = stub +} + +func (fake *FakeRbacV1Lister) ClusterRoleBindingListerReturns(result1 v1.ClusterRoleBindingLister) { + fake.clusterRoleBindingListerMutex.Lock() + defer fake.clusterRoleBindingListerMutex.Unlock() + fake.ClusterRoleBindingListerStub = nil + fake.clusterRoleBindingListerReturns = struct { + result1 v1.ClusterRoleBindingLister + }{result1} +} + +func (fake *FakeRbacV1Lister) ClusterRoleBindingListerReturnsOnCall(i int, result1 v1.ClusterRoleBindingLister) { + fake.clusterRoleBindingListerMutex.Lock() + defer fake.clusterRoleBindingListerMutex.Unlock() + fake.ClusterRoleBindingListerStub = nil + if fake.clusterRoleBindingListerReturnsOnCall == nil { + fake.clusterRoleBindingListerReturnsOnCall = make(map[int]struct { + result1 v1.ClusterRoleBindingLister + }) + } + fake.clusterRoleBindingListerReturnsOnCall[i] = struct { + result1 v1.ClusterRoleBindingLister + }{result1} +} + +func (fake *FakeRbacV1Lister) ClusterRoleLister() v1.ClusterRoleLister { + fake.clusterRoleListerMutex.Lock() + ret, specificReturn := fake.clusterRoleListerReturnsOnCall[len(fake.clusterRoleListerArgsForCall)] + fake.clusterRoleListerArgsForCall = append(fake.clusterRoleListerArgsForCall, struct { + }{}) + fake.recordInvocation("ClusterRoleLister", []interface{}{}) + fake.clusterRoleListerMutex.Unlock() + if fake.ClusterRoleListerStub != nil { + return fake.ClusterRoleListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.clusterRoleListerReturns + return fakeReturns.result1 +} + +func (fake *FakeRbacV1Lister) ClusterRoleListerCallCount() int { + fake.clusterRoleListerMutex.RLock() + defer fake.clusterRoleListerMutex.RUnlock() + return len(fake.clusterRoleListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) ClusterRoleListerCalls(stub func() v1.ClusterRoleLister) { + fake.clusterRoleListerMutex.Lock() + defer fake.clusterRoleListerMutex.Unlock() + fake.ClusterRoleListerStub = stub +} + +func (fake *FakeRbacV1Lister) ClusterRoleListerReturns(result1 v1.ClusterRoleLister) { + fake.clusterRoleListerMutex.Lock() + defer fake.clusterRoleListerMutex.Unlock() + fake.ClusterRoleListerStub = nil + fake.clusterRoleListerReturns = struct { + result1 v1.ClusterRoleLister + }{result1} +} + +func (fake *FakeRbacV1Lister) ClusterRoleListerReturnsOnCall(i int, result1 v1.ClusterRoleLister) { + fake.clusterRoleListerMutex.Lock() + defer fake.clusterRoleListerMutex.Unlock() + fake.ClusterRoleListerStub = nil + if fake.clusterRoleListerReturnsOnCall == nil { + fake.clusterRoleListerReturnsOnCall = make(map[int]struct { + result1 v1.ClusterRoleLister + }) + } + fake.clusterRoleListerReturnsOnCall[i] = struct { + result1 v1.ClusterRoleLister + }{result1} +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleBindingLister(arg1 v1.ClusterRoleBindingLister) { + fake.registerClusterRoleBindingListerMutex.Lock() + fake.registerClusterRoleBindingListerArgsForCall = append(fake.registerClusterRoleBindingListerArgsForCall, struct { + arg1 v1.ClusterRoleBindingLister + }{arg1}) + fake.recordInvocation("RegisterClusterRoleBindingLister", []interface{}{arg1}) + fake.registerClusterRoleBindingListerMutex.Unlock() + if fake.RegisterClusterRoleBindingListerStub != nil { + fake.RegisterClusterRoleBindingListerStub(arg1) + } +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleBindingListerCallCount() int { + fake.registerClusterRoleBindingListerMutex.RLock() + defer fake.registerClusterRoleBindingListerMutex.RUnlock() + return len(fake.registerClusterRoleBindingListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleBindingListerCalls(stub func(v1.ClusterRoleBindingLister)) { + fake.registerClusterRoleBindingListerMutex.Lock() + defer fake.registerClusterRoleBindingListerMutex.Unlock() + fake.RegisterClusterRoleBindingListerStub = stub +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleBindingListerArgsForCall(i int) v1.ClusterRoleBindingLister { + fake.registerClusterRoleBindingListerMutex.RLock() + defer fake.registerClusterRoleBindingListerMutex.RUnlock() + argsForCall := fake.registerClusterRoleBindingListerArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleLister(arg1 v1.ClusterRoleLister) { + fake.registerClusterRoleListerMutex.Lock() + fake.registerClusterRoleListerArgsForCall = append(fake.registerClusterRoleListerArgsForCall, struct { + arg1 v1.ClusterRoleLister + }{arg1}) + fake.recordInvocation("RegisterClusterRoleLister", []interface{}{arg1}) + fake.registerClusterRoleListerMutex.Unlock() + if fake.RegisterClusterRoleListerStub != nil { + fake.RegisterClusterRoleListerStub(arg1) + } +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleListerCallCount() int { + fake.registerClusterRoleListerMutex.RLock() + defer fake.registerClusterRoleListerMutex.RUnlock() + return len(fake.registerClusterRoleListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleListerCalls(stub func(v1.ClusterRoleLister)) { + fake.registerClusterRoleListerMutex.Lock() + defer fake.registerClusterRoleListerMutex.Unlock() + fake.RegisterClusterRoleListerStub = stub +} + +func (fake *FakeRbacV1Lister) RegisterClusterRoleListerArgsForCall(i int) v1.ClusterRoleLister { + fake.registerClusterRoleListerMutex.RLock() + defer fake.registerClusterRoleListerMutex.RUnlock() + argsForCall := fake.registerClusterRoleListerArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeRbacV1Lister) RegisterRoleBindingLister(arg1 string, arg2 v1.RoleBindingLister) { + fake.registerRoleBindingListerMutex.Lock() + fake.registerRoleBindingListerArgsForCall = append(fake.registerRoleBindingListerArgsForCall, struct { + arg1 string + arg2 v1.RoleBindingLister + }{arg1, arg2}) + fake.recordInvocation("RegisterRoleBindingLister", []interface{}{arg1, arg2}) + fake.registerRoleBindingListerMutex.Unlock() + if fake.RegisterRoleBindingListerStub != nil { + fake.RegisterRoleBindingListerStub(arg1, arg2) + } +} + +func (fake *FakeRbacV1Lister) RegisterRoleBindingListerCallCount() int { + fake.registerRoleBindingListerMutex.RLock() + defer fake.registerRoleBindingListerMutex.RUnlock() + return len(fake.registerRoleBindingListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) RegisterRoleBindingListerCalls(stub func(string, v1.RoleBindingLister)) { + fake.registerRoleBindingListerMutex.Lock() + defer fake.registerRoleBindingListerMutex.Unlock() + fake.RegisterRoleBindingListerStub = stub +} + +func (fake *FakeRbacV1Lister) RegisterRoleBindingListerArgsForCall(i int) (string, v1.RoleBindingLister) { + fake.registerRoleBindingListerMutex.RLock() + defer fake.registerRoleBindingListerMutex.RUnlock() + argsForCall := fake.registerRoleBindingListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeRbacV1Lister) RegisterRoleLister(arg1 string, arg2 v1.RoleLister) { + fake.registerRoleListerMutex.Lock() + fake.registerRoleListerArgsForCall = append(fake.registerRoleListerArgsForCall, struct { + arg1 string + arg2 v1.RoleLister + }{arg1, arg2}) + fake.recordInvocation("RegisterRoleLister", []interface{}{arg1, arg2}) + fake.registerRoleListerMutex.Unlock() + if fake.RegisterRoleListerStub != nil { + fake.RegisterRoleListerStub(arg1, arg2) + } +} + +func (fake *FakeRbacV1Lister) RegisterRoleListerCallCount() int { + fake.registerRoleListerMutex.RLock() + defer fake.registerRoleListerMutex.RUnlock() + return len(fake.registerRoleListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) RegisterRoleListerCalls(stub func(string, v1.RoleLister)) { + fake.registerRoleListerMutex.Lock() + defer fake.registerRoleListerMutex.Unlock() + fake.RegisterRoleListerStub = stub +} + +func (fake *FakeRbacV1Lister) RegisterRoleListerArgsForCall(i int) (string, v1.RoleLister) { + fake.registerRoleListerMutex.RLock() + defer fake.registerRoleListerMutex.RUnlock() + argsForCall := fake.registerRoleListerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeRbacV1Lister) RoleBindingLister() v1.RoleBindingLister { + fake.roleBindingListerMutex.Lock() + ret, specificReturn := fake.roleBindingListerReturnsOnCall[len(fake.roleBindingListerArgsForCall)] + fake.roleBindingListerArgsForCall = append(fake.roleBindingListerArgsForCall, struct { + }{}) + fake.recordInvocation("RoleBindingLister", []interface{}{}) + fake.roleBindingListerMutex.Unlock() + if fake.RoleBindingListerStub != nil { + return fake.RoleBindingListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.roleBindingListerReturns + return fakeReturns.result1 +} + +func (fake *FakeRbacV1Lister) RoleBindingListerCallCount() int { + fake.roleBindingListerMutex.RLock() + defer fake.roleBindingListerMutex.RUnlock() + return len(fake.roleBindingListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) RoleBindingListerCalls(stub func() v1.RoleBindingLister) { + fake.roleBindingListerMutex.Lock() + defer fake.roleBindingListerMutex.Unlock() + fake.RoleBindingListerStub = stub +} + +func (fake *FakeRbacV1Lister) RoleBindingListerReturns(result1 v1.RoleBindingLister) { + fake.roleBindingListerMutex.Lock() + defer fake.roleBindingListerMutex.Unlock() + fake.RoleBindingListerStub = nil + fake.roleBindingListerReturns = struct { + result1 v1.RoleBindingLister + }{result1} +} + +func (fake *FakeRbacV1Lister) RoleBindingListerReturnsOnCall(i int, result1 v1.RoleBindingLister) { + fake.roleBindingListerMutex.Lock() + defer fake.roleBindingListerMutex.Unlock() + fake.RoleBindingListerStub = nil + if fake.roleBindingListerReturnsOnCall == nil { + fake.roleBindingListerReturnsOnCall = make(map[int]struct { + result1 v1.RoleBindingLister + }) + } + fake.roleBindingListerReturnsOnCall[i] = struct { + result1 v1.RoleBindingLister + }{result1} +} + +func (fake *FakeRbacV1Lister) RoleLister() v1.RoleLister { + fake.roleListerMutex.Lock() + ret, specificReturn := fake.roleListerReturnsOnCall[len(fake.roleListerArgsForCall)] + fake.roleListerArgsForCall = append(fake.roleListerArgsForCall, struct { + }{}) + fake.recordInvocation("RoleLister", []interface{}{}) + fake.roleListerMutex.Unlock() + if fake.RoleListerStub != nil { + return fake.RoleListerStub() + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.roleListerReturns + return fakeReturns.result1 +} + +func (fake *FakeRbacV1Lister) RoleListerCallCount() int { + fake.roleListerMutex.RLock() + defer fake.roleListerMutex.RUnlock() + return len(fake.roleListerArgsForCall) +} + +func (fake *FakeRbacV1Lister) RoleListerCalls(stub func() v1.RoleLister) { + fake.roleListerMutex.Lock() + defer fake.roleListerMutex.Unlock() + fake.RoleListerStub = stub +} + +func (fake *FakeRbacV1Lister) RoleListerReturns(result1 v1.RoleLister) { + fake.roleListerMutex.Lock() + defer fake.roleListerMutex.Unlock() + fake.RoleListerStub = nil + fake.roleListerReturns = struct { + result1 v1.RoleLister + }{result1} +} + +func (fake *FakeRbacV1Lister) RoleListerReturnsOnCall(i int, result1 v1.RoleLister) { + fake.roleListerMutex.Lock() + defer fake.roleListerMutex.Unlock() + fake.RoleListerStub = nil + if fake.roleListerReturnsOnCall == nil { + fake.roleListerReturnsOnCall = make(map[int]struct { + result1 v1.RoleLister + }) + } + fake.roleListerReturnsOnCall[i] = struct { + result1 v1.RoleLister + }{result1} +} + +func (fake *FakeRbacV1Lister) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.clusterRoleBindingListerMutex.RLock() + defer fake.clusterRoleBindingListerMutex.RUnlock() + fake.clusterRoleListerMutex.RLock() + defer fake.clusterRoleListerMutex.RUnlock() + fake.registerClusterRoleBindingListerMutex.RLock() + defer fake.registerClusterRoleBindingListerMutex.RUnlock() + fake.registerClusterRoleListerMutex.RLock() + defer fake.registerClusterRoleListerMutex.RUnlock() + fake.registerRoleBindingListerMutex.RLock() + defer fake.registerRoleBindingListerMutex.RUnlock() + fake.registerRoleListerMutex.RLock() + defer fake.registerRoleListerMutex.RUnlock() + fake.roleBindingListerMutex.RLock() + defer fake.roleBindingListerMutex.RUnlock() + fake.roleListerMutex.RLock() + defer fake.roleListerMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeRbacV1Lister) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ operatorlister.RbacV1Lister = new(FakeRbacV1Lister) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/pod.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/pod.go new file mode 100644 index 000000000..1dcaf0bc1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/pod.go @@ -0,0 +1,94 @@ +package operatorlister + +import ( + "fmt" + "sync" + + "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + corev1 "k8s.io/client-go/listers/core/v1" +) + +type UnionPodLister struct { + podListers map[string]corev1.PodLister + podLock sync.RWMutex +} + +// List lists all Pods in the indexer. +func (usl *UnionPodLister) List(selector labels.Selector) (ret []*v1.Pod, err error) { + usl.podLock.RLock() + defer usl.podLock.RUnlock() + + set := make(map[types.UID]*v1.Pod) + for _, sl := range usl.podListers { + pods, err := sl.List(selector) + if err != nil { + return nil, err + } + + for _, pod := range pods { + set[pod.GetUID()] = pod + } + } + + for _, pod := range set { + ret = append(ret, pod) + } + + return +} + +// Pods returns an object that can list and get Pods. +func (usl *UnionPodLister) Pods(namespace string) corev1.PodNamespaceLister { + usl.podLock.RLock() + defer usl.podLock.RUnlock() + + // Check for specific namespace listers + if sl, ok := usl.podListers[namespace]; ok { + return sl.Pods(namespace) + } + + // Check for any namespace-all listers + if sl, ok := usl.podListers[metav1.NamespaceAll]; ok { + return sl.Pods(namespace) + } + + return &NullPodNamespaceLister{} +} + +func (usl *UnionPodLister) RegisterPodLister(namespace string, lister corev1.PodLister) { + usl.podLock.Lock() + defer usl.podLock.Unlock() + + if usl.podListers == nil { + usl.podListers = make(map[string]corev1.PodLister) + } + usl.podListers[namespace] = lister +} + +func (l *coreV1Lister) RegisterPodLister(namespace string, lister corev1.PodLister) { + l.podLister.RegisterPodLister(namespace, lister) +} + +func (l *coreV1Lister) PodLister() corev1.PodLister { + return l.podLister +} + +// NullPodNamespaceLister is an implementation of a null PodNamespaceLister. It is +// used to prevent nil pointers when no PodNamespaceLister has been registered for a given +// namespace. +type NullPodNamespaceLister struct { + corev1.PodNamespaceLister +} + +// List returns nil and an error explaining that this is a NullPodNamespaceLister. +func (n *NullPodNamespaceLister) List(selector labels.Selector) (ret []*v1.Pod, err error) { + return nil, fmt.Errorf("cannot list Pods with a NullPodNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullPodNamespaceLister. +func (n *NullPodNamespaceLister) Get(name string) (*v1.Pod, error) { + return nil, fmt.Errorf("cannot get Pod with a NullPodNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/role.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/role.go new file mode 100644 index 000000000..0bf360ec9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/role.go @@ -0,0 +1,94 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + rbacv1 "k8s.io/client-go/listers/rbac/v1" +) + +type UnionRoleLister struct { + roleListers map[string]rbacv1.RoleLister + roleLock sync.RWMutex +} + +// List lists all Roles in the indexer. +func (rl *UnionRoleLister) List(selector labels.Selector) (ret []*v1.Role, err error) { + rl.roleLock.RLock() + defer rl.roleLock.RUnlock() + + set := make(map[types.UID]*v1.Role) + for _, dl := range rl.roleListers { + roles, err := dl.List(selector) + if err != nil { + return nil, err + } + + for _, role := range roles { + set[role.GetUID()] = role + } + } + + for _, role := range set { + ret = append(ret, role) + } + + return +} + +// Roles returns an object that can list and get Roles. +func (rl *UnionRoleLister) Roles(namespace string) rbacv1.RoleNamespaceLister { + rl.roleLock.RLock() + defer rl.roleLock.RUnlock() + + // Check for specific namespace listers + if dl, ok := rl.roleListers[namespace]; ok { + return dl.Roles(namespace) + } + + // Check for any namespace-all listers + if dl, ok := rl.roleListers[metav1.NamespaceAll]; ok { + return dl.Roles(namespace) + } + + return &NullRoleNamespaceLister{} +} + +func (rl *UnionRoleLister) RegisterRoleLister(namespace string, lister rbacv1.RoleLister) { + rl.roleLock.Lock() + defer rl.roleLock.Unlock() + + if rl.roleListers == nil { + rl.roleListers = make(map[string]rbacv1.RoleLister) + } + rl.roleListers[namespace] = lister +} + +func (l *rbacV1Lister) RegisterRoleLister(namespace string, lister rbacv1.RoleLister) { + l.roleLister.RegisterRoleLister(namespace, lister) +} + +func (l *rbacV1Lister) RoleLister() rbacv1.RoleLister { + return l.roleLister +} + +// NullRoleNamespaceLister is an implementation of a null RoleNamespaceLister. It is +// used to prevent nil pointers when no RoleNamespaceLister has been registered for a given +// namespace. +type NullRoleNamespaceLister struct { + rbacv1.RoleNamespaceLister +} + +// List returns nil and an error explaining that this is a NullRoleNamespaceLister. +func (n *NullRoleNamespaceLister) List(selector labels.Selector) (ret []*v1.Role, err error) { + return nil, fmt.Errorf("cannot list Roles with a NullRoleNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullRoleNamespaceLister. +func (n *NullRoleNamespaceLister) Get(name string) (*v1.Role, error) { + return nil, fmt.Errorf("cannot get Role with a NullRoleNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/rolebinding.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/rolebinding.go new file mode 100644 index 000000000..2227a1616 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/rolebinding.go @@ -0,0 +1,94 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + rbacv1 "k8s.io/client-go/listers/rbac/v1" +) + +type UnionRoleBindingLister struct { + roleBindingListers map[string]rbacv1.RoleBindingLister + roleBindingLock sync.RWMutex +} + +// List lists all RoleBindings in the indexer. +func (rbl *UnionRoleBindingLister) List(selector labels.Selector) (ret []*v1.RoleBinding, err error) { + rbl.roleBindingLock.RLock() + defer rbl.roleBindingLock.RUnlock() + + set := make(map[types.UID]*v1.RoleBinding) + for _, dl := range rbl.roleBindingListers { + roleBindings, err := dl.List(selector) + if err != nil { + return nil, err + } + + for _, roleBinding := range roleBindings { + set[roleBinding.GetUID()] = roleBinding + } + } + + for _, roleBinding := range set { + ret = append(ret, roleBinding) + } + + return +} + +// RoleBindings returns an object that can list and get RoleBindings. +func (rbl *UnionRoleBindingLister) RoleBindings(namespace string) rbacv1.RoleBindingNamespaceLister { + rbl.roleBindingLock.RLock() + defer rbl.roleBindingLock.RUnlock() + + // Check for specific namespace listers + if dl, ok := rbl.roleBindingListers[namespace]; ok { + return dl.RoleBindings(namespace) + } + + // Check for any namespace-all listers + if dl, ok := rbl.roleBindingListers[metav1.NamespaceAll]; ok { + return dl.RoleBindings(namespace) + } + + return &NullRoleBindingNamespaceLister{} +} + +func (rbl *UnionRoleBindingLister) RegisterRoleBindingLister(namespace string, lister rbacv1.RoleBindingLister) { + rbl.roleBindingLock.Lock() + defer rbl.roleBindingLock.Unlock() + + if rbl.roleBindingListers == nil { + rbl.roleBindingListers = make(map[string]rbacv1.RoleBindingLister) + } + rbl.roleBindingListers[namespace] = lister +} + +func (l *rbacV1Lister) RegisterRoleBindingLister(namespace string, lister rbacv1.RoleBindingLister) { + l.roleBindingLister.RegisterRoleBindingLister(namespace, lister) +} + +func (l *rbacV1Lister) RoleBindingLister() rbacv1.RoleBindingLister { + return l.roleBindingLister +} + +// NullRoleBindingNamespaceLister is an implementation of a null RoleBindingNamespaceLister. It is +// used to prevent nil pointers when no RoleBindingNamespaceLister has been registered for a given +// namespace. +type NullRoleBindingNamespaceLister struct { + rbacv1.RoleBindingNamespaceLister +} + +// List returns nil and an error explaining that this is a NullRoleBindingNamespaceLister. +func (n *NullRoleBindingNamespaceLister) List(selector labels.Selector) (ret []*v1.RoleBinding, err error) { + return nil, fmt.Errorf("cannot list RoleBindings with a NullRoleBindingNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullRoleBindingNamespaceLister. +func (n *NullRoleBindingNamespaceLister) Get(name string) (*v1.RoleBinding, error) { + return nil, fmt.Errorf("cannot get RoleBinding with a NullRoleBindingNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/secret.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/secret.go new file mode 100644 index 000000000..b059c7bfc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/secret.go @@ -0,0 +1,94 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + corev1 "k8s.io/client-go/listers/core/v1" +) + +type UnionSecretLister struct { + secretListers map[string]corev1.SecretLister + secretLock sync.RWMutex +} + +// List lists all Secrets in the indexer. +func (usl *UnionSecretLister) List(selector labels.Selector) (ret []*v1.Secret, err error) { + usl.secretLock.RLock() + defer usl.secretLock.RUnlock() + + set := make(map[types.UID]*v1.Secret) + for _, sl := range usl.secretListers { + secrets, err := sl.List(selector) + if err != nil { + return nil, err + } + + for _, secret := range secrets { + set[secret.GetUID()] = secret + } + } + + for _, secret := range set { + ret = append(ret, secret) + } + + return +} + +// Secrets returns an object that can list and get Secrets. +func (usl *UnionSecretLister) Secrets(namespace string) corev1.SecretNamespaceLister { + usl.secretLock.RLock() + defer usl.secretLock.RUnlock() + + // Check for specific namespace listers + if sl, ok := usl.secretListers[namespace]; ok { + return sl.Secrets(namespace) + } + + // Check for any namespace-all listers + if sl, ok := usl.secretListers[metav1.NamespaceAll]; ok { + return sl.Secrets(namespace) + } + + return &NullSecretNamespaceLister{} +} + +func (usl *UnionSecretLister) RegisterSecretLister(namespace string, lister corev1.SecretLister) { + usl.secretLock.Lock() + defer usl.secretLock.Unlock() + + if usl.secretListers == nil { + usl.secretListers = make(map[string]corev1.SecretLister) + } + usl.secretListers[namespace] = lister +} + +func (l *coreV1Lister) RegisterSecretLister(namespace string, lister corev1.SecretLister) { + l.secretLister.RegisterSecretLister(namespace, lister) +} + +func (l *coreV1Lister) SecretLister() corev1.SecretLister { + return l.secretLister +} + +// NullSecretNamespaceLister is an implementation of a null SecretNamespaceLister. It is +// used to prevent nil pointers when no SecretNamespaceLister has been registered for a given +// namespace. +type NullSecretNamespaceLister struct { + corev1.SecretNamespaceLister +} + +// List returns nil and an error explaining that this is a NullSecretNamespaceLister. +func (n *NullSecretNamespaceLister) List(selector labels.Selector) (ret []*v1.Secret, err error) { + return nil, fmt.Errorf("cannot list Secrets with a NullSecretNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullSecretNamespaceLister. +func (n *NullSecretNamespaceLister) Get(name string) (*v1.Secret, error) { + return nil, fmt.Errorf("cannot get Secret with a NullSecretNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/service.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/service.go new file mode 100644 index 000000000..0bbb59c89 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/service.go @@ -0,0 +1,116 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + corev1 "k8s.io/client-go/listers/core/v1" +) + +type UnionServiceLister struct { + serviceListers map[string]corev1.ServiceLister + serviceLock sync.RWMutex +} + +// List lists all Services in the indexer. +func (usl *UnionServiceLister) List(selector labels.Selector) (ret []*v1.Service, err error) { + usl.serviceLock.RLock() + defer usl.serviceLock.RUnlock() + + set := make(map[types.UID]*v1.Service) + for _, sl := range usl.serviceListers { + services, err := sl.List(selector) + if err != nil { + return nil, err + } + + for _, service := range services { + set[service.GetUID()] = service + } + } + + for _, service := range set { + ret = append(ret, service) + } + + return +} + +// Services returns an object that can list and get Services. +func (usl *UnionServiceLister) Services(namespace string) corev1.ServiceNamespaceLister { + usl.serviceLock.RLock() + defer usl.serviceLock.RUnlock() + + // Check for specific namespace listers + if sl, ok := usl.serviceListers[namespace]; ok { + return sl.Services(namespace) + } + + // Check for any namespace-all listers + if sl, ok := usl.serviceListers[metav1.NamespaceAll]; ok { + return sl.Services(namespace) + } + + return &NullServiceNamespaceLister{} +} + +func (usl *UnionServiceLister) GetPodServices(pod *v1.Pod) ([]*v1.Service, error) { + usl.serviceLock.RLock() + defer usl.serviceLock.RUnlock() + + // Check for specific namespace listers + if sl, ok := usl.serviceListers[pod.GetNamespace()]; ok { + return sl.GetPodServices(pod) + } + + // Check for any namespace-all listers + if sl, ok := usl.serviceListers[metav1.NamespaceAll]; ok { + return sl.GetPodServices(pod) + } + + return nil, fmt.Errorf("could not find service lister registered for namspace %s", pod.GetNamespace()) +} + +func (usl *UnionServiceLister) RegisterServiceLister(namespace string, lister corev1.ServiceLister) { + usl.serviceLock.Lock() + defer usl.serviceLock.Unlock() + + if usl.serviceListers == nil { + usl.serviceListers = make(map[string]corev1.ServiceLister) + } + usl.serviceListers[namespace] = lister +} + +func (l *coreV1Lister) RegisterServiceLister(namespace string, lister corev1.ServiceLister) { + l.serviceLister.RegisterServiceLister(namespace, lister) +} + +func (l *coreV1Lister) ServiceLister() corev1.ServiceLister { + return l.serviceLister +} + +// NullServiceNamespaceLister is an implementation of a null ServiceNamespaceLister. It is +// used to prevent nil pointers when no ServiceNamespaceLister has been registered for a given +// namespace. +type NullServiceNamespaceLister struct { + corev1.ServiceNamespaceLister +} + +// List returns nil and an error explaining that this is a NullServiceNamespaceLister. +func (n *NullServiceNamespaceLister) List(selector labels.Selector) (ret []*v1.Service, err error) { + return nil, fmt.Errorf("cannot list Services with a NullServiceNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullServiceNamespaceLister. +func (n *NullServiceNamespaceLister) Get(name string) (*v1.Service, error) { + return nil, fmt.Errorf("cannot get Service with a NullServiceNamespaceLister") +} + +// GetPodServices returns nil and an error explaining that this is a NullServiceNamespaceLister. +func (n *NullServiceNamespaceLister) GetPodServices(pod *v1.Pod) ([]*v1.Service, error) { + return nil, fmt.Errorf("could not get pod services with a NullServiceNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/serviceaccount.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/serviceaccount.go new file mode 100644 index 000000000..3ff3cf0b8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/serviceaccount.go @@ -0,0 +1,94 @@ +package operatorlister + +import ( + "fmt" + "sync" + + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + corev1 "k8s.io/client-go/listers/core/v1" +) + +type UnionServiceAccountLister struct { + serviceAccountListers map[string]corev1.ServiceAccountLister + serviceAccountLock sync.RWMutex +} + +// List lists all ServiceAccounts in the indexer. +func (usl *UnionServiceAccountLister) List(selector labels.Selector) (ret []*v1.ServiceAccount, err error) { + usl.serviceAccountLock.RLock() + defer usl.serviceAccountLock.RUnlock() + + set := make(map[types.UID]*v1.ServiceAccount) + for _, sl := range usl.serviceAccountListers { + serviceAccounts, err := sl.List(selector) + if err != nil { + return nil, err + } + + for _, serviceAccount := range serviceAccounts { + set[serviceAccount.GetUID()] = serviceAccount + } + } + + for _, serviceAccount := range set { + ret = append(ret, serviceAccount) + } + + return +} + +// ServiceAccounts returns an object that can list and get ServiceAccounts. +func (usl *UnionServiceAccountLister) ServiceAccounts(namespace string) corev1.ServiceAccountNamespaceLister { + usl.serviceAccountLock.RLock() + defer usl.serviceAccountLock.RUnlock() + + // Check for specific namespace listers + if sl, ok := usl.serviceAccountListers[namespace]; ok { + return sl.ServiceAccounts(namespace) + } + + // Check for any namespace-all listers + if sl, ok := usl.serviceAccountListers[metav1.NamespaceAll]; ok { + return sl.ServiceAccounts(namespace) + } + + return &NullServiceAccountNamespaceLister{} +} + +func (usl *UnionServiceAccountLister) RegisterServiceAccountLister(namespace string, lister corev1.ServiceAccountLister) { + usl.serviceAccountLock.Lock() + defer usl.serviceAccountLock.Unlock() + + if usl.serviceAccountListers == nil { + usl.serviceAccountListers = make(map[string]corev1.ServiceAccountLister) + } + usl.serviceAccountListers[namespace] = lister +} + +func (l *coreV1Lister) RegisterServiceAccountLister(namespace string, lister corev1.ServiceAccountLister) { + l.serviceAccountLister.RegisterServiceAccountLister(namespace, lister) +} + +func (l *coreV1Lister) ServiceAccountLister() corev1.ServiceAccountLister { + return l.serviceAccountLister +} + +// NullServiceAccountNamespaceLister is an implementation of a null ServiceAccountNamespaceLister. It is +// used to prevent nil pointers when no ServiceAccountNamespaceLister has been registered for a given +// namespace. +type NullServiceAccountNamespaceLister struct { + corev1.ServiceAccountNamespaceLister +} + +// List returns nil and an error explaining that this is a NullServiceAccountNamespaceLister. +func (n *NullServiceAccountNamespaceLister) List(selector labels.Selector) (ret []*v1.ServiceAccount, err error) { + return nil, fmt.Errorf("cannot list ServiceAccounts with a NullServiceAccountNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullServiceAccountNamespaceLister. +func (n *NullServiceAccountNamespaceLister) Get(name string) (*v1.ServiceAccount, error) { + return nil, fmt.Errorf("cannot get ServiceAccount with a NullServiceAccountNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/subscription.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/subscription.go new file mode 100644 index 000000000..5e3a1a038 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorlister/subscription.go @@ -0,0 +1,96 @@ +package operatorlister + +import ( + "fmt" + "sync" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + listers "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" +) + +type UnionSubscriptionLister struct { + subscriptionListers map[string]listers.SubscriptionLister + subscriptionLock sync.RWMutex +} + +// List lists all Subscriptions in the indexer. +func (usl *UnionSubscriptionLister) List(selector labels.Selector) (ret []*v1alpha1.Subscription, err error) { + usl.subscriptionLock.RLock() + defer usl.subscriptionLock.RUnlock() + + set := make(map[types.UID]*v1alpha1.Subscription) + for _, cl := range usl.subscriptionListers { + subscriptions, err := cl.List(selector) + if err != nil { + return nil, err + } + + for _, subscription := range subscriptions { + set[subscription.GetUID()] = subscription + } + } + + for _, subscription := range set { + ret = append(ret, subscription) + } + + return +} + +// Subscriptions returns an object that can list and get Subscriptions. +func (usl *UnionSubscriptionLister) Subscriptions(namespace string) listers.SubscriptionNamespaceLister { + usl.subscriptionLock.RLock() + defer usl.subscriptionLock.RUnlock() + + // Check for specific namespace listers + if cl, ok := usl.subscriptionListers[namespace]; ok { + return cl.Subscriptions(namespace) + } + + // Check for any namespace-all listers + if cl, ok := usl.subscriptionListers[metav1.NamespaceAll]; ok { + return cl.Subscriptions(namespace) + } + + return &NullSubscriptionNamespaceLister{} +} + +func (usl *UnionSubscriptionLister) RegisterSubscriptionLister(namespace string, lister listers.SubscriptionLister) { + usl.subscriptionLock.Lock() + defer usl.subscriptionLock.Unlock() + + if usl.subscriptionListers == nil { + usl.subscriptionListers = make(map[string]listers.SubscriptionLister) + } + + usl.subscriptionListers[namespace] = lister +} + +func (l *operatorsV1alpha1Lister) RegisterSubscriptionLister(namespace string, lister listers.SubscriptionLister) { + l.subscriptionLister.RegisterSubscriptionLister(namespace, lister) +} + +func (l *operatorsV1alpha1Lister) SubscriptionLister() listers.SubscriptionLister { + return l.subscriptionLister +} + +// NullSubscriptionNamespaceLister is an implementation of a null SubscriptionNamespaceLister. It is +// used to prevent nil pointers when no SubscriptionNamespaceLister has been registered for a given +// namespace. +type NullSubscriptionNamespaceLister struct { + listers.SubscriptionNamespaceLister +} + +// List returns nil and an error explaining that this is a NullSubscriptionNamespaceLister. +func (n *NullSubscriptionNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.Subscription, err error) { + return nil, fmt.Errorf("cannot list Subscriptions with a NullSubscriptionNamespaceLister") +} + +// Get returns nil and an error explaining that this is a NullSubscriptionNamespaceLister. +func (n *NullSubscriptionNamespaceLister) Get(name string) (*v1alpha1.Subscription, error) { + return nil, fmt.Errorf("cannot get Subscription with a NullSubscriptionNamespaceLister") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/builder.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/builder.go new file mode 100644 index 000000000..4b7d5ca6a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/builder.go @@ -0,0 +1,205 @@ +package operatorstatus + +import ( + "reflect" + + configv1 "github.com/openshift/api/config/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/clock" +) + +// NewBuilder returns a builder for ClusterOperatorStatus. +func NewBuilder(clock clock.Clock) *Builder { + return &Builder{ + clock: clock, + } +} + +// Builder helps build ClusterOperatorStatus with appropriate +// ClusterOperatorStatusCondition and OperandVersion. +type Builder struct { + clock clock.Clock + status *configv1.ClusterOperatorStatus +} + +// GetStatus returns the ClusterOperatorStatus built. +func (b *Builder) GetStatus() *configv1.ClusterOperatorStatus { + return b.status +} + +// WithProgressing sets an OperatorProgressing type condition. +func (b *Builder) WithProgressing(status configv1.ConditionStatus, message string) *Builder { + b.init() + condition := &configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: status, + Message: message, + LastTransitionTime: metav1.NewTime(b.clock.Now()), + } + + b.setCondition(condition) + + return b +} + +// WithDegraded sets an OperatorDegraded type condition. +func (b *Builder) WithDegraded(status configv1.ConditionStatus) *Builder { + b.init() + condition := &configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorDegraded, + Status: status, + LastTransitionTime: metav1.NewTime(b.clock.Now()), + } + + b.setCondition(condition) + + return b +} + +// WithAvailable sets an OperatorAvailable type condition. +func (b *Builder) WithAvailable(status configv1.ConditionStatus, message string) *Builder { + b.init() + condition := &configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorAvailable, + Status: status, + Message: message, + LastTransitionTime: metav1.NewTime(b.clock.Now()), + } + + b.setCondition(condition) + + return b +} + +// WithVersion adds the specific version into the status. +func (b *Builder) WithVersion(name, version string) *Builder { + b.init() + + existing := b.findVersion(name) + if existing != nil { + existing.Version = version + return b + } + + ov := configv1.OperandVersion{ + Name: name, + Version: version, + } + b.status.Versions = append(b.status.Versions, ov) + + return b +} + +// WithoutVersion removes the specified version from the existing status. +func (b *Builder) WithoutVersion(name, version string) *Builder { + b.init() + + versions := make([]configv1.OperandVersion, 0) + + for _, v := range b.status.Versions { + if v.Name == name { + continue + } + + versions = append(versions, v) + } + + b.status.Versions = versions + return b +} + +// WithRelatedObject adds the reference specified to the RelatedObjects list. +func (b *Builder) WithRelatedObject(group, resource, namespace, name string) *Builder { + b.init() + + reference := configv1.ObjectReference{ + Group: group, + Resource: resource, + Namespace: namespace, + Name: name, + } + + b.setRelatedObject(reference) + + return b +} + +// WithoutRelatedObject removes the reference specified from the RelatedObjects list. +func (b *Builder) WithoutRelatedObject(group, resource, namespace, name string) *Builder { + b.init() + + reference := configv1.ObjectReference{ + Group: group, + Resource: resource, + Namespace: namespace, + Name: name, + } + + related := make([]configv1.ObjectReference, 0) + for i := range b.status.RelatedObjects { + if reflect.DeepEqual(b.status.RelatedObjects[i], reference) { + continue + } + + related = append(related, b.status.RelatedObjects[i]) + } + + b.status.RelatedObjects = related + return b +} + +func (b *Builder) init() { + if b.status == nil { + b.status = &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + } + } +} + +func (b *Builder) findCondition(conditionType configv1.ClusterStatusConditionType) *configv1.ClusterOperatorStatusCondition { + for i := range b.status.Conditions { + if b.status.Conditions[i].Type == conditionType { + return &b.status.Conditions[i] + } + } + + return nil +} + +func (b *Builder) setCondition(condition *configv1.ClusterOperatorStatusCondition) { + existing := b.findCondition(condition.Type) + if existing == nil { + b.status.Conditions = append(b.status.Conditions, *condition) + return + } + + existing.Reason = condition.Reason + existing.Message = condition.Message + + if existing.Status != condition.Status { + existing.Status = condition.Status + existing.LastTransitionTime = condition.LastTransitionTime + } +} + +func (b *Builder) findVersion(name string) *configv1.OperandVersion { + for i := range b.status.Versions { + if b.status.Versions[i].Name == name { + return &b.status.Versions[i] + } + } + + return nil +} + +func (b *Builder) setRelatedObject(reference configv1.ObjectReference) { + for i := range b.status.RelatedObjects { + if reflect.DeepEqual(b.status.RelatedObjects[i], reference) { + return + } + } + + b.status.RelatedObjects = append(b.status.RelatedObjects, reference) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/builder_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/builder_test.go new file mode 100644 index 000000000..873485b74 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/builder_test.go @@ -0,0 +1,347 @@ +package operatorstatus + +import ( + "testing" + "time" + + configv1 "github.com/openshift/api/config/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/clock" + + "github.com/stretchr/testify/assert" +) + +func TestBuilder(t *testing.T) { + fakeClock := clock.NewFakeClock(time.Now()) + minuteAgo := metav1.NewTime(time.Now().Add(-1 * time.Minute)) + + tests := []struct { + name string + action func(b *Builder) + existing *configv1.ClusterOperatorStatus + expected *configv1.ClusterOperatorStatus + }{ + // Condition: (Progressing, True). + // existing status.Conditions is empty. + { + name: "WithProgressing/NoProgressingConditionPresentInExistingStatus", + action: func(b *Builder) { + b.WithProgressing(configv1.ConditionTrue, "message") + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + Message: "message", + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + }, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // Condition: (Progressing, True). + // (Progressing, False) is already present in existing status.Conditions. + { + name: "WithProgressing/ProgressingConditionPresentInExistingStatus", + action: func(b *Builder) { + b.WithProgressing(configv1.ConditionTrue, "message") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionFalse, + }, + }, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + Message: "message", + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + }, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // Condition: (Progressing, True). + // (Progressing, True) is already present in existing status.Conditions. + { + name: "WithProgressing/ProgressingConditionMatchesInExistingStatus", + action: func(b *Builder) { + b.WithProgressing(configv1.ConditionTrue, "message") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + LastTransitionTime: minuteAgo, + }, + }, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + Message: "message", + LastTransitionTime: minuteAgo, + }, + }, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // A new version is being added to status. + // Existing status does not have any matching name. + { + name: "WithVersion/WithNoMatchingName", + action: func(b *Builder) { + b.WithVersion("foo", "1.00") + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // A new version is being added to status. + // Existing status already has a matching same name and version. + { + name: "WithVersion/WithMatchingNameAndVersion", + action: func(b *Builder) { + b.WithVersion("foo", "1.00") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // A new version is being added to status. + // Existing status already has a matching name but a different version. + { + name: "WithVersion/WithMatchingNameButDifferentVersion", + action: func(b *Builder) { + b.WithVersion("foo", "2.00") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "2.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // Multiple versions are added to status. + { + name: "WithVersion/WithMultipleVersions", + action: func(b *Builder) { + b.WithVersion("foo", "2.00").WithVersion("bar", "1.00") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "2.00", + }, + configv1.OperandVersion{ + Name: "bar", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // A version is being removed from status. + // Existing status already has a matching name. + { + name: "WithoutVersion/WithMatchingName", + action: func(b *Builder) { + b.WithoutVersion("foo", "1.00") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "foo", + Version: "1.00", + }, + configv1.OperandVersion{ + Name: "bar", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "bar", + Version: "1.00", + }, + }, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + + // A new related object is being added. + // Existing status is empty. + { + name: "WithRelatedObject/ReferenceNotPresentInStatus", + action: func(b *Builder) { + b.WithRelatedObject("group", "resource", "namespace", "name") + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{ + configv1.ObjectReference{ + Group: "group", + Resource: "resource", + Namespace: "namespace", + Name: "name", + }, + }, + }, + }, + + // A new related object reference is being added. + // Existing status already has the same related object reference. + { + name: "WithRelatedObject/ReferencePresentInStatus", + action: func(b *Builder) { + b.WithRelatedObject("group", "resource", "namespace", "name") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{ + configv1.ObjectReference{ + Group: "group", + Resource: "resource", + Namespace: "namespace", + Name: "name", + }, + }, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{ + configv1.ObjectReference{ + Group: "group", + Resource: "resource", + Namespace: "namespace", + Name: "name", + }, + }, + }, + }, + + // A related object reference is being removed. + // Existing status already has the same related object reference. + { + name: "WithoutRelatedObject/ReferenceBeingRemoved", + action: func(b *Builder) { + b.WithoutRelatedObject("group", "resource", "namespace", "name") + }, + existing: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{ + configv1.ObjectReference{ + Group: "group", + Resource: "resource", + Namespace: "namespace", + Name: "name", + }, + }, + }, + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{}, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + builder := &Builder{ + clock: fakeClock, + status: tt.existing, + } + + // Go through the build steps specified. + tt.action(builder) + + statusWant := tt.expected + statusGot := builder.GetStatus() + + assert.Equal(t, statusWant, statusGot) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/clusteroperatorwriter.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/clusteroperatorwriter.go new file mode 100644 index 000000000..64500b343 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/clusteroperatorwriter.go @@ -0,0 +1,84 @@ +package operatorstatus + +import ( + "errors" + "reflect" + + configv1 "github.com/openshift/api/config/v1" + configv1client "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/client-go/discovery" +) + +// NewWriter returns a new instance of Writer. +func NewWriter(discovery discovery.DiscoveryInterface, client configv1client.ConfigV1Interface) *Writer { + return &Writer{ + discovery: discovery, + client: client, + } +} + +// Writer encapsulates logic for cluster operator object API. It is used to +// update ClusterOperator resource. +type Writer struct { + discovery discovery.DiscoveryInterface + client configv1client.ConfigV1Interface +} + +// EnsureExists ensures that the cluster operator resource exists with a default +// status that reflects expecting status. +func (w *Writer) EnsureExists(name string) (existing *configv1.ClusterOperator, err error) { + existing, err = w.client.ClusterOperators().Get(name, metav1.GetOptions{}) + if err == nil { + return + } + + if !k8serrors.IsNotFound(err) { + return + } + + co := &configv1.ClusterOperator{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + } + existing, err = w.client.ClusterOperators().Create(co) + return +} + +// UpdateStatus updates the clusteroperator object with the new status specified. +func (w *Writer) UpdateStatus(existing *configv1.ClusterOperator, newStatus *configv1.ClusterOperatorStatus) error { + if newStatus == nil || existing == nil { + return errors.New("input specified is ") + } + + existingStatus := existing.Status.DeepCopy() + if reflect.DeepEqual(existingStatus, newStatus) { + return nil + } + + existing.Status = *newStatus + if _, err := w.client.ClusterOperators().UpdateStatus(existing); err != nil { + return err + } + + return nil +} + +// IsAPIAvailable return true if cluster operator API is present on the cluster. +// Otherwise, exists is set to false. +func (w *Writer) IsAPIAvailable() (exists bool, err error) { + opStatusGV := schema.GroupVersion{ + Group: "config.openshift.io", + Version: "v1", + } + err = discovery.ServerSupportsVersion(w.discovery, opStatusGV) + if err != nil { + return + } + + exists = true + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_handler.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_handler.go new file mode 100644 index 000000000..8f3cd561a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_handler.go @@ -0,0 +1,163 @@ +package operatorstatus + +import ( + "fmt" + "os" + "strconv" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/csv" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" + "github.com/sirupsen/logrus" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/selection" +) + +const ( + // SelectorKey is the key of the label we use to identify the + // corresponding ClusterServiceVersion object related to the cluster operator. + // If we want to update a cluster operator named "package-server" then the + // corresponding ClusterServiceVersion must have the following label + // + // "olm.clusteroperator.name": "package-server" + // + SelectorKey = "olm.clusteroperator.name" +) + +// NewCSVWatchNotificationHandler returns a new instance of csv.WatchNotification +// This can be used to get notification of every CSV reconciliation request. +func NewCSVWatchNotificationHandler(log *logrus.Logger, csvSet csv.SetGenerator, finder csv.ReplaceFinder, sender Sender) *handler { + logger := log.WithField("monitor", "clusteroperator") + releaseVersion := os.Getenv("RELEASE_VERSION") + + return &handler{ + csvSet: csvSet, + finder: finder, + sender: sender, + reporter: newCSVStatusReporter(releaseVersion), + logger: logger, + } +} + +// csvEventContext contains all necessary information related to a notification. +type csvEventContext struct { + // Name of the clusteroperator resource associated with this CSV. + Name string + + // Current is the CSV for which we have received notification. + // If there is an upgrade going on, Current is set to the latest version of + // the CSV that is replacing the older version. + // For a chain like this, (v1) -> v2 -> v3 -> (v4) + // Current will be set to the CSV linked to v4. + WorkingToward *v1alpha1.ClusterServiceVersion + + // Current is the CSV for which we have received notification. + Current *v1alpha1.ClusterServiceVersion + + // CurrentDeleted indicates that the Current CSV has been deleted + CurrentDeleted bool +} + +func (c *csvEventContext) GetActiveCSV() *v1alpha1.ClusterServiceVersion { + if c.WorkingToward != nil { + return c.WorkingToward + } + + return c.Current +} + +func (c *csvEventContext) String() string { + replaces := "" + if c.WorkingToward != nil { + replaces = c.WorkingToward.GetName() + } + + return fmt.Sprintf("name=%s csv=%s deleted=%s replaces=%s", c.Name, c.Current.GetName(), strconv.FormatBool(c.CurrentDeleted), replaces) +} + +type handler struct { + csvSet csv.SetGenerator + finder csv.ReplaceFinder + sender Sender + reporter *csvStatusReporter + logger *logrus.Entry +} + +// OnAddOrUpdate is invoked when a CSV has been added or edited. We tap into +// this notification and do the following: +// +// a. Make sure this is the CSV related to the cluster operator resource we are +// tracking. Otherwise, do nothing. +// b. If this is the right CSV then send it to the monitor. +func (h *handler) OnAddOrUpdate(in *v1alpha1.ClusterServiceVersion) { + h.onNotification(in, false) +} + +// OnDelete is invoked when a CSV has been deleted. We tap into +// this notification and do the following: +// +// a. Make sure this is the CSV related to the cluster operator resource we are +// tracking. Otherwise, do nothing. +// b. If this is the right CSV then send it to the monitor. +func (h *handler) OnDelete(in *v1alpha1.ClusterServiceVersion) { + h.onNotification(in, true) +} + +func (h *handler) onNotification(current *v1alpha1.ClusterServiceVersion, deleted bool) { + name, matched := h.isMatchingCSV(current) + if !matched { + return + } + + workingToward := h.getLatestInReplacementChain(current) + context := &csvEventContext{ + Name: name, + Current: current, + CurrentDeleted: deleted, + WorkingToward: workingToward, + } + + if err := ownerutil.InferGroupVersionKind(current); err != nil { + h.logger.Errorf("could not set GroupVersionKind - csv=%s", current.GetName()) + } + + if workingToward != nil { + if err := ownerutil.InferGroupVersionKind(workingToward); err != nil { + h.logger.Errorf("could not set GroupVersionKind - csv=%s", workingToward.GetName()) + } + } + + h.logger.Debugf("found a matching CSV %s, sending notification", context) + + notification := h.reporter.NewNotification(context) + h.sender.Send(notification) +} + +func (h *handler) getLatestInReplacementChain(in *v1alpha1.ClusterServiceVersion) (final *v1alpha1.ClusterServiceVersion) { + requirement, _ := labels.NewRequirement(SelectorKey, selection.Exists, []string{}) + selector := labels.NewSelector().Add(*requirement) + related := h.csvSet.WithNamespaceAndLabels(in.GetNamespace(), v1alpha1.CSVPhaseAny, selector) + + return h.finder.GetFinalCSVInReplacing(in, related) +} + +func (h *handler) isMatchingCSV(in *v1alpha1.ClusterServiceVersion) (name string, matched bool) { + // If it is a "copy" CSV we ignore it. + if in.IsCopied() { + return + } + + // Does it have the right label? + labels := in.GetLabels() + if labels == nil { + return + } + + name, _ = labels[SelectorKey] + if name == "" { + return + } + + matched = true + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_reporter.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_reporter.go new file mode 100644 index 000000000..9236e9342 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_reporter.go @@ -0,0 +1,118 @@ +package operatorstatus + +import ( + "fmt" + + configv1 "github.com/openshift/api/config/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "k8s.io/apimachinery/pkg/util/clock" +) + +const ( + // versionName reflects the name of the version CVO expects in Status. + versionName = "operator" +) + +// newCSVStatusReporter returns a new instance of CSVStatusReporter +func newCSVStatusReporter(releaseVersion string) *csvStatusReporter { + return &csvStatusReporter{ + clock: &clock.RealClock{}, + releaseVersion: releaseVersion, + } +} + +// csvStatusReporter provides the logic for initialzing ClusterOperator and +// ClusterOperatorStatus types. +type csvStatusReporter struct { + clock clock.Clock + releaseVersion string +} + +// NewNotification prepares a new notification event to be sent to the monitor. +func (r *csvStatusReporter) NewNotification(context *csvEventContext) NotificationFunc { + return func() (name string, mutator MutatorFunc) { + name = context.Name + mutator = func(existing *configv1.ClusterOperatorStatus) (new *configv1.ClusterOperatorStatus) { + new = r.GetNewStatus(existing, context) + return + } + + return + } +} + +// GetNewStatus returns the expected new status based on the notification context. +// We cover the following scenarios: +// a. Fresh install of an operator (v1), no previous version is installed. +// 1. Working toward v1 +// 2. v1 successfully installed +// 3. v1 deploy failed +// 4. v1 has been removed, post successful install. +// +// b. Newer version of the operator (v2) is being installed (v1 is already installed) +// 1. Working toward v2. (v1 is being replaced, it waits until v2 successfully +// is successfully installed) Is v1 available while v2 is being installed? +// 2. When v1 is uninstalled, we remove the old version from status. +// 3. When v3 is installed successfully, we add the new version (v2) to status. +func (r *csvStatusReporter) GetNewStatus(existing *configv1.ClusterOperatorStatus, context *csvEventContext) (status *configv1.ClusterOperatorStatus) { + builder := &Builder{ + clock: r.clock, + status: existing, + } + + defer func() { + status = builder.GetStatus() + }() + + // We don't monitor whether the CSV backed operator is in degraded status. + builder.WithDegraded(configv1.ConditionFalse) + + // A CSV has been deleted. + if context.CurrentDeleted { + csv := context.Current + gvk := csv.GetObjectKind().GroupVersionKind() + + builder.WithoutVersion(csv.GetName(), csv.Spec.Version.String()). + WithoutRelatedObject(gvk.Group, gvk.Kind, csv.GetNamespace(), csv.GetName()) + + if context.WorkingToward == nil { + builder.WithProgressing(configv1.ConditionFalse, fmt.Sprintf("Uninstalled version %s", csv.Spec.Version)). + WithAvailable(configv1.ConditionFalse, "") + + return + } + } + + // It's either a fresh install or an upgrade. + csv := context.GetActiveCSV() + name := csv.GetName() + version := csv.Spec.Version + phase := csv.Status.Phase + + gvk := csv.GetObjectKind().GroupVersionKind() + builder.WithRelatedObject("", "namespaces", "", csv.GetNamespace()). + WithRelatedObject(gvk.Group, gvk.Kind, csv.GetNamespace(), csv.GetName()) + + switch phase { + case v1alpha1.CSVPhaseSucceeded: + builder.WithAvailable(configv1.ConditionTrue, "") + default: + builder.WithAvailable(configv1.ConditionFalse, "") + } + + switch phase { + case v1alpha1.CSVPhaseSucceeded: + builder.WithProgressing(configv1.ConditionFalse, fmt.Sprintf("Deployed version %s", version)) + case v1alpha1.CSVPhaseFailed: + builder.WithProgressing(configv1.ConditionFalse, fmt.Sprintf("Failed to deploy %s", version)) + default: + builder.WithProgressing(configv1.ConditionTrue, fmt.Sprintf("Working toward %s", version)) + } + + if phase == v1alpha1.CSVPhaseSucceeded { + builder.WithVersion(versionName, r.releaseVersion) + builder.WithVersion(name, version.String()) + } + + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_reporter_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_reporter_test.go new file mode 100644 index 000000000..2671676ae --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/csv_reporter_test.go @@ -0,0 +1,175 @@ +package operatorstatus + +import ( + "testing" + "time" + + "github.com/blang/semver" + configv1 "github.com/openshift/api/config/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/clock" +) + +func TestGetNewStatus(t *testing.T) { + fakeClock := clock.NewFakeClock(time.Now()) + + tests := []struct { + name string + existing *configv1.ClusterOperatorStatus + context *csvEventContext + expected *configv1.ClusterOperatorStatus + }{ + // A CSV is being worked on. It has not succeeded or failed yet. + { + name: "WithCSVInProgress", + context: &csvEventContext{ + Name: "foo", + CurrentDeleted: false, + Current: &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: "foo-namespace", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Version: version.OperatorVersion{ + semver.Version{ + Major: 1, Minor: 0, Patch: 0, + }, + }, + }, + Status: v1alpha1.ClusterServiceVersionStatus{ + Phase: v1alpha1.CSVPhasePending, + }, + }, + }, + + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorDegraded, + Status: configv1.ConditionFalse, + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorAvailable, + Status: configv1.ConditionFalse, + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + Message: "Working toward 1.0.0", + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + }, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{ + configv1.ObjectReference{ + Group: "", + Resource: "namespaces", + Namespace: "", + Name: "foo-namespace", + }, + configv1.ObjectReference{ + Group: v1alpha1.GroupName, + Resource: v1alpha1.ClusterServiceVersionKind, + Namespace: "foo-namespace", + Name: "foo", + }, + }, + }, + }, + + // A CSV has successfully installed. + { + name: "WithCSVSuccessfullyInstalled", + context: &csvEventContext{ + Name: "foo", + CurrentDeleted: false, + Current: &v1alpha1.ClusterServiceVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: "foo-namespace", + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Version: version.OperatorVersion{ + semver.Version{ + Major: 1, Minor: 0, Patch: 0, + }, + }, + }, + Status: v1alpha1.ClusterServiceVersionStatus{ + Phase: v1alpha1.CSVPhaseSucceeded, + }, + }, + }, + + expected: &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorDegraded, + Status: configv1.ConditionFalse, + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorAvailable, + Status: configv1.ConditionTrue, + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionFalse, + Message: "Deployed version 1.0.0", + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + }, + Versions: []configv1.OperandVersion{ + configv1.OperandVersion{ + Name: "operator", + Version: "snapshot", + }, + configv1.OperandVersion{ + Name: "foo", + Version: "1.0.0", + }, + }, + RelatedObjects: []configv1.ObjectReference{ + configv1.ObjectReference{ + Group: "", + Resource: "namespaces", + Namespace: "", + Name: "foo-namespace", + }, + configv1.ObjectReference{ + Group: v1alpha1.GroupName, + Resource: v1alpha1.ClusterServiceVersionKind, + Namespace: "foo-namespace", + Name: "foo", + }, + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + reporter := &csvStatusReporter{ + clock: fakeClock, + releaseVersion: "snapshot", + } + + err := ownerutil.InferGroupVersionKind(tt.context.Current) + require.NoError(t, err) + + statusWant := tt.expected + statusGot := reporter.GetNewStatus(tt.existing, tt.context) + + assert.Equal(t, statusWant, statusGot) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/monitor.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/monitor.go new file mode 100644 index 000000000..eb868aec0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/monitor.go @@ -0,0 +1,224 @@ +package operatorstatus + +import ( + "fmt" + "strings" + "time" + + configv1 "github.com/openshift/api/config/v1" + configv1client "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + "github.com/sirupsen/logrus" + "k8s.io/apimachinery/pkg/util/clock" + "k8s.io/client-go/discovery" +) + +const ( + // Wait time before we probe next while checking whether cluster + // operator API is available. + defaultProbeInterval = 1 * time.Minute + + // Default size of the notification channel. + defaultNotificationChannelSize = 64 +) + +// NewMonitor returns a new instance of Monitor that can be used to continuously +// update a clusteroperator resource and an instance of Sender that can be used +// to send update notifications to it. +// +// The name of the clusteroperator resource to monitor is specified in name. +func NewMonitor(name string, log *logrus.Logger, discovery discovery.DiscoveryInterface, configClient configv1client.ConfigV1Interface) (Monitor, Sender) { + logger := log.WithField("monitor", "clusteroperator") + names := split(name) + + logger.Infof("monitoring the following components %s", names) + + monitor := &monitor{ + logger: logger, + writer: NewWriter(discovery, configClient), + notificationCh: make(chan NotificationFunc, defaultNotificationChannelSize), + names: names, + } + + return monitor, monitor +} + +// Monitor is an interface that wraps the Run method. +// +// Run runs forever, it reads from an underlying notification channel and +// updates an clusteroperator resource accordingly. +// If the specified stop channel is closed the loop must terminate gracefully. +type Monitor interface { + Run(stopCh <-chan struct{}) +} + +// MutatorFunc accepts an existing status object and appropriately mutates it +// to reflect the observed states. +type MutatorFunc func(existing *configv1.ClusterOperatorStatus) (new *configv1.ClusterOperatorStatus) + +// Mutate is a wrapper for MutatorFunc +func (m MutatorFunc) Mutate(existing *configv1.ClusterOperatorStatus) (new *configv1.ClusterOperatorStatus) { + return m(existing) +} + +// NotificationFunc wraps a notification event. it returns the name of the +// cluster operator object associated and a mutator function that will set the +// new status for the cluster operator object. +type NotificationFunc func() (name string, mutator MutatorFunc) + +// Get is a wrapper for NotificationFunc. +func (n NotificationFunc) Get() (name string, mutator MutatorFunc) { + return n() +} + +// Sender is an interface that wraps the Send method. +// +// Send can be used to send notification(s) to the underlying monitor. Send is a +// non-blocking operation. +// If the underlying monitor is not ready to receive the notification will be lost. +// If the notification context specified is nil then it is ignored. +type Sender interface { + Send(NotificationFunc) +} + +type monitor struct { + notificationCh chan NotificationFunc + writer *Writer + logger *logrus.Entry + names []string +} + +func (m *monitor) Send(notification NotificationFunc) { + if notification == nil { + return + } + + select { + case m.notificationCh <- notification: + default: + m.logger.Warn("monitor not ready to receive") + } +} + +func (m *monitor) Run(stopCh <-chan struct{}) { + m.logger.Info("starting clusteroperator monitor loop") + defer func() { + m.logger.Info("exiting from clusteroperator monitor loop") + }() + + // First, we need to ensure that cluster operator API is available. + // We will keep probing until it is available. + for { + exists, err := m.writer.IsAPIAvailable() + if err != nil { + m.logger.Infof("ClusterOperator api not present, skipping update (%v)", err) + } + + if exists { + m.logger.Info("ClusterOperator api is present") + break + } + + // Wait before next probe, or quit if parent has asked to do so. + select { + case <-time.After(defaultProbeInterval): + case <-stopCh: + return + } + } + + // If we are here, cluster operator is available. + // We are expecting CSV notification which may or may not arrive. + // Given this, let's write an initial ClusterOperator object with our expectation. + m.logger.Infof("initializing clusteroperator resource(s) for %s", m.names) + + for _, name := range m.names { + if err := m.init(name); err != nil { + m.logger.Errorf("initialization error - %v", err) + break + } + } + + for { + select { + case notification := <-m.notificationCh: + if notification != nil { + name, mutator := notification.Get() + if err := m.update(name, mutator); err != nil { + m.logger.Errorf("status update error - %v", err) + } + } + + case <-stopCh: + return + } + } +} + +func (m *monitor) update(name string, mutator MutatorFunc) error { + if mutator == nil { + return fmt.Errorf("no status mutator specified name=%s", name) + } + + existing, err := m.writer.EnsureExists(name) + if err != nil { + return fmt.Errorf("failed to ensure initial clusteroperator name=%s - %v", name, err) + } + + existingStatus := existing.Status.DeepCopy() + newStatus := mutator.Mutate(existingStatus) + if err := m.writer.UpdateStatus(existing, newStatus); err != nil { + return fmt.Errorf("failed to update clusteroperator status name=%s - %v", name, err) + } + + return nil +} + +func (m *monitor) init(name string) error { + existing, err := m.writer.EnsureExists(name) + if err != nil { + return fmt.Errorf("failed to ensure name=%s - %v", name, err) + } + + if len(existing.Status.Conditions) > 0 { + return nil + } + + // No condition(s) in existing status, let's add conditions that reflect our expectation. + newStatus := Waiting(&clock.RealClock{}, name) + if err := m.writer.UpdateStatus(existing, newStatus); err != nil { + return fmt.Errorf("failed to update status name=%s - %v", name, err) + } + + return nil +} + +// Waiting returns an initialized ClusterOperatorStatus object that +// is suited for creation if the given object does not exist already. The +// initialized object has the expected status for cluster operator resource +// before we have seen any corresponding CSV. +func Waiting(clock clock.Clock, name string) *configv1.ClusterOperatorStatus { + builder := &Builder{ + clock: clock, + } + + status := builder.WithDegraded(configv1.ConditionFalse). + WithAvailable(configv1.ConditionFalse, ""). + WithProgressing(configv1.ConditionTrue, fmt.Sprintf("waiting for events - source=%s", name)). + GetStatus() + + return status +} + +func split(n string) []string { + names := make([]string, 0) + + values := strings.Split(n, ",") + for _, v := range values { + v = strings.TrimSpace(v) + if v != "" { + names = append(names, v) + } + } + + return names +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/monitor_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/monitor_test.go new file mode 100644 index 000000000..d1ab25406 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/monitor_test.go @@ -0,0 +1,44 @@ +package operatorstatus + +import ( + "fmt" + "testing" + "time" + + configv1 "github.com/openshift/api/config/v1" + "github.com/stretchr/testify/assert" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/clock" +) + +func TestMonitorWaiting(t *testing.T) { + fakeClock := clock.NewFakeClock(time.Now()) + name := "foo" + + statusWant := &configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorDegraded, + Status: configv1.ConditionFalse, + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorAvailable, + Status: configv1.ConditionFalse, + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + Message: fmt.Sprintf("waiting for events - source=%s", name), + LastTransitionTime: metav1.NewTime(fakeClock.Now()), + }, + }, + Versions: []configv1.OperandVersion{}, + RelatedObjects: []configv1.ObjectReference{}, + } + + statusGot := Waiting(fakeClock, name) + + assert.Equal(t, statusWant, statusGot) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/status.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/status.go new file mode 100644 index 000000000..d84c9fe22 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorstatus/status.go @@ -0,0 +1,222 @@ +package operatorstatus + +import ( + "fmt" + "os" + "reflect" + "time" + + configv1 "github.com/openshift/api/config/v1" + configv1client "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + log "github.com/sirupsen/logrus" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/discovery" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + olmversion "github.com/operator-framework/operator-lifecycle-manager/pkg/version" +) + +func MonitorClusterStatus(name string, syncCh <-chan error, stopCh <-chan struct{}, opClient operatorclient.ClientInterface, configClient configv1client.ConfigV1Interface) { + var ( + syncs int + successfulSyncs int + hasClusterOperator bool + ) + go wait.Until(func() { + // slow poll until we see a cluster operator API, which could be never + if !hasClusterOperator { + opStatusGV := schema.GroupVersion{ + Group: "config.openshift.io", + Version: "v1", + } + err := discovery.ServerSupportsVersion(opClient.KubernetesInterface().Discovery(), opStatusGV) + if err != nil { + log.Infof("ClusterOperator api not present, skipping update (%v)", err) + time.Sleep(time.Minute) + return + } + hasClusterOperator = true + } + + // Sample the sync channel and see whether we're successfully retiring syncs as a + // proxy for "working" (we can't know when we hit level, but we can at least verify + // we are seeing some syncs succeeding). Once we observe at least one successful + // sync we can begin reporting available and level. + select { + case err, ok := <-syncCh: + if !ok { + // syncCh should only close if the Run() loop exits + time.Sleep(5 * time.Second) + log.Fatalf("Status sync channel closed but process did not exit in time") + } + syncs++ + if err == nil { + successfulSyncs++ + } + // grab any other sync events that have accumulated + for len(syncCh) > 0 { + if err := <-syncCh; err == nil { + successfulSyncs++ + } + syncs++ + } + // if we haven't yet accumulated enough syncs, wait longer + // TODO: replace these magic numbers with a better measure of syncs across all queueInformers + if successfulSyncs < 5 || syncs < 10 { + log.Printf("Waiting to observe more successful syncs") + return + } + } + + // create the cluster operator in an initial state if it does not exist + existing, err := configClient.ClusterOperators().Get(name, metav1.GetOptions{}) + if k8serrors.IsNotFound(err) { + log.Info("Existing operator status not found, creating") + created, createErr := configClient.ClusterOperators().Create(&configv1.ClusterOperator{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Status: configv1.ClusterOperatorStatus{ + Conditions: []configv1.ClusterOperatorStatusCondition{ + { + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + Message: fmt.Sprintf("Installing %s", olmversion.OLMVersion), + LastTransitionTime: metav1.Now(), + }, + { + Type: configv1.OperatorDegraded, + Status: configv1.ConditionFalse, + LastTransitionTime: metav1.Now(), + }, + { + Type: configv1.OperatorAvailable, + Status: configv1.ConditionFalse, + LastTransitionTime: metav1.Now(), + }, + }, + }, + }) + if createErr != nil { + log.Errorf("Failed to create cluster operator: %v\n", createErr) + return + } + existing = created + err = nil + } + if err != nil { + log.Errorf("Unable to retrieve cluster operator: %v", err) + return + } + + // update the status with the appropriate state + previousStatus := existing.Status.DeepCopy() + previousOperatorVersion := func(vs []configv1.OperandVersion) string { + for _, v := range vs { + if v.Name == "operator" { + return v.Version + } + } + return "" + }(previousStatus.Versions) + targetOperatorVersion := os.Getenv("RELEASE_VERSION") + switch { + case successfulSyncs > 0: + setOperatorStatusCondition(&existing.Status.Conditions, configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorDegraded, + Status: configv1.ConditionFalse, + }) + setOperatorStatusCondition(&existing.Status.Conditions, configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionFalse, + Message: fmt.Sprintf("Deployed %s", olmversion.OLMVersion), + }) + setOperatorStatusCondition(&existing.Status.Conditions, configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorAvailable, + Status: configv1.ConditionTrue, + }) + // we set the versions array when all the latest code is deployed and running - in this case, + // the sync method is responsible for guaranteeing that happens before it returns nil + if len(targetOperatorVersion) > 0 { + existing.Status.Versions = []configv1.OperandVersion{ + { + Name: "operator", + Version: targetOperatorVersion, + }, + { + Name: "operator-lifecycle-manager", + Version: olmversion.OLMVersion, + }, + } + if targetOperatorVersion != previousOperatorVersion { + setOperatorStatusCondition(&existing.Status.Conditions, configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionTrue, + Message: fmt.Sprintf("Deployed %s", olmversion.OLMVersion), + }) + } + } else { + existing.Status.Versions = nil + } + default: + setOperatorStatusCondition(&existing.Status.Conditions, configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorDegraded, + Status: configv1.ConditionTrue, + Message: "Waiting for updates to take effect", + }) + setOperatorStatusCondition(&existing.Status.Conditions, configv1.ClusterOperatorStatusCondition{ + Type: configv1.OperatorProgressing, + Status: configv1.ConditionFalse, + Message: fmt.Sprintf("Waiting to see update %s succeed", olmversion.OLMVersion), + }) + // TODO: use % errors within a window to report available + } + + // update the status + if !reflect.DeepEqual(previousStatus, &existing.Status) { + if _, err := configClient.ClusterOperators().UpdateStatus(existing); err != nil { + log.Errorf("Unable to update cluster operator status: %v", err) + } + } + + // if we've reported success, we can sleep longer, otherwise we want to keep watching for + // successful + if successfulSyncs > 0 { + time.Sleep(5 * time.Minute) + } + + }, 5*time.Second, stopCh) +} + +func setOperatorStatusCondition(conditions *[]configv1.ClusterOperatorStatusCondition, newCondition configv1.ClusterOperatorStatusCondition) { + if conditions == nil { + conditions = &[]configv1.ClusterOperatorStatusCondition{} + } + existingCondition := findOperatorStatusCondition(*conditions, newCondition.Type) + if existingCondition == nil { + newCondition.LastTransitionTime = metav1.NewTime(time.Now()) + *conditions = append(*conditions, newCondition) + return + } + + if existingCondition.Status != newCondition.Status { + existingCondition.Status = newCondition.Status + existingCondition.LastTransitionTime = metav1.NewTime(time.Now()) + } + + existingCondition.Reason = newCondition.Reason + existingCondition.Message = newCondition.Message +} + +func findOperatorStatusCondition(conditions []configv1.ClusterOperatorStatusCondition, conditionType configv1.ClusterStatusConditionType) *configv1.ClusterOperatorStatusCondition { + for i := range conditions { + if conditions[i].Type == conditionType { + return &conditions[i] + } + } + + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil/util.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil/util.go new file mode 100644 index 000000000..0f8ee5610 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil/util.go @@ -0,0 +1,366 @@ +package ownerutil + +import ( + "fmt" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + + log "github.com/sirupsen/logrus" + corev1 "k8s.io/api/core/v1" + rbac "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const ( + OwnerKey = "olm.owner" + OwnerNamespaceKey = "olm.owner.namespace" + OwnerKind = "olm.owner.kind" +) + +var ( + NotController = false + DontBlockOwnerDeletion = false +) + +// Owner is used to build an OwnerReference, and we need type and object metadata +type Owner interface { + metav1.Object + runtime.Object +} + +func IsOwnedBy(object metav1.Object, owner Owner) bool { + for _, oref := range object.GetOwnerReferences() { + if oref.UID == owner.GetUID() { + return true + } + } + return false +} + +func IsOwnedByKind(object metav1.Object, ownerKind string) bool { + for _, oref := range object.GetOwnerReferences() { + if oref.Kind == ownerKind { + return true + } + } + return false +} + +func GetOwnerByKind(object metav1.Object, ownerKind string) *metav1.OwnerReference { + for _, oref := range object.GetOwnerReferences() { + if oref.Kind == ownerKind { + return &oref + } + } + return nil +} + +func GetOwnerByKindLabel(object metav1.Object, ownerKind string) (name, namespace string, ok bool) { + if !IsOwnedByKindLabel(object, ownerKind) { + return + } + if object.GetLabels() == nil { + return + } + + namespace, ok = object.GetLabels()[OwnerNamespaceKey] + if !ok { + return + } + ok = false + + name, ok = object.GetLabels()[OwnerKey] + return +} + +// GetOwnersByKind returns all OwnerReferences of the given kind listed by the given object +func GetOwnersByKind(object metav1.Object, ownerKind string) []metav1.OwnerReference { + var orefs []metav1.OwnerReference + for _, oref := range object.GetOwnerReferences() { + if oref.Kind == ownerKind { + orefs = append(orefs, oref) + } + } + return orefs +} + +// HasOwnerConflict checks if the given list of OwnerReferences points to owners other than the target. +// This function returns true if the list of OwnerReferences is empty or contains elements of the same kind as +// the target but does not include the target OwnerReference itself. This function returns false if the list contains +// the target, or has no elements of the same kind as the target. +// +// Note: This is imporant when determining if a Role, RoleBinding, ClusterRole, or ClusterRoleBinding +// can be used to satisfy permissions of a CSV. If the target CSV is not a member of the RBAC resource's +// OwnerReferences, then we know the resource can be garbage collected by OLM independently of the target +// CSV +func HasOwnerConflict(target Owner, owners []metav1.OwnerReference) bool { + // Infer TypeMeta for the target + if err := InferGroupVersionKind(target); err != nil { + log.Warn(err.Error()) + } + + conflicts := false + for _, owner := range owners { + gvk := target.GetObjectKind().GroupVersionKind() + if owner.Kind == gvk.Kind && owner.APIVersion == gvk.Version { + if owner.Name == target.GetName() && owner.UID == target.GetUID() { + return false + } + + conflicts = true + } + } + + return conflicts +} + +// Adoptable checks whether a resource with the given set of OwnerReferences is "adoptable" by +// the target OwnerReference. This function returns true if there exists an element in owners +// referencing the same kind target does, otherwise it returns false. +func Adoptable(target Owner, owners []metav1.OwnerReference) bool { + if len(owners) == 0 { + // Resources with no owners are not adoptable + return false + } + + // Infer TypeMeta for the target + if err := InferGroupVersionKind(target); err != nil { + log.Warn(err.Error()) + } + + for _, owner := range owners { + gvk := target.GetObjectKind().GroupVersionKind() + if owner.Kind == gvk.Kind { + return true + } + } + + return false +} + +// AddNonBlockingOwner adds a nonblocking owner to the ownerref list. +func AddNonBlockingOwner(object metav1.Object, owner Owner) { + ownerRefs := object.GetOwnerReferences() + if ownerRefs == nil { + ownerRefs = []metav1.OwnerReference{} + } + + // Infer TypeMeta for the target + if err := InferGroupVersionKind(owner); err != nil { + log.Warn(err.Error()) + } + gvk := owner.GetObjectKind().GroupVersionKind() + + for _, item := range ownerRefs { + if item.Kind == gvk.Kind { + if item.Name == owner.GetName() && item.UID == owner.GetUID() { + return + } + } + } + ownerRefs = append(ownerRefs, NonBlockingOwner(owner)) + object.SetOwnerReferences(ownerRefs) +} + +// NonBlockingOwner returns an ownerrefence to be added to an ownerref list +func NonBlockingOwner(owner Owner) metav1.OwnerReference { + // Most of the time we won't have TypeMeta on the object, so we infer it for types we know about + if err := InferGroupVersionKind(owner); err != nil { + log.Warn(err.Error()) + } + + gvk := owner.GetObjectKind().GroupVersionKind() + apiVersion, kind := gvk.ToAPIVersionAndKind() + + return metav1.OwnerReference{ + APIVersion: apiVersion, + Kind: kind, + Name: owner.GetName(), + UID: owner.GetUID(), + BlockOwnerDeletion: &DontBlockOwnerDeletion, + Controller: &NotController, + } +} + +// OwnerLabel returns a label added to generated objects for later querying +func OwnerLabel(owner Owner, kind string) map[string]string { + return map[string]string{ + OwnerKey: owner.GetName(), + OwnerNamespaceKey: owner.GetNamespace(), + OwnerKind: kind, + } +} + +// AddOwnerLabels adds ownerref-like labels to an object +func AddOwnerLabels(object metav1.Object, owner Owner) error { + err := InferGroupVersionKind(owner) + if err != nil { + return err + } + labels := object.GetLabels() + if labels == nil { + labels = map[string]string{} + } + for key, val := range OwnerLabel(owner, owner.GetObjectKind().GroupVersionKind().Kind) { + labels[key] = val + } + object.SetLabels(labels) + return nil +} + +// IsOwnedByKindLabel returns whether or not a label exists on the object pointing to an owner of a particular kind +func IsOwnedByKindLabel(object metav1.Object, ownerKind string) bool { + if object.GetLabels() == nil { + return false + } + return object.GetLabels()[OwnerKind] == ownerKind +} + +// AdoptableLabels determines if an OLM managed resource is adoptable by any of the given targets based on its owner labels. +// The checkName perimeter enables an additional check for name equality with the `olm.owner` label. +// Generally used for cross-namespace ownership and for Cluster -> Namespace scope. +func AdoptableLabels(labels map[string]string, checkName bool, targets ...Owner) bool { + if len(labels) == 0 { + // Resources with no owners are not adoptable + return false + } + + for _, target := range targets { + if err := InferGroupVersionKind(target); err != nil { + log.Warn(err.Error()) + } + if labels[OwnerKind] == target.GetObjectKind().GroupVersionKind().Kind && + labels[OwnerNamespaceKey] == target.GetNamespace() && + (!checkName || labels[OwnerKey] == target.GetName()) { + return true + } + } + + return false +} + +// CSVOwnerSelector returns a label selector to find generated objects owned by owner +func CSVOwnerSelector(owner *v1alpha1.ClusterServiceVersion) labels.Selector { + return labels.SelectorFromSet(OwnerLabel(owner, v1alpha1.ClusterServiceVersionKind)) +} + +// AddOwner adds an owner to the ownerref list. +func AddOwner(object metav1.Object, owner Owner, blockOwnerDeletion, isController bool) { + // Most of the time we won't have TypeMeta on the object, so we infer it for types we know about + if err := InferGroupVersionKind(owner); err != nil { + log.Warn(err.Error()) + } + + ownerRefs := object.GetOwnerReferences() + if ownerRefs == nil { + ownerRefs = []metav1.OwnerReference{} + } + gvk := owner.GetObjectKind().GroupVersionKind() + apiVersion, kind := gvk.ToAPIVersionAndKind() + ownerRefs = append(ownerRefs, metav1.OwnerReference{ + APIVersion: apiVersion, + Kind: kind, + Name: owner.GetName(), + UID: owner.GetUID(), + BlockOwnerDeletion: &blockOwnerDeletion, + Controller: &isController, + }) + object.SetOwnerReferences(ownerRefs) +} + +// EnsureOwner adds a new owner if needed and returns whether the object already had the owner. +func EnsureOwner(object metav1.Object, owner Owner) bool { + if IsOwnedBy(object, owner) { + return true + } else { + AddNonBlockingOwner(object, owner) + return false + } +} + +// InferGroupVersionKind adds TypeMeta to an owner so that it can be written to an ownerref. +// TypeMeta is generally only known at serialization time, so we often won't know what GVK an owner has. +// For the types we know about, we can add the GVK of the apis that we're using the interact with the object. +func InferGroupVersionKind(obj runtime.Object) error { + objectKind := obj.GetObjectKind() + if !objectKind.GroupVersionKind().Empty() { + // objectKind already has TypeMeta, no inference needed + return nil + } + + switch obj.(type) { + case *corev1.Service: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "", + Version: "v1", + Kind: "Service", + }) + case *corev1.ServiceAccount: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "", + Version: "v1", + Kind: "ServiceAccount", + }) + case *rbac.ClusterRole: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "rbac.authorization.k8s.io", + Version: "v1", + Kind: "ClusterRole", + }) + case *rbac.ClusterRoleBinding: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "rbac.authorization.k8s.io", + Version: "v1", + Kind: "ClusterRoleBinding", + }) + case *rbac.Role: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "rbac.authorization.k8s.io", + Version: "v1", + Kind: "Role", + }) + case *rbac.RoleBinding: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "rbac.authorization.k8s.io", + Version: "v1", + Kind: "RoleBinding", + }) + case *v1alpha1.ClusterServiceVersion: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + }) + case *v1alpha1.InstallPlan: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.InstallPlanKind, + }) + case *v1alpha1.Subscription: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.SubscriptionKind, + }) + case *v1alpha1.CatalogSource: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: v1alpha1.GroupName, + Version: v1alpha1.GroupVersion, + Kind: v1alpha1.CatalogSourceKind, + }) + case *v1.OperatorGroup: + objectKind.SetGroupVersionKind(schema.GroupVersionKind{ + Group: v1.GroupName, + Version: v1.GroupVersion, + Kind: "OperatorGroup", + }) + default: + return fmt.Errorf("could not infer GVK for object: %#v, %#v", obj, objectKind) + } + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil/util_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil/util_test.go new file mode 100644 index 000000000..066b3c578 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil/util_test.go @@ -0,0 +1,7 @@ +package ownerutil + +import "testing" + +func TestIsOwnedBy(t *testing.T) { + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/config.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/config.go new file mode 100644 index 000000000..e76611915 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/config.go @@ -0,0 +1,216 @@ +package queueinformer + +import ( + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "k8s.io/client-go/discovery" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" + "github.com/operator-framework/operator-lifecycle-manager/pkg/metrics" +) + +type queueInformerConfig struct { + provider metrics.MetricsProvider + logger *logrus.Logger + queue workqueue.RateLimitingInterface + informer cache.SharedIndexInformer + indexer cache.Indexer + keyFunc KeyFunc + syncer kubestate.Syncer +} + +// Option applies an option to the given queue informer config. +type Option func(config *queueInformerConfig) + +// apply sequentially applies the given options to the config. +func (c *queueInformerConfig) apply(options []Option) { + for _, option := range options { + option(c) + } +} + +func newInvalidConfigError(msg string) error { + return errors.Errorf("invalid queue informer config: %s", msg) +} + +func (c *queueInformerConfig) complete() { + if c.indexer == nil && c.informer != nil { + // Extract indexer from informer if + c.indexer = c.informer.GetIndexer() + } +} + +// validate returns an error if the config isn't valid. +func (c *queueInformerConfig) validate() (err error) { + switch config := c; { + case config.provider == nil: + err = newInvalidConfigError("nil metrics provider") + case config.logger == nil: + err = newInvalidConfigError("nil logger") + case config.queue == nil: + err = newInvalidConfigError("nil queue") + case config.indexer == nil && config.informer == nil: + err = newInvalidConfigError("nil indexer and informer") + case config.keyFunc == nil: + err = newInvalidConfigError("nil key function") + case config.syncer == nil: + err = newInvalidConfigError("nil syncer") + } + + return +} + +func defaultKeyFunc(obj interface{}) (string, bool) { + // Get keys nested in resource events up to depth 2 + keyable := false + for d := 0; d < 2 && !keyable; d++ { + switch v := obj.(type) { + case string: + return v, true + case kubestate.ResourceEvent: + obj = v.Resource() + default: + keyable = true + } + } + + k, err := cache.DeletionHandlingMetaNamespaceKeyFunc(obj) + if err != nil { + return k, false + } + + return k, true +} + +func defaultConfig() *queueInformerConfig { + return &queueInformerConfig{ + provider: metrics.NewMetricsNil(), + queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "default"), + logger: logrus.New(), + keyFunc: defaultKeyFunc, + } +} + +// WithMetricsProvider configures the QueueInformer's MetricsProvider as provider. +func WithMetricsProvider(provider metrics.MetricsProvider) Option { + return func(config *queueInformerConfig) { + config.provider = provider + } +} + +// WithLogger configures logger as the QueueInformer's Logger. +func WithLogger(logger *logrus.Logger) Option { + return func(config *queueInformerConfig) { + config.logger = logger + } +} + +// WithQueue sets the queue used by a QueueInformer. +func WithQueue(queue workqueue.RateLimitingInterface) Option { + return func(config *queueInformerConfig) { + config.queue = queue + } +} + +// WithInformer sets the informer used by a QueueInformer. +func WithInformer(informer cache.SharedIndexInformer) Option { + return func(config *queueInformerConfig) { + config.informer = informer + } +} + +// WithIndexer sets the indexer used by a QueueInformer. +func WithIndexer(indexer cache.Indexer) Option { + return func(config *queueInformerConfig) { + config.indexer = indexer + } +} + +// WithKeyFunc sets the key func used by a QueueInformer. +func WithKeyFunc(keyFunc KeyFunc) Option { + return func(config *queueInformerConfig) { + config.keyFunc = keyFunc + } +} + +// WithSyncer sets the syncer invoked by a QueueInformer. +func WithSyncer(syncer kubestate.Syncer) Option { + return func(config *queueInformerConfig) { + config.syncer = syncer + } +} + +type operatorConfig struct { + discovery discovery.DiscoveryInterface + queueInformers []*QueueInformer + informers []cache.SharedIndexInformer + logger *logrus.Logger + numWorkers int +} + +type OperatorOption func(*operatorConfig) + +// apply sequentially applies the given options to the config. +func (c *operatorConfig) apply(options []OperatorOption) { + for _, option := range options { + option(c) + } +} + +func newInvalidOperatorConfigError(msg string) error { + return errors.Errorf("invalid queue informer operator config: %s", msg) +} + +// WithOperatorLogger sets the logger used by an Operator. +func WithOperatorLogger(logger *logrus.Logger) OperatorOption { + return func(config *operatorConfig) { + config.logger = logger + } +} + +// WithQueueInformers registers a set of initial QueueInformers with an Operator. +// If the QueueInformer is configured with a SharedIndexInformer, that SharedIndexInformer +// is registered with the Operator automatically. +func WithQueueInformers(queueInformers ...*QueueInformer) OperatorOption { + return func(config *operatorConfig) { + config.queueInformers = queueInformers + } +} + +// WithQueueInformers registers a set of initial Informers with an Operator. +func WithInformers(informers ...cache.SharedIndexInformer) OperatorOption { + return func(config *operatorConfig) { + config.informers = informers + } +} + +// WithNumWorkers sets the number of workers an Operator uses to process each queue. +// It translates directly to the number of queue items processed in parallel for a given queue. +// Specifying zero or less workers is an invariant and will cause an error upon configuration. +// Specifying one worker indicates that each queue will only have one item processed at a time. +func WithNumWorkers(numWorkers int) OperatorOption { + return func(config *operatorConfig) { + config.numWorkers = numWorkers + } +} + +// validate returns an error if the config isn't valid. +func (c *operatorConfig) validate() (err error) { + switch config := c; { + case config.discovery == nil: + err = newInvalidOperatorConfigError("discovery client nil") + case config.numWorkers < 1: + err = newInvalidOperatorConfigError("must specify at least one worker per queue") + } + + return +} + +func defaultOperatorConfig() *operatorConfig { + return &operatorConfig{ + logger: logrus.New(), + numWorkers: 2, + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/config_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/config_test.go new file mode 100644 index 000000000..ab31e131d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/config_test.go @@ -0,0 +1,114 @@ +package queueinformer + +import ( + "testing" + + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/tools/cache" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" +) + +func TestDefaultKeyFunc(t *testing.T) { + tests := []struct { + description string + obj interface{} + expectedKey string + expectedCreated bool + }{ + { + description: "String/Created", + obj: "a-string-key", + expectedKey: "a-string-key", + expectedCreated: true, + }, + { + description: "ExplicitKey/Created", + obj: cache.ExplicitKey("an-explicit-key"), + expectedKey: "an-explicit-key", + expectedCreated: true, + }, + { + description: "Meta/Created", + obj: &corev1.Pod{ObjectMeta: metav1.ObjectMeta{Namespace: "default", Name: "a-pod"}}, + expectedKey: "default/a-pod", + expectedCreated: true, + }, + { + description: "Meta/NonNamespaced/Created", + obj: &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: "a-namespace"}}, + expectedKey: "a-namespace", + expectedCreated: true, + }, + { + description: "ResourceEvent/String/Created", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, "a-string-key"), + expectedKey: "a-string-key", + expectedCreated: true, + }, + { + description: "ResourceEvent/ExplicitKey/Created", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, cache.ExplicitKey("an-explicit-key")), + expectedKey: "an-explicit-key", + expectedCreated: true, + }, + { + description: "ResourceEvent/Meta/Created", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, &corev1.Pod{ObjectMeta: metav1.ObjectMeta{Namespace: "default", Name: "a-pod"}}), + expectedKey: "default/a-pod", + expectedCreated: true, + }, + { + description: "ResourceEvent/Meta/NonNamespaced/Created", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: "a-namespace"}}), + expectedKey: "a-namespace", + expectedCreated: true, + }, + { + description: "ResourceEvent/ResourceEvent/ExplicitKey/Created", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, kubestate.NewResourceEvent(kubestate.ResourceAdded, cache.ExplicitKey("an-explicit-key"))), + expectedKey: "an-explicit-key", + expectedCreated: true, + }, + { + description: "ResourceEvent/ResourceEvent/Meta/Created", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, kubestate.NewResourceEvent(kubestate.ResourceAdded, &corev1.Pod{ObjectMeta: metav1.ObjectMeta{Namespace: "default", Name: "a-pod"}})), + expectedKey: "default/a-pod", + expectedCreated: true, + }, + { + description: "Arbitrary/NotCreated", + obj: struct{}{}, + expectedKey: "", + expectedCreated: false, + }, + { + description: "ResourceEvent/Arbitrary/NotCreated", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, struct{}{}), + expectedKey: "", + expectedCreated: false, + }, + { + description: "ResourceEvent/ResourceEvent/Arbitrary/NotCreated", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, kubestate.NewResourceEvent(kubestate.ResourceAdded, struct{}{})), + expectedKey: "", + expectedCreated: false, + }, + { + description: "ResourceEvent/ResourceEvent/ResourceEvent/String/NotCreated", + obj: kubestate.NewResourceEvent(kubestate.ResourceAdded, kubestate.NewResourceEvent(kubestate.ResourceAdded, kubestate.NewResourceEvent(kubestate.ResourceAdded, &corev1.Pod{ObjectMeta: metav1.ObjectMeta{Namespace: "default", Name: "a-pod"}}))), + expectedKey: "", + expectedCreated: false, + }, + } + + for _, tt := range tests { + t.Run(tt.description, func(t *testing.T) { + key, created := defaultKeyFunc(tt.obj) + require.Equal(t, tt.expectedKey, key) + require.Equal(t, tt.expectedCreated, created) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/loop_id.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/loop_id.go new file mode 100644 index 000000000..a909f6c8c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/loop_id.go @@ -0,0 +1,14 @@ +package queueinformer + +import ( + "encoding/base64" + "math/rand" +) + +func NewLoopID() string { + len := 5 + buff := make([]byte, len) + rand.Read(buff) + str := base64.StdEncoding.EncodeToString(buff) + return str[:len] +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/queueinformer.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/queueinformer.go new file mode 100644 index 000000000..0f099e7c3 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/queueinformer.go @@ -0,0 +1,173 @@ +package queueinformer + +import ( + "context" + "fmt" + + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" + "github.com/operator-framework/operator-lifecycle-manager/pkg/metrics" +) + +// KeyFunc returns a key for the given object and a bool which is true if the key was +// successfully generated and false otherwise. +type KeyFunc func(obj interface{}) (string, bool) + +// QueueInformer ties an informer to a queue in order to process events from the informer +// the informer watches objects of interest and adds objects to the queue for processing +// the syncHandler is called for all objects on the queue +type QueueInformer struct { + metrics.MetricsProvider + + logger *logrus.Logger + queue workqueue.RateLimitingInterface + informer cache.SharedIndexInformer + indexer cache.Indexer + keyFunc KeyFunc + syncer kubestate.Syncer +} + +// Sync invokes all registered sync handlers in the QueueInformer's chain +func (q *QueueInformer) Sync(ctx context.Context, event kubestate.ResourceEvent) error { + return q.syncer.Sync(ctx, event) +} + +// Enqueue adds a key to the queue. If obj is a key already it gets added directly. +// Otherwise, the key is extracted via keyFunc. +func (q *QueueInformer) Enqueue(event kubestate.ResourceEvent) { + if event == nil { + // Don't enqueue nil events + return + } + + resource := event.Resource() + if event.Type() == kubestate.ResourceDeleted { + // Get object from tombstone if possible + if tombstone, ok := resource.(cache.DeletedFinalStateUnknown); ok { + resource = tombstone + } + } else { + // Extract key for add and update events + if key, ok := q.key(resource); ok { + resource = key + } + } + + // Create new resource event and add to queue + e := kubestate.NewResourceEvent(event.Type(), resource) + q.logger.WithField("event", e).Trace("enqueuing resource event") + q.queue.Add(e) +} + +// key turns an object into a key for the indexer. +func (q *QueueInformer) key(obj interface{}) (string, bool) { + return q.keyFunc(obj) +} + +// resourceHandlers provides the default implementation for responding to events +// these simply Log the event and add the object's key to the queue for later processing. +func (q *QueueInformer) resourceHandlers(ctx context.Context) *cache.ResourceEventHandlerFuncs { + return &cache.ResourceEventHandlerFuncs{ + AddFunc: func(obj interface{}) { + q.Enqueue(kubestate.NewResourceEvent(kubestate.ResourceUpdated, obj)) + }, + UpdateFunc: func(oldObj, newObj interface{}) { + q.Enqueue(kubestate.NewResourceEvent(kubestate.ResourceUpdated, newObj)) + }, + DeleteFunc: func(obj interface{}) { + q.Enqueue(kubestate.NewResourceEvent(kubestate.ResourceDeleted, obj)) + }, + } +} + +// metricHandlers provides the default implementation for handling metrics in response to events. +func (q *QueueInformer) metricHandlers() *cache.ResourceEventHandlerFuncs { + return &cache.ResourceEventHandlerFuncs{ + AddFunc: func(obj interface{}) { + if err := q.HandleMetrics(); err != nil { + q.logger.WithError(err).WithField("key", obj).Warn("error handling metrics on add event") + } + }, + DeleteFunc: func(obj interface{}) { + if err := q.HandleMetrics(); err != nil { + q.logger.WithError(err).WithField("key", obj).Warn("error handling metrics on delete event") + } + }, + UpdateFunc: func(oldObj, newObj interface{}) { + if err := q.HandleMetrics(); err != nil { + q.logger.WithError(err).WithField("key", newObj).Warn("error handling metrics on update event") + } + }, + } +} + +// NewQueueInformer returns a new QueueInformer configured with options. +func NewQueueInformer(ctx context.Context, options ...Option) (*QueueInformer, error) { + // Get default config and apply given options + config := defaultConfig() + config.apply(options) + config.complete() + + return newQueueInformerFromConfig(ctx, config) +} + +func newQueueInformerFromConfig(ctx context.Context, config *queueInformerConfig) (*QueueInformer, error) { + if err := config.validate(); err != nil { + return nil, err + } + + // Extract config + queueInformer := &QueueInformer{ + MetricsProvider: config.provider, + logger: config.logger, + queue: config.queue, + indexer: config.indexer, + informer: config.informer, + keyFunc: config.keyFunc, + syncer: config.syncer, + } + + // Register event handlers for resource and metrics + if queueInformer.informer != nil { + queueInformer.informer.AddEventHandler(queueInformer.resourceHandlers(ctx)) + queueInformer.informer.AddEventHandler(queueInformer.metricHandlers()) + } + + return queueInformer, nil +} + +// LegacySyncHandler is a deprecated signature for syncing resources. +type LegacySyncHandler func(obj interface{}) error + +// ToSyncer returns the Syncer equivalent of the sync handler. +func (l LegacySyncHandler) ToSyncer() kubestate.Syncer { + return l.ToSyncerWithDelete(nil) +} + +// ToSyncerWithDelete returns the Syncer equivalent of the given sync handler and delete function. +func (l LegacySyncHandler) ToSyncerWithDelete(onDelete func(obj interface{})) kubestate.Syncer { + var syncer kubestate.SyncFunc = func(ctx context.Context, event kubestate.ResourceEvent) error { + logrus.New().WithField("event", fmt.Sprintf("%+v", event)).Trace("legacy syncer received event") + switch event.Type() { + case kubestate.ResourceDeleted: + if onDelete != nil { + onDelete(event.Resource()) + } + case kubestate.ResourceAdded: + // Added and updated are treated the same + fallthrough + case kubestate.ResourceUpdated: + return l(event.Resource()) + default: + return errors.Errorf("unexpected resource event type: %s", event.Type()) + } + + return nil + } + + return syncer +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/queueinformer_operator.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/queueinformer_operator.go new file mode 100644 index 000000000..66c271d7e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/queueinformer_operator.go @@ -0,0 +1,325 @@ +package queueinformer + +import ( + "context" + "fmt" + "sync" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/client-go/discovery" + "k8s.io/client-go/tools/cache" +) + +// Operator describes a Reconciler that manages a set of QueueInformers. +type Operator interface { + // Ready returns a channel that is closed when the Operator is ready to run. + Ready() <-chan struct{} + + // Done returns a channel that is closed when the Operator is done running. + Done() <-chan struct{} + + // AtLevel returns a channel that emits errors when the Operator is not at level. + AtLevel() <-chan error + + // Started returns true if RunInformers() has been called, false otherwise. + Started() bool + + // HasSynced returns true if the Operator's Informers have synced, false otherwise. + HasSynced() bool + + // RegisterQueueInformer registers the given QueueInformer with the Operator. + // This method returns an error if the Operator has already been started. + RegisterQueueInformer(queueInformer *QueueInformer) error + + // RegisterInformer registers an informer with the Operator. + // This method returns an error if the Operator has already been started. + RegisterInformer(cache.SharedIndexInformer) error + + // RunInformers starts the Operator's underlying Informers. + RunInformers(ctx context.Context) + + // Run starts the Operator and its underlying Informers. + Run(ctx context.Context) +} + +type operator struct { + discovery discovery.DiscoveryInterface + queueInformers []*QueueInformer + informers []cache.SharedIndexInformer + hasSynced cache.InformerSynced + mu sync.RWMutex + numWorkers int + runInformersOnce sync.Once + reconcileOnce sync.Once + logger *logrus.Logger + ready chan struct{} + done chan struct{} + atLevel chan error + syncCh chan error + started bool +} + +func (o *operator) Ready() <-chan struct{} { + return o.ready +} + +func (o *operator) Done() <-chan struct{} { + return o.done +} + +func (o *operator) AtLevel() <-chan error { + return o.atLevel +} + +func (o *operator) HasSynced() bool { + return o.hasSynced() +} + +func (o *operator) Started() bool { + o.mu.RLock() + defer o.mu.RUnlock() + + return o.started +} + +func (o *operator) RegisterQueueInformer(queueInformer *QueueInformer) error { + o.mu.Lock() + defer o.mu.Unlock() + + err := errors.New("failed to register queue informer") + if queueInformer == nil { + return errors.Wrap(err, "nil queue informer") + } + + if o.started { + return errors.Wrap(err, "operator already started") + } + + o.queueInformers = append(o.queueInformers, queueInformer) + + // Some QueueInformers do not have informers associated with them. + // Only add to the list of informers when one exists. + if informer := queueInformer.informer; informer != nil { + o.registerInformer(informer) + } + + return nil +} + +func (o *operator) RegisterInformer(informer cache.SharedIndexInformer) error { + o.mu.Lock() + defer o.mu.Unlock() + + err := errors.New("failed to register informer") + if informer == nil { + return errors.Wrap(err, "nil informer") + } + + if o.started { + return errors.Wrap(err, "operator already started") + } + + o.registerInformer(informer) + + return nil +} + +func (o *operator) registerInformer(informer cache.SharedIndexInformer) { + o.informers = append(o.informers, informer) + o.addHasSynced(informer.HasSynced) +} + +func (o *operator) addHasSynced(hasSynced cache.InformerSynced) { + if o.hasSynced == nil { + o.hasSynced = hasSynced + return + } + + prev := o.hasSynced + o.hasSynced = func() bool { + return prev() && hasSynced() + } +} + +func (o *operator) RunInformers(ctx context.Context) { + o.runInformersOnce.Do(func() { + o.mu.Lock() + defer o.mu.Unlock() + for _, informer := range o.informers { + go informer.Run(ctx.Done()) + } + + o.started = true + o.logger.Infof("informers started") + }) +} + +// Run starts the operator's control loops. +func (o *operator) Run(ctx context.Context) { + o.reconcileOnce.Do(func() { + go o.run(ctx) + }) +} + +func (o *operator) run(ctx context.Context) { + defer func() { + close(o.atLevel) + close(o.done) + }() + + for _, queueInformer := range o.queueInformers { + defer queueInformer.queue.ShutDown() + } + + errs := make(chan error) + go func() { + defer close(errs) + v, err := o.discovery.ServerVersion() + if err != nil { + errs <- errors.Wrap(err, "communicating with server failed") + return + } + o.logger.Infof("connection established. cluster-version: %v", v) + }() + + select { + case err := <-errs: + if err != nil { + o.logger.Infof("operator not ready: %s", err.Error()) + return + } + o.logger.Info("operator ready") + case <-ctx.Done(): + return + } + + o.logger.Info("starting informers...") + o.RunInformers(ctx) + + o.logger.Info("waiting for caches to sync...") + if ok := cache.WaitForCacheSync(ctx.Done(), o.hasSynced); !ok { + o.logger.Info("failed to wait for caches to sync") + return + } + + o.logger.Info("starting workers...") + for _, queueInformer := range o.queueInformers { + for w := 0; w < o.numWorkers; w++ { + go o.worker(ctx, queueInformer) + } + } + + close(o.ready) + <-ctx.Done() +} + +// worker runs a worker thread that just dequeues items, processes them, and marks them done. +// It enforces that the syncHandler is never invoked concurrently with the same key. +func (o *operator) worker(ctx context.Context, loop *QueueInformer) { + for o.processNextWorkItem(ctx, loop) { + } +} + +func (o *operator) processNextWorkItem(ctx context.Context, loop *QueueInformer) bool { + queue := loop.queue + item, quit := queue.Get() + + if quit { + return false + } + defer queue.Done(item) + + logger := o.logger.WithField("item", item) + logger.WithField("queue-length", queue.Len()).Trace("popped queue") + + event, ok := item.(kubestate.ResourceEvent) + if !ok || event.Type() != kubestate.ResourceDeleted { + // Get the key + key, keyable := loop.key(item) + if !keyable { + logger.WithField("item", item).Warn("could not form key") + queue.Forget(item) + return true + } + + logger = logger.WithField("cache-key", key) + + // Get the current cached version of the resource + resource, exists, err := loop.indexer.GetByKey(key) + if err != nil { + logger.WithError(err).Error("cache get failed") + queue.Forget(item) + return true + } + if !exists { + logger.WithField("existing-cache-keys", loop.indexer.ListKeys()).Debug("cache get failed, key not in cache") + queue.Forget(item) + return true + } + + if !ok { + event = kubestate.NewResourceEvent(kubestate.ResourceUpdated, resource) + } else { + event = kubestate.NewResourceEvent(event.Type(), resource) + } + } + + // Sync and requeue on error (throw out failed deletion syncs) + err := loop.Sync(ctx, event) + if requeues := queue.NumRequeues(item); err != nil && requeues < 8 && event.Type() != kubestate.ResourceDeleted { + logger.WithField("requeues", requeues).Trace("requeuing with rate limiting") + utilruntime.HandleError(errors.Wrap(err, fmt.Sprintf("sync %q failed", item))) + queue.AddRateLimited(item) + return true + } + queue.Forget(item) + + select { + case o.syncCh <- err: + default: + } + + return true +} + +// NewOperator returns a new Operator configured to manage the cluster with the given discovery client. +func NewOperator(disc discovery.DiscoveryInterface, options ...OperatorOption) (Operator, error) { + config := defaultOperatorConfig() + config.discovery = disc + config.apply(options) + if err := config.validate(); err != nil { + return nil, err + } + + return newOperatorFromConfig(config) + +} + +func newOperatorFromConfig(config *operatorConfig) (Operator, error) { + op := &operator{ + discovery: config.discovery, + numWorkers: config.numWorkers, + logger: config.logger, + ready: make(chan struct{}), + done: make(chan struct{}), + atLevel: make(chan error, 25), + } + op.syncCh = op.atLevel + + // Register QueueInformers and Informers + for _, queueInformer := range op.queueInformers { + if err := op.RegisterQueueInformer(queueInformer); err != nil { + return nil, err + } + } + for _, informer := range op.informers { + if err := op.RegisterInformer(informer); err != nil { + return nil, err + } + } + + return op, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/resourcequeue.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/resourcequeue.go new file mode 100644 index 000000000..766dfb6b8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer/resourcequeue.go @@ -0,0 +1,81 @@ +package queueinformer + +import ( + "fmt" + "strings" + "sync" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/util/workqueue" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/kubestate" +) + +// ResourceQueueSet is a set of workqueues that is assumed to be keyed by namespace +type ResourceQueueSet struct { + queueSet map[string]workqueue.RateLimitingInterface + mutex sync.RWMutex +} + +// NewResourceQueueSet returns a new queue set with the given queue map +func NewResourceQueueSet(queueSet map[string]workqueue.RateLimitingInterface) *ResourceQueueSet { + return &ResourceQueueSet{queueSet: queueSet} +} + +// NewEmptyResourceQueueSet returns a new queue set with an empty but initialized queue map +func NewEmptyResourceQueueSet() *ResourceQueueSet { + return &ResourceQueueSet{queueSet: make(map[string]workqueue.RateLimitingInterface)} +} + +// Set sets the queue at the given key +func (r *ResourceQueueSet) Set(key string, queue workqueue.RateLimitingInterface) { + r.mutex.Lock() + defer r.mutex.Unlock() + r.queueSet[key] = queue +} + +// Requeue requeues the resource in the set with the given name and namespace +func (r *ResourceQueueSet) Requeue(namespace, name string) error { + r.mutex.RLock() + defer r.mutex.RUnlock() + + // We can build the key directly, will need to change if queue uses different key scheme + key := fmt.Sprintf("%s/%s", namespace, name) + event := kubestate.NewResourceEvent(kubestate.ResourceUpdated, key) + + if queue, ok := r.queueSet[metav1.NamespaceAll]; len(r.queueSet) == 1 && ok { + queue.Add(event) + return nil + } + + if queue, ok := r.queueSet[namespace]; ok { + queue.Add(event) + return nil + } + + return fmt.Errorf("couldn't find queue for resource") +} + +// RequeueByKey adds the given key to the resource queue that should contain it +func (r *ResourceQueueSet) RequeueByKey(key string) error { + r.mutex.RLock() + defer r.mutex.RUnlock() + + event := kubestate.NewResourceEvent(kubestate.ResourceUpdated, key) + if queue, ok := r.queueSet[metav1.NamespaceAll]; len(r.queueSet) == 1 && ok { + queue.Add(event) + return nil + } + + parts := strings.Split(key, "/") + if len(parts) != 2 { + return fmt.Errorf("non-namespaced key %s cannot be used with namespaced queues", key) + } + + if queue, ok := r.queueSet[parts[0]]; ok { + queue.Add(event) + return nil + } + + return fmt.Errorf("couldn't find queue for resource") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/signals/signals.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/signals/signals.go new file mode 100644 index 000000000..fc9586650 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/lib/signals/signals.go @@ -0,0 +1,38 @@ +package signals + +import ( + "context" + "os" + "os/signal" + "sync" + "syscall" +) + +var ( + shutdownSignals = []os.Signal{os.Interrupt, syscall.SIGTERM} + signalCtx context.Context + cancel context.CancelFunc + once sync.Once +) + +// Context returns a Context registered to close on SIGTERM and SIGINT. +// If a second signal is caught, the program is terminated with exit code 1. +func Context() context.Context { + once.Do(func() { + c := make(chan os.Signal, 2) + signal.Notify(c, shutdownSignals...) + signalCtx, cancel = context.WithCancel(context.Background()) + go func() { + <-c + cancel() + + select { + case <-signalCtx.Done(): + case <-c: + os.Exit(1) // second signal. Exit directly. + } + }() + }) + + return signalCtx +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/metrics/metrics.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/metrics/metrics.go new file mode 100644 index 000000000..29a11bbc9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/metrics/metrics.go @@ -0,0 +1,146 @@ +package metrics + +import ( + "github.com/prometheus/client_golang/prometheus" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/listers/operators/v1alpha1" +) + +// TODO(alecmerdler): Can we use this to emit Kubernetes events? +type MetricsProvider interface { + HandleMetrics() error +} + +type metricsCSV struct { + lister v1alpha1.ClusterServiceVersionLister +} + +func NewMetricsCSV(lister v1alpha1.ClusterServiceVersionLister) MetricsProvider { + return &metricsCSV{lister} +} + +func (m *metricsCSV) HandleMetrics() error { + cList, err := m.lister.List(labels.Everything()) + if err != nil { + return err + } + csvCount.Set(float64(len(cList))) + return nil +} + +type metricsInstallPlan struct { + client versioned.Interface +} + +func NewMetricsInstallPlan(client versioned.Interface) MetricsProvider { + return &metricsInstallPlan{client} +} + +func (m *metricsInstallPlan) HandleMetrics() error { + cList, err := m.client.OperatorsV1alpha1().InstallPlans(metav1.NamespaceAll).List(metav1.ListOptions{}) + if err != nil { + return err + } + installPlanCount.Set(float64(len(cList.Items))) + return nil +} + +type metricsSubscription struct { + client versioned.Interface +} + +func NewMetricsSubscription(client versioned.Interface) MetricsProvider { + return &metricsSubscription{client} +} + +func (m *metricsSubscription) HandleMetrics() error { + cList, err := m.client.OperatorsV1alpha1().Subscriptions(metav1.NamespaceAll).List(metav1.ListOptions{}) + if err != nil { + return err + } + subscriptionCount.Set(float64(len(cList.Items))) + return nil +} + +type metricsCatalogSource struct { + client versioned.Interface +} + +func NewMetricsCatalogSource(client versioned.Interface) MetricsProvider { + return &metricsCatalogSource{client} + +} + +func (m *metricsCatalogSource) HandleMetrics() error { + cList, err := m.client.OperatorsV1alpha1().CatalogSources(metav1.NamespaceAll).List(metav1.ListOptions{}) + if err != nil { + return err + } + catalogSourceCount.Set(float64(len(cList.Items))) + return nil +} + +type MetricsNil struct{} + +func NewMetricsNil() MetricsProvider { + return &MetricsNil{} +} + +func (*MetricsNil) HandleMetrics() error { + return nil +} + +// To add new metrics: +// 1. Register new metrics in Register() below. +// 2. Add appropriate metric updates in HandleMetrics (or elsewhere instead). +var ( + csvCount = prometheus.NewGauge( + prometheus.GaugeOpts{ + Name: "csv_count", + Help: "Number of CSVs successfully registered", + }, + ) + + installPlanCount = prometheus.NewGauge( + prometheus.GaugeOpts{ + Name: "install_plan_count", + Help: "Number of install plans", + }, + ) + + subscriptionCount = prometheus.NewGauge( + prometheus.GaugeOpts{ + Name: "subscription_count", + Help: "Number of subscriptions", + }, + ) + + catalogSourceCount = prometheus.NewGauge( + prometheus.GaugeOpts{ + Name: "catalog_source_count", + Help: "Number of catalog sources", + }, + ) + + // exported since it's not handled by HandleMetrics + CSVUpgradeCount = prometheus.NewCounter( + prometheus.CounterOpts{ + Name: "csv_upgrade_count", + Help: "Monotonic count of CSV upgrades", + }, + ) +) + +func RegisterOLM() { + prometheus.MustRegister(csvCount) + prometheus.MustRegister(CSVUpgradeCount) +} + +func RegisterCatalog() { + prometheus.MustRegister(installPlanCount) + prometheus.MustRegister(subscriptionCount) + prometheus.MustRegister(catalogSourceCount) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/doc.go new file mode 100644 index 000000000..b098b2042 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/doc.go @@ -0,0 +1,2 @@ +// Package apps is the internal version of the API. +package apps diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/install/install.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/install/install.go new file mode 100644 index 000000000..36626aa27 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/install/install.go @@ -0,0 +1,16 @@ +package install + +import ( + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" +) + +// Install registers API groups and adds types to a scheme. +func Install(scheme *runtime.Scheme) { + utilruntime.Must(apps.AddToScheme(scheme)) + utilruntime.Must(v1alpha1.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/register.go new file mode 100644 index 000000000..1598139f9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/register.go @@ -0,0 +1,38 @@ +package apps + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" +) + +var ( + Group = "packages.apps.redhat.com" + + // SchemeGroupVersion is the GroupVersion used to register this object + SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: runtime.APIVersionInternal} + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Kind takes an unqualified kind and returns the group-qualified kind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns the group-qualified resource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +// addKnownTypes adds the set of types defined in this package to the supplied scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + // Add types for each GroupVersion + scheme.AddKnownTypes(SchemeGroupVersion, + &operators.PackageManifest{}, + &operators.PackageManifestList{}, + ) + + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/doc.go new file mode 100644 index 000000000..39fd1d18b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators +// +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-gen=true + +// +groupName=apps.redhat.com +package v1alpha1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/packagemanifest_types.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/packagemanifest_types.go new file mode 100644 index 000000000..39373680c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/packagemanifest_types.go @@ -0,0 +1,125 @@ +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + operatorv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" +) + +// PackageManifestList is a list of PackageManifest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type PackageManifestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []PackageManifest `json:"items"` +} + +// PackageManifest holds information about a package, which is a reference to one (or more) +// channels under a single package. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type PackageManifest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec PackageManifestSpec `json:"spec,omitempty"` + Status PackageManifestStatus `json:"status,omitempty"` +} + +// PackageManifestSpec defines the desired state of PackageManifest +type PackageManifestSpec struct{} + +// PackageManifestStatus represents the current status of the PackageManifest +type PackageManifestStatus struct { + // CatalogSource is the name of the CatalogSource this package belongs to + CatalogSource string `json:"catalogSource"` + CatalogSourceDisplayName string `json:"catalogSourceDisplayName"` + CatalogSourcePublisher string `json:"catalogSourcePublisher"` + + // CatalogSourceNamespace is the namespace of the owning CatalogSource + CatalogSourceNamespace string `json:"catalogSourceNamespace"` + + // Provider is the provider of the PackageManifest's default CSV + Provider AppLink `json:"provider,omitempty"` + + // PackageName is the name of the overall package, ala `etcd`. + PackageName string `json:"packageName"` + + // Channels are the declared channels for the package, ala `stable` or `alpha`. + Channels []PackageChannel `json:"channels"` + + // DefaultChannel is, if specified, the name of the default channel for the package. The + // default channel will be installed if no other channel is explicitly given. If the package + // has a single channel, then that channel is implicitly the default. + DefaultChannel string `json:"defaultChannel"` +} + +// GetDefaultChannel gets the default channel or returns the only one if there's only one. returns empty string if it +// can't determine the default +func (m PackageManifest) GetDefaultChannel() string { + if m.Status.DefaultChannel != "" { + return m.Status.DefaultChannel + } + if len(m.Status.Channels) == 1 { + return m.Status.Channels[0].Name + } + return "" +} + +// PackageChannel defines a single channel under a package, pointing to a version of that +// package. +type PackageChannel struct { + // Name is the name of the channel, e.g. `alpha` or `stable` + Name string `json:"name"` + + // CurrentCSV defines a reference to the CSV holding the version of this package currently + // for the channel. + CurrentCSV string `json:"currentCSV"` + + // CurrentCSVSpec holds the spec of the current CSV + CurrentCSVDesc CSVDescription `json:"currentCSVDesc,omitempty"` +} + +// CSVDescription defines a description of a CSV +type CSVDescription struct { + // DisplayName is the CSV's display name + DisplayName string `json:"displayName,omitempty"` + + // Icon is the CSV's base64 encoded icon + Icon []Icon `json:"icon,omitempty"` + + // Version is the CSV's semantic version + Version version.OperatorVersion `json:"version,omitempty"` + + // Provider is the CSV's provider + Provider AppLink `json:"provider,omitempty"` + Annotations map[string]string `json:"annotations,omitempty"` + + // LongDescription is the CSV's description + LongDescription string `json:"description,omitempty"` + + // InstallModes specify supported installation types + InstallModes []operatorv1alpha1.InstallMode `json:"installModes,omitempty"` + + CustomResourceDefinitions operatorv1alpha1.CustomResourceDefinitions `json:"customresourcedefinitions,omitempty"` + APIServiceDefinitions operatorv1alpha1.APIServiceDefinitions `json:"apiservicedefinitions,omitempty"` +} + +// AppLink defines a link to an application +type AppLink struct { + Name string `json:"name,omitempty"` + URL string `json:"url,omitempty"` +} + +// Icon defines a base64 encoded icon and media type +type Icon struct { + Base64Data string `json:"base64data,omitempty"` + Mediatype string `json:"mediatype,omitempty"` +} + +// IsDefaultChannel returns true if the PackageChannel is the default for the PackageManifest +func (pc PackageChannel) IsDefaultChannel(pm PackageManifest) bool { + return pc.Name == pm.Status.DefaultChannel || len(pm.Status.Channels) == 1 +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/register.go new file mode 100644 index 000000000..9e4086468 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/register.go @@ -0,0 +1,43 @@ +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const ( + Group = "packages.apps.redhat.com" + Version = "v1alpha1" + PackageManifestKind = "PackageManifest" + PackageManifestListKind = "PackageManifestList" +) + +// SchemeGroupVersion is the group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +// Resource takes an unqualified resource and returns a Group-qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +// addKnownTypes adds the set of types defined in this package to the supplied scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypeWithName( + SchemeGroupVersion.WithKind(PackageManifestKind), + &PackageManifest{}, + ) + scheme.AddKnownTypeWithName( + SchemeGroupVersion.WithKind(PackageManifestListKind), + &PackageManifestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.conversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.conversion.go new file mode 100644 index 000000000..ffe38f47c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,342 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*AppLink)(nil), (*operators.AppLink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_AppLink_To_operators_AppLink(a.(*AppLink), b.(*operators.AppLink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.AppLink)(nil), (*AppLink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_AppLink_To_v1alpha1_AppLink(a.(*operators.AppLink), b.(*AppLink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*CSVDescription)(nil), (*operators.CSVDescription)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_CSVDescription_To_operators_CSVDescription(a.(*CSVDescription), b.(*operators.CSVDescription), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.CSVDescription)(nil), (*CSVDescription)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_CSVDescription_To_v1alpha1_CSVDescription(a.(*operators.CSVDescription), b.(*CSVDescription), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*Icon)(nil), (*operators.Icon)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_Icon_To_operators_Icon(a.(*Icon), b.(*operators.Icon), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.Icon)(nil), (*Icon)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_Icon_To_v1alpha1_Icon(a.(*operators.Icon), b.(*Icon), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageChannel)(nil), (*operators.PackageChannel)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_PackageChannel_To_operators_PackageChannel(a.(*PackageChannel), b.(*operators.PackageChannel), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageChannel)(nil), (*PackageChannel)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageChannel_To_v1alpha1_PackageChannel(a.(*operators.PackageChannel), b.(*PackageChannel), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifest)(nil), (*operators.PackageManifest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_PackageManifest_To_operators_PackageManifest(a.(*PackageManifest), b.(*operators.PackageManifest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifest)(nil), (*PackageManifest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifest_To_v1alpha1_PackageManifest(a.(*operators.PackageManifest), b.(*PackageManifest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifestList)(nil), (*operators.PackageManifestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_PackageManifestList_To_operators_PackageManifestList(a.(*PackageManifestList), b.(*operators.PackageManifestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifestList)(nil), (*PackageManifestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifestList_To_v1alpha1_PackageManifestList(a.(*operators.PackageManifestList), b.(*PackageManifestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifestSpec)(nil), (*operators.PackageManifestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_PackageManifestSpec_To_operators_PackageManifestSpec(a.(*PackageManifestSpec), b.(*operators.PackageManifestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifestSpec)(nil), (*PackageManifestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifestSpec_To_v1alpha1_PackageManifestSpec(a.(*operators.PackageManifestSpec), b.(*PackageManifestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifestStatus)(nil), (*operators.PackageManifestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_PackageManifestStatus_To_operators_PackageManifestStatus(a.(*PackageManifestStatus), b.(*operators.PackageManifestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifestStatus)(nil), (*PackageManifestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifestStatus_To_v1alpha1_PackageManifestStatus(a.(*operators.PackageManifestStatus), b.(*PackageManifestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_AppLink_To_operators_AppLink(in *AppLink, out *operators.AppLink, s conversion.Scope) error { + out.Name = in.Name + out.URL = in.URL + return nil +} + +// Convert_v1alpha1_AppLink_To_operators_AppLink is an autogenerated conversion function. +func Convert_v1alpha1_AppLink_To_operators_AppLink(in *AppLink, out *operators.AppLink, s conversion.Scope) error { + return autoConvert_v1alpha1_AppLink_To_operators_AppLink(in, out, s) +} + +func autoConvert_operators_AppLink_To_v1alpha1_AppLink(in *operators.AppLink, out *AppLink, s conversion.Scope) error { + out.Name = in.Name + out.URL = in.URL + return nil +} + +// Convert_operators_AppLink_To_v1alpha1_AppLink is an autogenerated conversion function. +func Convert_operators_AppLink_To_v1alpha1_AppLink(in *operators.AppLink, out *AppLink, s conversion.Scope) error { + return autoConvert_operators_AppLink_To_v1alpha1_AppLink(in, out, s) +} + +func autoConvert_v1alpha1_CSVDescription_To_operators_CSVDescription(in *CSVDescription, out *operators.CSVDescription, s conversion.Scope) error { + out.DisplayName = in.DisplayName + out.Icon = *(*[]operators.Icon)(unsafe.Pointer(&in.Icon)) + out.Version = in.Version + if err := Convert_v1alpha1_AppLink_To_operators_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations)) + out.LongDescription = in.LongDescription + out.InstallModes = *(*[]operatorsv1alpha1.InstallMode)(unsafe.Pointer(&in.InstallModes)) + out.CustomResourceDefinitions = in.CustomResourceDefinitions + out.APIServiceDefinitions = in.APIServiceDefinitions + return nil +} + +// Convert_v1alpha1_CSVDescription_To_operators_CSVDescription is an autogenerated conversion function. +func Convert_v1alpha1_CSVDescription_To_operators_CSVDescription(in *CSVDescription, out *operators.CSVDescription, s conversion.Scope) error { + return autoConvert_v1alpha1_CSVDescription_To_operators_CSVDescription(in, out, s) +} + +func autoConvert_operators_CSVDescription_To_v1alpha1_CSVDescription(in *operators.CSVDescription, out *CSVDescription, s conversion.Scope) error { + out.DisplayName = in.DisplayName + out.Icon = *(*[]Icon)(unsafe.Pointer(&in.Icon)) + out.Version = in.Version + if err := Convert_operators_AppLink_To_v1alpha1_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations)) + out.LongDescription = in.LongDescription + out.InstallModes = *(*[]operatorsv1alpha1.InstallMode)(unsafe.Pointer(&in.InstallModes)) + out.CustomResourceDefinitions = in.CustomResourceDefinitions + out.APIServiceDefinitions = in.APIServiceDefinitions + return nil +} + +// Convert_operators_CSVDescription_To_v1alpha1_CSVDescription is an autogenerated conversion function. +func Convert_operators_CSVDescription_To_v1alpha1_CSVDescription(in *operators.CSVDescription, out *CSVDescription, s conversion.Scope) error { + return autoConvert_operators_CSVDescription_To_v1alpha1_CSVDescription(in, out, s) +} + +func autoConvert_v1alpha1_Icon_To_operators_Icon(in *Icon, out *operators.Icon, s conversion.Scope) error { + out.Base64Data = in.Base64Data + out.Mediatype = in.Mediatype + return nil +} + +// Convert_v1alpha1_Icon_To_operators_Icon is an autogenerated conversion function. +func Convert_v1alpha1_Icon_To_operators_Icon(in *Icon, out *operators.Icon, s conversion.Scope) error { + return autoConvert_v1alpha1_Icon_To_operators_Icon(in, out, s) +} + +func autoConvert_operators_Icon_To_v1alpha1_Icon(in *operators.Icon, out *Icon, s conversion.Scope) error { + out.Base64Data = in.Base64Data + out.Mediatype = in.Mediatype + return nil +} + +// Convert_operators_Icon_To_v1alpha1_Icon is an autogenerated conversion function. +func Convert_operators_Icon_To_v1alpha1_Icon(in *operators.Icon, out *Icon, s conversion.Scope) error { + return autoConvert_operators_Icon_To_v1alpha1_Icon(in, out, s) +} + +func autoConvert_v1alpha1_PackageChannel_To_operators_PackageChannel(in *PackageChannel, out *operators.PackageChannel, s conversion.Scope) error { + out.Name = in.Name + out.CurrentCSV = in.CurrentCSV + if err := Convert_v1alpha1_CSVDescription_To_operators_CSVDescription(&in.CurrentCSVDesc, &out.CurrentCSVDesc, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_PackageChannel_To_operators_PackageChannel is an autogenerated conversion function. +func Convert_v1alpha1_PackageChannel_To_operators_PackageChannel(in *PackageChannel, out *operators.PackageChannel, s conversion.Scope) error { + return autoConvert_v1alpha1_PackageChannel_To_operators_PackageChannel(in, out, s) +} + +func autoConvert_operators_PackageChannel_To_v1alpha1_PackageChannel(in *operators.PackageChannel, out *PackageChannel, s conversion.Scope) error { + out.Name = in.Name + out.CurrentCSV = in.CurrentCSV + if err := Convert_operators_CSVDescription_To_v1alpha1_CSVDescription(&in.CurrentCSVDesc, &out.CurrentCSVDesc, s); err != nil { + return err + } + return nil +} + +// Convert_operators_PackageChannel_To_v1alpha1_PackageChannel is an autogenerated conversion function. +func Convert_operators_PackageChannel_To_v1alpha1_PackageChannel(in *operators.PackageChannel, out *PackageChannel, s conversion.Scope) error { + return autoConvert_operators_PackageChannel_To_v1alpha1_PackageChannel(in, out, s) +} + +func autoConvert_v1alpha1_PackageManifest_To_operators_PackageManifest(in *PackageManifest, out *operators.PackageManifest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_PackageManifestSpec_To_operators_PackageManifestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1alpha1_PackageManifestStatus_To_operators_PackageManifestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_PackageManifest_To_operators_PackageManifest is an autogenerated conversion function. +func Convert_v1alpha1_PackageManifest_To_operators_PackageManifest(in *PackageManifest, out *operators.PackageManifest, s conversion.Scope) error { + return autoConvert_v1alpha1_PackageManifest_To_operators_PackageManifest(in, out, s) +} + +func autoConvert_operators_PackageManifest_To_v1alpha1_PackageManifest(in *operators.PackageManifest, out *PackageManifest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_operators_PackageManifestSpec_To_v1alpha1_PackageManifestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_operators_PackageManifestStatus_To_v1alpha1_PackageManifestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_operators_PackageManifest_To_v1alpha1_PackageManifest is an autogenerated conversion function. +func Convert_operators_PackageManifest_To_v1alpha1_PackageManifest(in *operators.PackageManifest, out *PackageManifest, s conversion.Scope) error { + return autoConvert_operators_PackageManifest_To_v1alpha1_PackageManifest(in, out, s) +} + +func autoConvert_v1alpha1_PackageManifestList_To_operators_PackageManifestList(in *PackageManifestList, out *operators.PackageManifestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]operators.PackageManifest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_PackageManifestList_To_operators_PackageManifestList is an autogenerated conversion function. +func Convert_v1alpha1_PackageManifestList_To_operators_PackageManifestList(in *PackageManifestList, out *operators.PackageManifestList, s conversion.Scope) error { + return autoConvert_v1alpha1_PackageManifestList_To_operators_PackageManifestList(in, out, s) +} + +func autoConvert_operators_PackageManifestList_To_v1alpha1_PackageManifestList(in *operators.PackageManifestList, out *PackageManifestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]PackageManifest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_operators_PackageManifestList_To_v1alpha1_PackageManifestList is an autogenerated conversion function. +func Convert_operators_PackageManifestList_To_v1alpha1_PackageManifestList(in *operators.PackageManifestList, out *PackageManifestList, s conversion.Scope) error { + return autoConvert_operators_PackageManifestList_To_v1alpha1_PackageManifestList(in, out, s) +} + +func autoConvert_v1alpha1_PackageManifestSpec_To_operators_PackageManifestSpec(in *PackageManifestSpec, out *operators.PackageManifestSpec, s conversion.Scope) error { + return nil +} + +// Convert_v1alpha1_PackageManifestSpec_To_operators_PackageManifestSpec is an autogenerated conversion function. +func Convert_v1alpha1_PackageManifestSpec_To_operators_PackageManifestSpec(in *PackageManifestSpec, out *operators.PackageManifestSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_PackageManifestSpec_To_operators_PackageManifestSpec(in, out, s) +} + +func autoConvert_operators_PackageManifestSpec_To_v1alpha1_PackageManifestSpec(in *operators.PackageManifestSpec, out *PackageManifestSpec, s conversion.Scope) error { + return nil +} + +// Convert_operators_PackageManifestSpec_To_v1alpha1_PackageManifestSpec is an autogenerated conversion function. +func Convert_operators_PackageManifestSpec_To_v1alpha1_PackageManifestSpec(in *operators.PackageManifestSpec, out *PackageManifestSpec, s conversion.Scope) error { + return autoConvert_operators_PackageManifestSpec_To_v1alpha1_PackageManifestSpec(in, out, s) +} + +func autoConvert_v1alpha1_PackageManifestStatus_To_operators_PackageManifestStatus(in *PackageManifestStatus, out *operators.PackageManifestStatus, s conversion.Scope) error { + out.CatalogSource = in.CatalogSource + out.CatalogSourceDisplayName = in.CatalogSourceDisplayName + out.CatalogSourcePublisher = in.CatalogSourcePublisher + out.CatalogSourceNamespace = in.CatalogSourceNamespace + if err := Convert_v1alpha1_AppLink_To_operators_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.PackageName = in.PackageName + out.Channels = *(*[]operators.PackageChannel)(unsafe.Pointer(&in.Channels)) + out.DefaultChannel = in.DefaultChannel + return nil +} + +// Convert_v1alpha1_PackageManifestStatus_To_operators_PackageManifestStatus is an autogenerated conversion function. +func Convert_v1alpha1_PackageManifestStatus_To_operators_PackageManifestStatus(in *PackageManifestStatus, out *operators.PackageManifestStatus, s conversion.Scope) error { + return autoConvert_v1alpha1_PackageManifestStatus_To_operators_PackageManifestStatus(in, out, s) +} + +func autoConvert_operators_PackageManifestStatus_To_v1alpha1_PackageManifestStatus(in *operators.PackageManifestStatus, out *PackageManifestStatus, s conversion.Scope) error { + out.CatalogSource = in.CatalogSource + out.CatalogSourceDisplayName = in.CatalogSourceDisplayName + out.CatalogSourcePublisher = in.CatalogSourcePublisher + out.CatalogSourceNamespace = in.CatalogSourceNamespace + if err := Convert_operators_AppLink_To_v1alpha1_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.PackageName = in.PackageName + out.Channels = *(*[]PackageChannel)(unsafe.Pointer(&in.Channels)) + out.DefaultChannel = in.DefaultChannel + return nil +} + +// Convert_operators_PackageManifestStatus_To_v1alpha1_PackageManifestStatus is an autogenerated conversion function. +func Convert_operators_PackageManifestStatus_To_v1alpha1_PackageManifestStatus(in *operators.PackageManifestStatus, out *PackageManifestStatus, s conversion.Scope) error { + return autoConvert_operators_PackageManifestStatus_To_v1alpha1_PackageManifestStatus(in, out, s) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 000000000..0d0bc6452 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,213 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AppLink) DeepCopyInto(out *AppLink) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppLink. +func (in *AppLink) DeepCopy() *AppLink { + if in == nil { + return nil + } + out := new(AppLink) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CSVDescription) DeepCopyInto(out *CSVDescription) { + *out = *in + if in.Icon != nil { + in, out := &in.Icon, &out.Icon + *out = make([]Icon, len(*in)) + copy(*out, *in) + } + in.Version.DeepCopyInto(&out.Version) + out.Provider = in.Provider + if in.Annotations != nil { + in, out := &in.Annotations, &out.Annotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.InstallModes != nil { + in, out := &in.InstallModes, &out.InstallModes + *out = make([]operatorsv1alpha1.InstallMode, len(*in)) + copy(*out, *in) + } + in.CustomResourceDefinitions.DeepCopyInto(&out.CustomResourceDefinitions) + in.APIServiceDefinitions.DeepCopyInto(&out.APIServiceDefinitions) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSVDescription. +func (in *CSVDescription) DeepCopy() *CSVDescription { + if in == nil { + return nil + } + out := new(CSVDescription) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Icon) DeepCopyInto(out *Icon) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Icon. +func (in *Icon) DeepCopy() *Icon { + if in == nil { + return nil + } + out := new(Icon) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageChannel) DeepCopyInto(out *PackageChannel) { + *out = *in + in.CurrentCSVDesc.DeepCopyInto(&out.CurrentCSVDesc) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageChannel. +func (in *PackageChannel) DeepCopy() *PackageChannel { + if in == nil { + return nil + } + out := new(PackageChannel) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifest) DeepCopyInto(out *PackageManifest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifest. +func (in *PackageManifest) DeepCopy() *PackageManifest { + if in == nil { + return nil + } + out := new(PackageManifest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PackageManifest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestList) DeepCopyInto(out *PackageManifestList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PackageManifest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestList. +func (in *PackageManifestList) DeepCopy() *PackageManifestList { + if in == nil { + return nil + } + out := new(PackageManifestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PackageManifestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestSpec) DeepCopyInto(out *PackageManifestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestSpec. +func (in *PackageManifestSpec) DeepCopy() *PackageManifestSpec { + if in == nil { + return nil + } + out := new(PackageManifestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestStatus) DeepCopyInto(out *PackageManifestStatus) { + *out = *in + out.Provider = in.Provider + if in.Channels != nil { + in, out := &in.Channels, &out.Channels + *out = make([]PackageChannel, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestStatus. +func (in *PackageManifestStatus) DeepCopy() *PackageManifestStatus { + if in == nil { + return nil + } + out := new(PackageManifestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.defaults.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.defaults.go new file mode 100644 index 000000000..d43ad5fdc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,32 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/doc.go new file mode 100644 index 000000000..7b272ed51 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/doc.go @@ -0,0 +1 @@ +package apis diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/openapi/zz_generated.openapi.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/openapi/zz_generated.openapi.go new file mode 100644 index 000000000..c9dfb179b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/openapi/zz_generated.openapi.go @@ -0,0 +1,3127 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by openapi-gen. DO NOT EDIT. + +// This file was autogenerated by openapi-gen. Do not edit it manually! + +package openapi + +import ( + spec "github.com/go-openapi/spec" + version "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + common "k8s.io/kube-openapi/pkg/common" +) + +func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { + return map[string]common.OpenAPIDefinition{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIResourceReference": schema_api_apis_operators_v1alpha1_APIResourceReference(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDefinitions": schema_api_apis_operators_v1alpha1_APIServiceDefinitions(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDescription": schema_api_apis_operators_v1alpha1_APIServiceDescription(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.ActionDescriptor": schema_api_apis_operators_v1alpha1_ActionDescriptor(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CRDDescription": schema_api_apis_operators_v1alpha1_CRDDescription(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CustomResourceDefinitions": schema_api_apis_operators_v1alpha1_CustomResourceDefinitions(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.InstallMode": schema_api_apis_operators_v1alpha1_InstallMode(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.SpecDescriptor": schema_api_apis_operators_v1alpha1_SpecDescriptor(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.StatusDescriptor": schema_api_apis_operators_v1alpha1_StatusDescriptor(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version.OperatorVersion": schema_operator_lifecycle_manager_pkg_lib_version_OperatorVersion(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.AppLink": schema_package_server_apis_apps_v1alpha1_AppLink(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.CSVDescription": schema_package_server_apis_apps_v1alpha1_CSVDescription(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.Icon": schema_package_server_apis_apps_v1alpha1_Icon(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageChannel": schema_package_server_apis_apps_v1alpha1_PackageChannel(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifest": schema_package_server_apis_apps_v1alpha1_PackageManifest(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifestList": schema_package_server_apis_apps_v1alpha1_PackageManifestList(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifestSpec": schema_package_server_apis_apps_v1alpha1_PackageManifestSpec(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifestStatus": schema_package_server_apis_apps_v1alpha1_PackageManifestStatus(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.AppLink": schema_package_server_apis_operators_v1_AppLink(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.CSVDescription": schema_package_server_apis_operators_v1_CSVDescription(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.Icon": schema_package_server_apis_operators_v1_Icon(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageChannel": schema_package_server_apis_operators_v1_PackageChannel(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifest": schema_package_server_apis_operators_v1_PackageManifest(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifestList": schema_package_server_apis_operators_v1_PackageManifestList(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifestSpec": schema_package_server_apis_operators_v1_PackageManifestSpec(ref), + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifestStatus": schema_package_server_apis_operators_v1_PackageManifestStatus(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Initializer": schema_pkg_apis_meta_v1_Initializer(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Initializers": schema_pkg_apis_meta_v1_Initializers(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), + "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + } +} + +func schema_api_apis_operators_v1alpha1_APIResourceReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIResourceReference is a Kubernetes resource type used by a custom resource", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name", "kind", "version"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_api_apis_operators_v1alpha1_APIServiceDefinitions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIServiceDefinitions declares all of the extension apis managed or required by an operator being ran by ClusterServiceVersion.", + Properties: map[string]spec.Schema{ + "owned": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDescription"), + }, + }, + }, + }, + }, + "required": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDescription"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDescription"}, + } +} + +func schema_api_apis_operators_v1alpha1_APIServiceDescription(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIServiceDescription provides details to OLM about apis provided via aggregation", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "group": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "deploymentName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "containerPort": { + SchemaProps: spec.SchemaProps{ + Type: []string{"integer"}, + Format: "int32", + }, + }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIResourceReference"), + }, + }, + }, + }, + }, + "statusDescriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.StatusDescriptor"), + }, + }, + }, + }, + }, + "specDescriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.SpecDescriptor"), + }, + }, + }, + }, + }, + "actionDescriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.ActionDescriptor"), + }, + }, + }, + }, + }, + }, + Required: []string{"name", "group", "version", "kind"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIResourceReference", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.ActionDescriptor", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.SpecDescriptor", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.StatusDescriptor"}, + } +} + +func schema_api_apis_operators_v1alpha1_ActionDescriptor(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ActionDescriptor describes a declarative action that can be performed on a custom resource instance", + Properties: map[string]spec.Schema{ + "path": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "x-descriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "value": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + }, + Required: []string{"path"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_api_apis_operators_v1alpha1_CRDDescription(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "CRDDescription provides details to OLM about the CRDs", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIResourceReference"), + }, + }, + }, + }, + }, + "statusDescriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.StatusDescriptor"), + }, + }, + }, + }, + }, + "specDescriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.SpecDescriptor"), + }, + }, + }, + }, + }, + "actionDescriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.ActionDescriptor"), + }, + }, + }, + }, + }, + }, + Required: []string{"name", "version", "kind"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIResourceReference", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.ActionDescriptor", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.SpecDescriptor", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.StatusDescriptor"}, + } +} + +func schema_api_apis_operators_v1alpha1_CustomResourceDefinitions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "CustomResourceDefinitions declares all of the CRDs managed or required by an operator being ran by ClusterServiceVersion.\n\nIf the CRD is present in the Owned list, it is implicitly required.", + Properties: map[string]spec.Schema{ + "owned": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CRDDescription"), + }, + }, + }, + }, + }, + "required": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CRDDescription"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CRDDescription"}, + } +} + +func schema_api_apis_operators_v1alpha1_InstallMode(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "InstallMode associates an InstallModeType with a flag representing if the CSV supports it", + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "supported": { + SchemaProps: spec.SchemaProps{ + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"type", "supported"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_api_apis_operators_v1alpha1_SpecDescriptor(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "SpecDescriptor describes a field in a spec block of a CRD so that OLM can consume it", + Properties: map[string]spec.Schema{ + "path": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "x-descriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "value": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + }, + Required: []string{"path"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_api_apis_operators_v1alpha1_StatusDescriptor(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "StatusDescriptor describes a field in a status block of a CRD so that OLM can consume it", + Properties: map[string]spec.Schema{ + "path": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "x-descriptors": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "value": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + }, + Required: []string{"path"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_operator_lifecycle_manager_pkg_lib_version_OperatorVersion(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "OperatorVersion is a wrapper around semver.Version which supports correct marshaling to YAML and JSON.", + Type: version.OperatorVersion{}.OpenAPISchemaType(), + Format: version.OperatorVersion{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_package_server_apis_apps_v1alpha1_AppLink(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AppLink defines a link to an application", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "url": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_package_server_apis_apps_v1alpha1_CSVDescription(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "CSVDescription defines a description of a CSV", + Properties: map[string]spec.Schema{ + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is the CSV's display name", + Type: []string{"string"}, + Format: "", + }, + }, + "icon": { + SchemaProps: spec.SchemaProps{ + Description: "Icon is the CSV's base64 encoded icon", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.Icon"), + }, + }, + }, + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Description: "Version is the CSV's semantic version", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version.OperatorVersion"), + }, + }, + "provider": { + SchemaProps: spec.SchemaProps{ + Description: "Provider is the CSV's provider", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.AppLink"), + }, + }, + "annotations": { + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Description: "LongDescription is the CSV's description", + Type: []string{"string"}, + Format: "", + }, + }, + "installModes": { + SchemaProps: spec.SchemaProps{ + Description: "InstallModes specify supported installation types", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.InstallMode"), + }, + }, + }, + }, + }, + "customresourcedefinitions": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CustomResourceDefinitions"), + }, + }, + "apiservicedefinitions": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDefinitions"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDefinitions", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CustomResourceDefinitions", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.InstallMode", "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version.OperatorVersion", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.AppLink", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.Icon"}, + } +} + +func schema_package_server_apis_apps_v1alpha1_Icon(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Icon defines a base64 encoded icon and media type", + Properties: map[string]spec.Schema{ + "base64data": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "mediatype": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_package_server_apis_apps_v1alpha1_PackageChannel(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageChannel defines a single channel under a package, pointing to a version of that package.", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name is the name of the channel, e.g. `alpha` or `stable`", + Type: []string{"string"}, + Format: "", + }, + }, + "currentCSV": { + SchemaProps: spec.SchemaProps{ + Description: "CurrentCSV defines a reference to the CSV holding the version of this package currently for the channel.", + Type: []string{"string"}, + Format: "", + }, + }, + "currentCSVDesc": { + SchemaProps: spec.SchemaProps{ + Description: "CurrentCSVSpec holds the spec of the current CSV", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.CSVDescription"), + }, + }, + }, + Required: []string{"name", "currentCSV"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.CSVDescription"}, + } +} + +func schema_package_server_apis_apps_v1alpha1_PackageManifest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifest holds information about a package, which is a reference to one (or more) channels under a single package.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifestSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifestStatus"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifestSpec", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_package_server_apis_apps_v1alpha1_PackageManifestList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifestList is a list of PackageManifest objects.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifest"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageManifest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_package_server_apis_apps_v1alpha1_PackageManifestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifestSpec defines the desired state of PackageManifest", + Properties: map[string]spec.Schema{}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_package_server_apis_apps_v1alpha1_PackageManifestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifestStatus represents the current status of the PackageManifest", + Properties: map[string]spec.Schema{ + "catalogSource": { + SchemaProps: spec.SchemaProps{ + Description: "CatalogSource is the name of the CatalogSource this package belongs to", + Type: []string{"string"}, + Format: "", + }, + }, + "catalogSourceDisplayName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "catalogSourcePublisher": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "catalogSourceNamespace": { + SchemaProps: spec.SchemaProps{ + Description: "\n CatalogSourceNamespace is the namespace of the owning CatalogSource", + Type: []string{"string"}, + Format: "", + }, + }, + "provider": { + SchemaProps: spec.SchemaProps{ + Description: "Provider is the provider of the PackageManifest's default CSV", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.AppLink"), + }, + }, + "packageName": { + SchemaProps: spec.SchemaProps{ + Description: "PackageName is the name of the overall package, ala `etcd`.", + Type: []string{"string"}, + Format: "", + }, + }, + "channels": { + SchemaProps: spec.SchemaProps{ + Description: "Channels are the declared channels for the package, ala `stable` or `alpha`.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageChannel"), + }, + }, + }, + }, + }, + "defaultChannel": { + SchemaProps: spec.SchemaProps{ + Description: "DefaultChannel is, if specified, the name of the default channel for the package. The default channel will be installed if no other channel is explicitly given. If the package has a single channel, then that channel is implicitly the default.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"catalogSource", "catalogSourceDisplayName", "catalogSourcePublisher", "catalogSourceNamespace", "packageName", "channels", "defaultChannel"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.AppLink", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1.PackageChannel"}, + } +} + +func schema_package_server_apis_operators_v1_AppLink(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AppLink defines a link to an application", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "url": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_package_server_apis_operators_v1_CSVDescription(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "CSVDescription defines a description of a CSV", + Properties: map[string]spec.Schema{ + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is the CSV's display name", + Type: []string{"string"}, + Format: "", + }, + }, + "icon": { + SchemaProps: spec.SchemaProps{ + Description: "Icon is the CSV's base64 encoded icon", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.Icon"), + }, + }, + }, + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Description: "Version is the CSV's semantic version", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version.OperatorVersion"), + }, + }, + "provider": { + SchemaProps: spec.SchemaProps{ + Description: "Provider is the CSV's provider", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.AppLink"), + }, + }, + "annotations": { + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Description: "LongDescription is the CSV's description", + Type: []string{"string"}, + Format: "", + }, + }, + "installModes": { + SchemaProps: spec.SchemaProps{ + Description: "InstallModes specify supported installation types", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.InstallMode"), + }, + }, + }, + }, + }, + "customresourcedefinitions": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CustomResourceDefinitions"), + }, + }, + "apiservicedefinitions": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDefinitions"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.APIServiceDefinitions", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.CustomResourceDefinitions", "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1.InstallMode", "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version.OperatorVersion", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.AppLink", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.Icon"}, + } +} + +func schema_package_server_apis_operators_v1_Icon(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Icon defines a base64 encoded icon and media type", + Properties: map[string]spec.Schema{ + "base64data": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "mediatype": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_package_server_apis_operators_v1_PackageChannel(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageChannel defines a single channel under a package, pointing to a version of that package.", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name is the name of the channel, e.g. `alpha` or `stable`", + Type: []string{"string"}, + Format: "", + }, + }, + "currentCSV": { + SchemaProps: spec.SchemaProps{ + Description: "CurrentCSV defines a reference to the CSV holding the version of this package currently for the channel.", + Type: []string{"string"}, + Format: "", + }, + }, + "currentCSVDesc": { + SchemaProps: spec.SchemaProps{ + Description: "CurrentCSVSpec holds the spec of the current CSV", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.CSVDescription"), + }, + }, + }, + Required: []string{"name", "currentCSV"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.CSVDescription"}, + } +} + +func schema_package_server_apis_operators_v1_PackageManifest(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifest holds information about a package, which is a reference to one (or more) channels under a single package.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifestSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifestStatus"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifestSpec", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_package_server_apis_operators_v1_PackageManifestList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifestList is a list of PackageManifest objects.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifest"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageManifest", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_package_server_apis_operators_v1_PackageManifestSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifestSpec defines the desired state of PackageManifest", + Properties: map[string]spec.Schema{}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_package_server_apis_operators_v1_PackageManifestStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PackageManifestStatus represents the current status of the PackageManifest", + Properties: map[string]spec.Schema{ + "catalogSource": { + SchemaProps: spec.SchemaProps{ + Description: "CatalogSource is the name of the CatalogSource this package belongs to", + Type: []string{"string"}, + Format: "", + }, + }, + "catalogSourceDisplayName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "catalogSourcePublisher": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "catalogSourceNamespace": { + SchemaProps: spec.SchemaProps{ + Description: "\n CatalogSourceNamespace is the namespace of the owning CatalogSource", + Type: []string{"string"}, + Format: "", + }, + }, + "provider": { + SchemaProps: spec.SchemaProps{ + Description: "Provider is the provider of the PackageManifest's default CSV", + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.AppLink"), + }, + }, + "packageName": { + SchemaProps: spec.SchemaProps{ + Description: "PackageName is the name of the overall package, ala `etcd`.", + Type: []string{"string"}, + Format: "", + }, + }, + "channels": { + SchemaProps: spec.SchemaProps{ + Description: "Channels are the declared channels for the package, ala `stable` or `alpha`.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageChannel"), + }, + }, + }, + }, + }, + "defaultChannel": { + SchemaProps: spec.SchemaProps{ + Description: "DefaultChannel is, if specified, the name of the default channel for the package. The default channel will be installed if no other channel is explicitly given. If the package has a single channel, then that channel is implicitly the default.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"catalogSource", "catalogSourceDisplayName", "catalogSourcePublisher", "catalogSourceNamespace", "packageName", "channels", "defaultChannel"}, + }, + }, + Dependencies: []string{ + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.AppLink", "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1.PackageChannel"}, + } +} + +func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIGroup contains the name, the supported versions, and the preferred version of a group.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Description: "name is the name of the group.", + Type: []string{"string"}, + Format: "", + }, + }, + "versions": { + SchemaProps: spec.SchemaProps{ + Description: "versions are the versions supported in this group.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + }, + }, + }, + }, + }, + "preferredVersion": { + SchemaProps: spec.SchemaProps{ + Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"), + }, + }, + "serverAddressByClientCIDRs": { + SchemaProps: spec.SchemaProps{ + Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + }, + }, + }, + }, + }, + }, + Required: []string{"name", "versions"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + } +} + +func schema_pkg_apis_meta_v1_APIGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "groups": { + SchemaProps: spec.SchemaProps{ + Description: "groups is a list of APIGroup.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"), + }, + }, + }, + }, + }, + }, + Required: []string{"groups"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"}, + } +} + +func schema_pkg_apis_meta_v1_APIResource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIResource specifies the name of a resource and whether it is namespaced.", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "name is the plural name of the resource.", + Type: []string{"string"}, + Format: "", + }, + }, + "singularName": { + SchemaProps: spec.SchemaProps{ + Description: "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.", + Type: []string{"string"}, + Format: "", + }, + }, + "namespaced": { + SchemaProps: spec.SchemaProps{ + Description: "namespaced indicates if a resource is namespaced or not.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "group": { + SchemaProps: spec.SchemaProps{ + Description: "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".", + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Description: "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".", + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')", + Type: []string{"string"}, + Format: "", + }, + }, + "verbs": { + SchemaProps: spec.SchemaProps{ + Description: "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "shortNames": { + SchemaProps: spec.SchemaProps{ + Description: "shortNames is a list of suggested short names of the resource.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "categories": { + SchemaProps: spec.SchemaProps{ + Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"name", "singularName", "namespaced", "kind", "verbs"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_APIResourceList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "groupVersion": { + SchemaProps: spec.SchemaProps{ + Description: "groupVersion is the group and version this APIResourceList is for.", + Type: []string{"string"}, + Format: "", + }, + }, + "resources": { + SchemaProps: spec.SchemaProps{ + Description: "resources contains the name of the resources and if they are namespaced.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"), + }, + }, + }, + }, + }, + }, + Required: []string{"groupVersion", "resources"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"}, + } +} + +func schema_pkg_apis_meta_v1_APIVersions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "versions": { + SchemaProps: spec.SchemaProps{ + Description: "versions are the api versions that are available.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "serverAddressByClientCIDRs": { + SchemaProps: spec.SchemaProps{ + Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"), + }, + }, + }, + }, + }, + }, + Required: []string{"versions", "serverAddressByClientCIDRs"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"}, + } +} + +func schema_pkg_apis_meta_v1_CreateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "CreateOptions may be provided when creating an API object.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "dryRun": { + SchemaProps: spec.SchemaProps{ + Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "includeUninitialized": { + SchemaProps: spec.SchemaProps{ + Description: "If IncludeUninitialized is specified, the object may be returned without completing initialization.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_DeleteOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "DeleteOptions may be provided when deleting an API object.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "gracePeriodSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "preconditions": { + SchemaProps: spec.SchemaProps{ + Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"), + }, + }, + "orphanDependents": { + SchemaProps: spec.SchemaProps{ + Description: "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "propagationPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + Type: []string{"string"}, + Format: "", + }, + }, + "dryRun": { + SchemaProps: spec.SchemaProps{ + Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"}, + } +} + +func schema_pkg_apis_meta_v1_Duration(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.", + Properties: map[string]spec.Schema{ + "Duration": { + SchemaProps: spec.SchemaProps{ + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + Required: []string{"Duration"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_ExportOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ExportOptions is the query options to the standard REST get call.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "export": { + SchemaProps: spec.SchemaProps{ + Description: "Should this value be exported. Export strips fields that a user can not specify.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "exact": { + SchemaProps: spec.SchemaProps{ + Description: "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"export", "exact"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_GetOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GetOptions is the standard query options to the standard REST get call.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceVersion": { + SchemaProps: spec.SchemaProps{ + Description: "When specified: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + Type: []string{"string"}, + Format: "", + }, + }, + "includeUninitialized": { + SchemaProps: spec.SchemaProps{ + Description: "If true, partially initialized resources are included in the response.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_GroupKind(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", + Properties: map[string]spec.Schema{ + "group": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"group", "kind"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_GroupResource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupResource specifies a Group and a Resource, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types", + Properties: map[string]spec.Schema{ + "group": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "resource": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"group", "resource"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_GroupVersion(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupVersion contains the \"group\" and the \"version\", which uniquely identifies the API.", + Properties: map[string]spec.Schema{ + "group": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"group", "version"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", + Properties: map[string]spec.Schema{ + "groupVersion": { + SchemaProps: spec.SchemaProps{ + Description: "groupVersion specifies the API group and version in the form \"group/version\"", + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Description: "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"groupVersion", "version"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_GroupVersionKind(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupVersionKind unambiguously identifies a kind. It doesn't anonymously include GroupVersion to avoid automatic coersion. It doesn't use a GroupVersion to avoid custom marshalling", + Properties: map[string]spec.Schema{ + "group": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"group", "version", "kind"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_GroupVersionResource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupVersionResource unambiguously identifies a resource. It doesn't anonymously include GroupVersion to avoid automatic coersion. It doesn't use a GroupVersion to avoid custom marshalling", + Properties: map[string]spec.Schema{ + "group": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "resource": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"group", "version", "resource"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_Initializer(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Initializer is information about an initializer that has not yet completed.", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "name of the process that is responsible for initializing this object.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_Initializers(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Initializers tracks the progress of initialization.", + Properties: map[string]spec.Schema{ + "pending": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Initializer"), + }, + }, + }, + }, + }, + "result": { + SchemaProps: spec.SchemaProps{ + Description: "If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Status"), + }, + }, + }, + Required: []string{"pending"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Initializer", "k8s.io/apimachinery/pkg/apis/meta/v1.Status"}, + } +} + +func schema_pkg_apis_meta_v1_InternalEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "InternalEvent makes watch.Event versioned", + Properties: map[string]spec.Schema{ + "Type": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "Object": { + SchemaProps: spec.SchemaProps{ + Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *api.Status is recommended; other types may make sense\n depending on context.", + Ref: ref("k8s.io/apimachinery/pkg/runtime.Object"), + }, + }, + }, + Required: []string{"Type", "Object"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/runtime.Object"}, + } +} + +func schema_pkg_apis_meta_v1_LabelSelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", + Properties: map[string]spec.Schema{ + "matchLabels": { + SchemaProps: spec.SchemaProps{ + Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "matchExpressions": { + SchemaProps: spec.SchemaProps{ + Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + } +} + +func schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + Properties: map[string]spec.Schema{ + "key": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-patch-merge-key": "key", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "key is the label key that the selector applies to.", + Type: []string{"string"}, + Format: "", + }, + }, + "operator": { + SchemaProps: spec.SchemaProps{ + Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + Type: []string{"string"}, + Format: "", + }, + }, + "values": { + SchemaProps: spec.SchemaProps{ + Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"key", "operator"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_List(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "List holds a list of objects, which may not be known by the server.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Description: "List of objects", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + } +} + +func schema_pkg_apis_meta_v1_ListMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", + Properties: map[string]spec.Schema{ + "selfLink": { + SchemaProps: spec.SchemaProps{ + Description: "selfLink is a URL representing this object. Populated by the system. Read-only.", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceVersion": { + SchemaProps: spec.SchemaProps{ + Description: "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", + Type: []string{"string"}, + Format: "", + }, + }, + "continue": { + SchemaProps: spec.SchemaProps{ + Description: "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_ListOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ListOptions is the query options to a standard REST list call.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "labelSelector": { + SchemaProps: spec.SchemaProps{ + Description: "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + Type: []string{"string"}, + Format: "", + }, + }, + "fieldSelector": { + SchemaProps: spec.SchemaProps{ + Description: "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + Type: []string{"string"}, + Format: "", + }, + }, + "includeUninitialized": { + SchemaProps: spec.SchemaProps{ + Description: "If true, partially initialized resources are included in the response.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "watch": { + SchemaProps: spec.SchemaProps{ + Description: "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "resourceVersion": { + SchemaProps: spec.SchemaProps{ + Description: "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + Type: []string{"string"}, + Format: "", + }, + }, + "timeoutSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "limit": { + SchemaProps: spec.SchemaProps{ + Description: "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "continue": { + SchemaProps: spec.SchemaProps{ + Description: "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_MicroTime(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "MicroTime is version of Time with microsecond level precision.", + Type: v1.MicroTime{}.OpenAPISchemaType(), + Format: v1.MicroTime{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_ObjectMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + Type: []string{"string"}, + Format: "", + }, + }, + "generateName": { + SchemaProps: spec.SchemaProps{ + Description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency", + Type: []string{"string"}, + Format: "", + }, + }, + "namespace": { + SchemaProps: spec.SchemaProps{ + Description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces", + Type: []string{"string"}, + Format: "", + }, + }, + "selfLink": { + SchemaProps: spec.SchemaProps{ + Description: "SelfLink is a URL representing this object. Populated by the system. Read-only.", + Type: []string{"string"}, + Format: "", + }, + }, + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + Type: []string{"string"}, + Format: "", + }, + }, + "resourceVersion": { + SchemaProps: spec.SchemaProps{ + Description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", + Type: []string{"string"}, + Format: "", + }, + }, + "generation": { + SchemaProps: spec.SchemaProps{ + Description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "creationTimestamp": { + SchemaProps: spec.SchemaProps{ + Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + "deletionTimestamp": { + SchemaProps: spec.SchemaProps{ + Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + "deletionGracePeriodSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "labels": { + SchemaProps: spec.SchemaProps{ + Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "annotations": { + SchemaProps: spec.SchemaProps{ + Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "ownerReferences": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-patch-merge-key": "uid", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"), + }, + }, + }, + }, + }, + "initializers": { + SchemaProps: spec.SchemaProps{ + Description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.\n\nWhen an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Initializers"), + }, + }, + "finalizers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "clusterName": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Initializers", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + } +} + +func schema_pkg_apis_meta_v1_OwnerReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.", + Properties: map[string]spec.Schema{ + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "API version of the referent.", + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + Type: []string{"string"}, + Format: "", + }, + }, + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + Type: []string{"string"}, + Format: "", + }, + }, + "controller": { + SchemaProps: spec.SchemaProps{ + Description: "If true, this reference points to the managing controller.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "blockOwnerDeletion": { + SchemaProps: spec.SchemaProps{ + Description: "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"apiVersion", "kind", "name", "uid"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_Patch(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", + Properties: map[string]spec.Schema{}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_Preconditions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", + Properties: map[string]spec.Schema{ + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies the target UID.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_RootPaths(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "RootPaths lists the paths available at root. For example: \"/healthz\", \"/apis\".", + Properties: map[string]spec.Schema{ + "paths": { + SchemaProps: spec.SchemaProps{ + Description: "paths are the paths available at root.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"paths"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", + Properties: map[string]spec.Schema{ + "clientCIDR": { + SchemaProps: spec.SchemaProps{ + Description: "The CIDR with which clients can match their IP to figure out the server address that they should use.", + Type: []string{"string"}, + Format: "", + }, + }, + "serverAddress": { + SchemaProps: spec.SchemaProps{ + Description: "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"clientCIDR", "serverAddress"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_Status(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Status is a return value for calls that don't return other objects.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "A human-readable description of the status of this operation.", + Type: []string{"string"}, + Format: "", + }, + }, + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", + Type: []string{"string"}, + Format: "", + }, + }, + "details": { + SchemaProps: spec.SchemaProps{ + Description: "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"), + }, + }, + "code": { + SchemaProps: spec.SchemaProps{ + Description: "Suggested HTTP return code for this status, 0 if not set.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"}, + } +} + +func schema_pkg_apis_meta_v1_StatusCause(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", + Properties: map[string]spec.Schema{ + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "A machine-readable description of the cause of the error. If this value is empty there is no information available.", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "A human-readable description of the cause of the error. This field may be presented as-is to a reader.", + Type: []string{"string"}, + Format: "", + }, + }, + "field": { + SchemaProps: spec.SchemaProps{ + Description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_StatusDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).", + Type: []string{"string"}, + Format: "", + }, + }, + "group": { + SchemaProps: spec.SchemaProps{ + Description: "The group attribute of the resource associated with the status StatusReason.", + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + Type: []string{"string"}, + Format: "", + }, + }, + "causes": { + SchemaProps: spec.SchemaProps{ + Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"), + }, + }, + }, + }, + }, + "retryAfterSeconds": { + SchemaProps: spec.SchemaProps{ + Description: "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"}, + } +} + +func schema_pkg_apis_meta_v1_Time(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", + Type: v1.Time{}.OpenAPISchemaType(), + Format: v1.Time{}.OpenAPISchemaFormat(), + }, + }, + } +} + +func schema_pkg_apis_meta_v1_Timestamp(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Timestamp is a struct that is equivalent to Time, but intended for protobuf marshalling/unmarshalling. It is generated into a serialization that matches Time. Do not use in Go structs.", + Properties: map[string]spec.Schema{ + "seconds": { + SchemaProps: spec.SchemaProps{ + Description: "Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z inclusive.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "nanos": { + SchemaProps: spec.SchemaProps{ + Description: "Non-negative fractions of a second at nanosecond resolution. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be from 0 to 999,999,999 inclusive. This field may be limited in precision depending on context.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + Required: []string{"seconds", "nanos"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_UpdateOptions(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "UpdateOptions may be provided when updating an API object.", + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "dryRun": { + SchemaProps: spec.SchemaProps{ + Description: "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_pkg_apis_meta_v1_WatchEvent(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Event represents a single event to a watched resource.", + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "object": { + SchemaProps: spec.SchemaProps{ + Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", + Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), + }, + }, + }, + Required: []string{"type", "object"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + } +} + +func schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.Object `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// External package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// On the wire, the JSON will look something like this: {\n\t\"kind\":\"MyAPIObject\",\n\t\"apiVersion\":\"v1\",\n\t\"myPlugin\": {\n\t\t\"kind\":\"PluginA\",\n\t\t\"aOption\":\"foo\",\n\t},\n}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)", + Properties: map[string]spec.Schema{ + "Raw": { + SchemaProps: spec.SchemaProps{ + Description: "Raw is the underlying serialization of this object.", + Type: []string{"string"}, + Format: "byte", + }, + }, + }, + Required: []string{"Raw"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type, like this: type MyAwesomeAPIObject struct {\n runtime.TypeMeta `json:\",inline\"`\n ... // other fields\n} func (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind\n\nTypeMeta is provided here for convenience. You may use it directly from this package or define your own with the same fields.", + Properties: map[string]spec.Schema{ + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{}, + } +} + +func schema_k8sio_apimachinery_pkg_runtime_Unknown(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Unknown allows api objects with unknown types to be passed-through. This can be used to deal with the API objects from a plug-in. Unknown objects still have functioning TypeMeta features-- kind, version, etc. metadata and field mutatation.", + Properties: map[string]spec.Schema{ + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "Raw": { + SchemaProps: spec.SchemaProps{ + Description: "Raw will hold the complete serialized object which couldn't be matched with a registered type. Most likely, nothing should be done with this except for passing it through the system.", + Type: []string{"string"}, + Format: "byte", + }, + }, + "ContentEncoding": { + SchemaProps: spec.SchemaProps{ + Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.", + Type: []string{"string"}, + Format: "", + }, + }, + "ContentType": { + SchemaProps: spec.SchemaProps{ + Description: "ContentType is serialization method used to serialize 'Raw'. Unspecified means ContentTypeJSON.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"Raw", "ContentEncoding", "ContentType"}, + }, + }, + Dependencies: []string{}, + } +} + +func schema_k8sio_apimachinery_pkg_version_Info(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Info contains versioning information. how we'll want to distribute that information.", + Properties: map[string]spec.Schema{ + "major": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "minor": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "gitVersion": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "gitCommit": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "gitTreeState": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "buildDate": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "goVersion": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "compiler": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "platform": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"major", "minor", "gitVersion", "gitCommit", "gitTreeState", "buildDate", "goVersion", "compiler", "platform"}, + }, + }, + Dependencies: []string{}, + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/doc.go new file mode 100644 index 000000000..b5f420c28 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/doc.go @@ -0,0 +1,5 @@ +// +k8s:deepcopy-gen=package + +// Package operators is the internal version of the API. +// +groupName=operators.coreos.com +package operators diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/install/install.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/install/install.go new file mode 100644 index 000000000..15e44fda1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/install/install.go @@ -0,0 +1,16 @@ +package install + +import ( + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" +) + +// Install registers API groups and adds types to a scheme. +func Install(scheme *runtime.Scheme) { + utilruntime.Must(operators.AddToScheme(scheme)) + utilruntime.Must(v1.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/packagemanifest.go new file mode 100644 index 000000000..734f8ba0c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/packagemanifest.go @@ -0,0 +1,34 @@ +package operators + +import operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + +// CreateCSVDescription creates a CSVDescription from a given CSV +func CreateCSVDescription(csv *operatorsv1alpha1.ClusterServiceVersion) CSVDescription { + desc := CSVDescription{ + DisplayName: csv.Spec.DisplayName, + Version: csv.Spec.Version, + Provider: AppLink{ + Name: csv.Spec.Provider.Name, + URL: csv.Spec.Provider.URL, + }, + Annotations: csv.GetAnnotations(), + LongDescription: csv.Spec.Description, + InstallModes: csv.Spec.InstallModes, + CustomResourceDefinitions: csv.Spec.CustomResourceDefinitions, + APIServiceDefinitions: csv.Spec.APIServiceDefinitions, + } + + icons := make([]Icon, len(csv.Spec.Icon)) + for i, icon := range csv.Spec.Icon { + icons[i] = Icon{ + Base64Data: icon.Data, + Mediatype: icon.MediaType, + } + } + + if len(icons) > 0 { + desc.Icon = icons + } + + return desc +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/packagemanifest_types.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/packagemanifest_types.go new file mode 100644 index 000000000..872e4749b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/packagemanifest_types.go @@ -0,0 +1,125 @@ +package operators + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + operatorv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" +) + +// PackageManifestList is a list of PackageManifest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type PackageManifestList struct { + metav1.TypeMeta + metav1.ListMeta + + Items []PackageManifest +} + +// PackageManifest holds information about a package, which is a reference to one (or more) +// channels under a single package. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type PackageManifest struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec PackageManifestSpec + Status PackageManifestStatus +} + +// PackageManifestSpec defines the desired state of PackageManifest +type PackageManifestSpec struct{} + +// PackageManifestStatus represents the current status of the PackageManifest +type PackageManifestStatus struct { + // CatalogSource is the name of the CatalogSource this package belongs to + CatalogSource string + CatalogSourceDisplayName string + CatalogSourcePublisher string + + // CatalogSourceNamespace is the namespace of the owning CatalogSource + CatalogSourceNamespace string + + // Provider is the provider of the PackageManifest's default CSV + Provider AppLink + + // PackageName is the name of the overall package, ala . + PackageName string + + // Channels are the declared channels for the package, ala . + Channels []PackageChannel + + // DefaultChannel is, if specified, the name of the default channel for the package. The + // default channel will be installed if no other channel is explicitly given. If the package + // has a single channel, then that channel is implicitly the default. + DefaultChannel string +} + +// GetDefaultChannel gets the default channel or returns the only one if there's only one. returns empty string if it +// can't determine the default +func (m PackageManifest) GetDefaultChannel() string { + if m.Status.DefaultChannel != "" { + return m.Status.DefaultChannel + } + if len(m.Status.Channels) == 1 { + return m.Status.Channels[0].Name + } + return "" +} + +// PackageChannel defines a single channel under a package, pointing to a version of that +// package. +type PackageChannel struct { + // Name is the name of the channel, e.g. + Name string + + // CurrentCSV defines a reference to the CSV holding the version of this package currently + // for the channel. + CurrentCSV string + + // CurrentCSVSpec holds the spec of the current CSV + CurrentCSVDesc CSVDescription +} + +// CSVDescription defines a description of a CSV +type CSVDescription struct { + // DisplayName is the CSV's display name + DisplayName string + + // Icon is the CSV's base64 encoded icon + Icon []Icon + + // Version is the CSV's semantic version + Version version.OperatorVersion + + // Provider is the CSV's provider + Provider AppLink + Annotations map[string]string + + // LongDescription is the CSV's description + LongDescription string + + // InstallModes specify supported installation types + InstallModes []operatorv1alpha1.InstallMode + + CustomResourceDefinitions operatorv1alpha1.CustomResourceDefinitions + APIServiceDefinitions operatorv1alpha1.APIServiceDefinitions +} + +// AppLink defines a link to an application +type AppLink struct { + Name string + URL string +} + +// Icon defines a base64 encoded icon and media type +type Icon struct { + Base64Data string + Mediatype string +} + +// IsDefaultChannel returns true if the PackageChannel is the default for the PackageManifest +func (pc PackageChannel) IsDefaultChannel(pm PackageManifest) bool { + return pc.Name == pm.Status.DefaultChannel || len(pm.Status.Channels) == 1 +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/register.go new file mode 100644 index 000000000..d8e29880a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/register.go @@ -0,0 +1,36 @@ +package operators + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +var ( + Group = "packages.operators.coreos.com" + + // SchemeGroupVersion is the GroupVersion used to register this object + SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: runtime.APIVersionInternal} + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Kind takes an unqualified kind and returns the group-qualified kind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns the group-qualified resource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +// addKnownTypes adds the set of types defined in this package to the supplied scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + // Add types for each GroupVersion + scheme.AddKnownTypes(SchemeGroupVersion, + &PackageManifest{}, + &PackageManifestList{}, + ) + + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/doc.go new file mode 100644 index 000000000..69520a640 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/doc.go @@ -0,0 +1,7 @@ +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators +// +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-gen=true + +// +groupName=operators.coreos.com +package v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/packagemanifest.go new file mode 100644 index 000000000..3a522ab45 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/packagemanifest.go @@ -0,0 +1,34 @@ +package v1 + +import operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + +// CreateCSVDescription creates a CSVDescription from a given CSV +func CreateCSVDescription(csv *operatorsv1alpha1.ClusterServiceVersion) CSVDescription { + desc := CSVDescription{ + DisplayName: csv.Spec.DisplayName, + Version: csv.Spec.Version, + Provider: AppLink{ + Name: csv.Spec.Provider.Name, + URL: csv.Spec.Provider.URL, + }, + Annotations: csv.GetAnnotations(), + LongDescription: csv.Spec.Description, + InstallModes: csv.Spec.InstallModes, + CustomResourceDefinitions: csv.Spec.CustomResourceDefinitions, + APIServiceDefinitions: csv.Spec.APIServiceDefinitions, + } + + icons := make([]Icon, len(csv.Spec.Icon)) + for i, icon := range csv.Spec.Icon { + icons[i] = Icon{ + Base64Data: icon.Data, + Mediatype: icon.MediaType, + } + } + + if len(icons) > 0 { + desc.Icon = icons + } + + return desc +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/packagemanifest_types.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/packagemanifest_types.go new file mode 100644 index 000000000..c7a9ce06f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/packagemanifest_types.go @@ -0,0 +1,125 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + operatorv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" +) + +// PackageManifestList is a list of PackageManifest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type PackageManifestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []PackageManifest `json:"items"` +} + +// PackageManifest holds information about a package, which is a reference to one (or more) +// channels under a single package. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type PackageManifest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec PackageManifestSpec `json:"spec,omitempty"` + Status PackageManifestStatus `json:"status,omitempty"` +} + +// PackageManifestSpec defines the desired state of PackageManifest +type PackageManifestSpec struct{} + +// PackageManifestStatus represents the current status of the PackageManifest +type PackageManifestStatus struct { + // CatalogSource is the name of the CatalogSource this package belongs to + CatalogSource string `json:"catalogSource"` + CatalogSourceDisplayName string `json:"catalogSourceDisplayName"` + CatalogSourcePublisher string `json:"catalogSourcePublisher"` + + // CatalogSourceNamespace is the namespace of the owning CatalogSource + CatalogSourceNamespace string `json:"catalogSourceNamespace"` + + // Provider is the provider of the PackageManifest's default CSV + Provider AppLink `json:"provider,omitempty"` + + // PackageName is the name of the overall package, ala `etcd`. + PackageName string `json:"packageName"` + + // Channels are the declared channels for the package, ala `stable` or `alpha`. + Channels []PackageChannel `json:"channels"` + + // DefaultChannel is, if specified, the name of the default channel for the package. The + // default channel will be installed if no other channel is explicitly given. If the package + // has a single channel, then that channel is implicitly the default. + DefaultChannel string `json:"defaultChannel"` +} + +// GetDefaultChannel gets the default channel or returns the only one if there's only one. returns empty string if it +// can't determine the default +func (m PackageManifest) GetDefaultChannel() string { + if m.Status.DefaultChannel != "" { + return m.Status.DefaultChannel + } + if len(m.Status.Channels) == 1 { + return m.Status.Channels[0].Name + } + return "" +} + +// PackageChannel defines a single channel under a package, pointing to a version of that +// package. +type PackageChannel struct { + // Name is the name of the channel, e.g. `alpha` or `stable` + Name string `json:"name"` + + // CurrentCSV defines a reference to the CSV holding the version of this package currently + // for the channel. + CurrentCSV string `json:"currentCSV"` + + // CurrentCSVSpec holds the spec of the current CSV + CurrentCSVDesc CSVDescription `json:"currentCSVDesc,omitempty"` +} + +// CSVDescription defines a description of a CSV +type CSVDescription struct { + // DisplayName is the CSV's display name + DisplayName string `json:"displayName,omitempty"` + + // Icon is the CSV's base64 encoded icon + Icon []Icon `json:"icon,omitempty"` + + // Version is the CSV's semantic version + Version version.OperatorVersion `json:"version,omitempty"` + + // Provider is the CSV's provider + Provider AppLink `json:"provider,omitempty"` + Annotations map[string]string `json:"annotations,omitempty"` + + // LongDescription is the CSV's description + LongDescription string `json:"description,omitempty"` + + // InstallModes specify supported installation types + InstallModes []operatorv1alpha1.InstallMode `json:"installModes,omitempty"` + + CustomResourceDefinitions operatorv1alpha1.CustomResourceDefinitions `json:"customresourcedefinitions,omitempty"` + APIServiceDefinitions operatorv1alpha1.APIServiceDefinitions `json:"apiservicedefinitions,omitempty"` +} + +// AppLink defines a link to an application +type AppLink struct { + Name string `json:"name,omitempty"` + URL string `json:"url,omitempty"` +} + +// Icon defines a base64 encoded icon and media type +type Icon struct { + Base64Data string `json:"base64data,omitempty"` + Mediatype string `json:"mediatype,omitempty"` +} + +// IsDefaultChannel returns true if the PackageChannel is the default for the PackageManifest +func (pc PackageChannel) IsDefaultChannel(pm PackageManifest) bool { + return pc.Name == pm.Status.DefaultChannel || len(pm.Status.Channels) == 1 +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/register.go new file mode 100644 index 000000000..2b6a8fc66 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/register.go @@ -0,0 +1,45 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators" +) + +const ( + Group = "packages." + operators.GroupName + Version = "v1" + PackageManifestKind = "PackageManifest" + PackageManifestListKind = "PackageManifestList" +) + +// SchemeGroupVersion is the group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +// Resource takes an unqualified resource and returns a Group-qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +// addKnownTypes adds the set of types defined in this package to the supplied scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypeWithName( + SchemeGroupVersion.WithKind(PackageManifestKind), + &PackageManifest{}, + ) + scheme.AddKnownTypeWithName( + SchemeGroupVersion.WithKind(PackageManifestListKind), + &PackageManifestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.conversion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.conversion.go new file mode 100644 index 000000000..7f9748d7a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.conversion.go @@ -0,0 +1,342 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1 + +import ( + unsafe "unsafe" + + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*AppLink)(nil), (*operators.AppLink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_AppLink_To_operators_AppLink(a.(*AppLink), b.(*operators.AppLink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.AppLink)(nil), (*AppLink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_AppLink_To_v1_AppLink(a.(*operators.AppLink), b.(*AppLink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*CSVDescription)(nil), (*operators.CSVDescription)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_CSVDescription_To_operators_CSVDescription(a.(*CSVDescription), b.(*operators.CSVDescription), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.CSVDescription)(nil), (*CSVDescription)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_CSVDescription_To_v1_CSVDescription(a.(*operators.CSVDescription), b.(*CSVDescription), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*Icon)(nil), (*operators.Icon)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_Icon_To_operators_Icon(a.(*Icon), b.(*operators.Icon), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.Icon)(nil), (*Icon)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_Icon_To_v1_Icon(a.(*operators.Icon), b.(*Icon), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageChannel)(nil), (*operators.PackageChannel)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_PackageChannel_To_operators_PackageChannel(a.(*PackageChannel), b.(*operators.PackageChannel), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageChannel)(nil), (*PackageChannel)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageChannel_To_v1_PackageChannel(a.(*operators.PackageChannel), b.(*PackageChannel), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifest)(nil), (*operators.PackageManifest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_PackageManifest_To_operators_PackageManifest(a.(*PackageManifest), b.(*operators.PackageManifest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifest)(nil), (*PackageManifest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifest_To_v1_PackageManifest(a.(*operators.PackageManifest), b.(*PackageManifest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifestList)(nil), (*operators.PackageManifestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_PackageManifestList_To_operators_PackageManifestList(a.(*PackageManifestList), b.(*operators.PackageManifestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifestList)(nil), (*PackageManifestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifestList_To_v1_PackageManifestList(a.(*operators.PackageManifestList), b.(*PackageManifestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifestSpec)(nil), (*operators.PackageManifestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_PackageManifestSpec_To_operators_PackageManifestSpec(a.(*PackageManifestSpec), b.(*operators.PackageManifestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifestSpec)(nil), (*PackageManifestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifestSpec_To_v1_PackageManifestSpec(a.(*operators.PackageManifestSpec), b.(*PackageManifestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*PackageManifestStatus)(nil), (*operators.PackageManifestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1_PackageManifestStatus_To_operators_PackageManifestStatus(a.(*PackageManifestStatus), b.(*operators.PackageManifestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*operators.PackageManifestStatus)(nil), (*PackageManifestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_operators_PackageManifestStatus_To_v1_PackageManifestStatus(a.(*operators.PackageManifestStatus), b.(*PackageManifestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1_AppLink_To_operators_AppLink(in *AppLink, out *operators.AppLink, s conversion.Scope) error { + out.Name = in.Name + out.URL = in.URL + return nil +} + +// Convert_v1_AppLink_To_operators_AppLink is an autogenerated conversion function. +func Convert_v1_AppLink_To_operators_AppLink(in *AppLink, out *operators.AppLink, s conversion.Scope) error { + return autoConvert_v1_AppLink_To_operators_AppLink(in, out, s) +} + +func autoConvert_operators_AppLink_To_v1_AppLink(in *operators.AppLink, out *AppLink, s conversion.Scope) error { + out.Name = in.Name + out.URL = in.URL + return nil +} + +// Convert_operators_AppLink_To_v1_AppLink is an autogenerated conversion function. +func Convert_operators_AppLink_To_v1_AppLink(in *operators.AppLink, out *AppLink, s conversion.Scope) error { + return autoConvert_operators_AppLink_To_v1_AppLink(in, out, s) +} + +func autoConvert_v1_CSVDescription_To_operators_CSVDescription(in *CSVDescription, out *operators.CSVDescription, s conversion.Scope) error { + out.DisplayName = in.DisplayName + out.Icon = *(*[]operators.Icon)(unsafe.Pointer(&in.Icon)) + out.Version = in.Version + if err := Convert_v1_AppLink_To_operators_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations)) + out.LongDescription = in.LongDescription + out.InstallModes = *(*[]v1alpha1.InstallMode)(unsafe.Pointer(&in.InstallModes)) + out.CustomResourceDefinitions = in.CustomResourceDefinitions + out.APIServiceDefinitions = in.APIServiceDefinitions + return nil +} + +// Convert_v1_CSVDescription_To_operators_CSVDescription is an autogenerated conversion function. +func Convert_v1_CSVDescription_To_operators_CSVDescription(in *CSVDescription, out *operators.CSVDescription, s conversion.Scope) error { + return autoConvert_v1_CSVDescription_To_operators_CSVDescription(in, out, s) +} + +func autoConvert_operators_CSVDescription_To_v1_CSVDescription(in *operators.CSVDescription, out *CSVDescription, s conversion.Scope) error { + out.DisplayName = in.DisplayName + out.Icon = *(*[]Icon)(unsafe.Pointer(&in.Icon)) + out.Version = in.Version + if err := Convert_operators_AppLink_To_v1_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations)) + out.LongDescription = in.LongDescription + out.InstallModes = *(*[]v1alpha1.InstallMode)(unsafe.Pointer(&in.InstallModes)) + out.CustomResourceDefinitions = in.CustomResourceDefinitions + out.APIServiceDefinitions = in.APIServiceDefinitions + return nil +} + +// Convert_operators_CSVDescription_To_v1_CSVDescription is an autogenerated conversion function. +func Convert_operators_CSVDescription_To_v1_CSVDescription(in *operators.CSVDescription, out *CSVDescription, s conversion.Scope) error { + return autoConvert_operators_CSVDescription_To_v1_CSVDescription(in, out, s) +} + +func autoConvert_v1_Icon_To_operators_Icon(in *Icon, out *operators.Icon, s conversion.Scope) error { + out.Base64Data = in.Base64Data + out.Mediatype = in.Mediatype + return nil +} + +// Convert_v1_Icon_To_operators_Icon is an autogenerated conversion function. +func Convert_v1_Icon_To_operators_Icon(in *Icon, out *operators.Icon, s conversion.Scope) error { + return autoConvert_v1_Icon_To_operators_Icon(in, out, s) +} + +func autoConvert_operators_Icon_To_v1_Icon(in *operators.Icon, out *Icon, s conversion.Scope) error { + out.Base64Data = in.Base64Data + out.Mediatype = in.Mediatype + return nil +} + +// Convert_operators_Icon_To_v1_Icon is an autogenerated conversion function. +func Convert_operators_Icon_To_v1_Icon(in *operators.Icon, out *Icon, s conversion.Scope) error { + return autoConvert_operators_Icon_To_v1_Icon(in, out, s) +} + +func autoConvert_v1_PackageChannel_To_operators_PackageChannel(in *PackageChannel, out *operators.PackageChannel, s conversion.Scope) error { + out.Name = in.Name + out.CurrentCSV = in.CurrentCSV + if err := Convert_v1_CSVDescription_To_operators_CSVDescription(&in.CurrentCSVDesc, &out.CurrentCSVDesc, s); err != nil { + return err + } + return nil +} + +// Convert_v1_PackageChannel_To_operators_PackageChannel is an autogenerated conversion function. +func Convert_v1_PackageChannel_To_operators_PackageChannel(in *PackageChannel, out *operators.PackageChannel, s conversion.Scope) error { + return autoConvert_v1_PackageChannel_To_operators_PackageChannel(in, out, s) +} + +func autoConvert_operators_PackageChannel_To_v1_PackageChannel(in *operators.PackageChannel, out *PackageChannel, s conversion.Scope) error { + out.Name = in.Name + out.CurrentCSV = in.CurrentCSV + if err := Convert_operators_CSVDescription_To_v1_CSVDescription(&in.CurrentCSVDesc, &out.CurrentCSVDesc, s); err != nil { + return err + } + return nil +} + +// Convert_operators_PackageChannel_To_v1_PackageChannel is an autogenerated conversion function. +func Convert_operators_PackageChannel_To_v1_PackageChannel(in *operators.PackageChannel, out *PackageChannel, s conversion.Scope) error { + return autoConvert_operators_PackageChannel_To_v1_PackageChannel(in, out, s) +} + +func autoConvert_v1_PackageManifest_To_operators_PackageManifest(in *PackageManifest, out *operators.PackageManifest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1_PackageManifestSpec_To_operators_PackageManifestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1_PackageManifestStatus_To_operators_PackageManifestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1_PackageManifest_To_operators_PackageManifest is an autogenerated conversion function. +func Convert_v1_PackageManifest_To_operators_PackageManifest(in *PackageManifest, out *operators.PackageManifest, s conversion.Scope) error { + return autoConvert_v1_PackageManifest_To_operators_PackageManifest(in, out, s) +} + +func autoConvert_operators_PackageManifest_To_v1_PackageManifest(in *operators.PackageManifest, out *PackageManifest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_operators_PackageManifestSpec_To_v1_PackageManifestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_operators_PackageManifestStatus_To_v1_PackageManifestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_operators_PackageManifest_To_v1_PackageManifest is an autogenerated conversion function. +func Convert_operators_PackageManifest_To_v1_PackageManifest(in *operators.PackageManifest, out *PackageManifest, s conversion.Scope) error { + return autoConvert_operators_PackageManifest_To_v1_PackageManifest(in, out, s) +} + +func autoConvert_v1_PackageManifestList_To_operators_PackageManifestList(in *PackageManifestList, out *operators.PackageManifestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]operators.PackageManifest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1_PackageManifestList_To_operators_PackageManifestList is an autogenerated conversion function. +func Convert_v1_PackageManifestList_To_operators_PackageManifestList(in *PackageManifestList, out *operators.PackageManifestList, s conversion.Scope) error { + return autoConvert_v1_PackageManifestList_To_operators_PackageManifestList(in, out, s) +} + +func autoConvert_operators_PackageManifestList_To_v1_PackageManifestList(in *operators.PackageManifestList, out *PackageManifestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]PackageManifest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_operators_PackageManifestList_To_v1_PackageManifestList is an autogenerated conversion function. +func Convert_operators_PackageManifestList_To_v1_PackageManifestList(in *operators.PackageManifestList, out *PackageManifestList, s conversion.Scope) error { + return autoConvert_operators_PackageManifestList_To_v1_PackageManifestList(in, out, s) +} + +func autoConvert_v1_PackageManifestSpec_To_operators_PackageManifestSpec(in *PackageManifestSpec, out *operators.PackageManifestSpec, s conversion.Scope) error { + return nil +} + +// Convert_v1_PackageManifestSpec_To_operators_PackageManifestSpec is an autogenerated conversion function. +func Convert_v1_PackageManifestSpec_To_operators_PackageManifestSpec(in *PackageManifestSpec, out *operators.PackageManifestSpec, s conversion.Scope) error { + return autoConvert_v1_PackageManifestSpec_To_operators_PackageManifestSpec(in, out, s) +} + +func autoConvert_operators_PackageManifestSpec_To_v1_PackageManifestSpec(in *operators.PackageManifestSpec, out *PackageManifestSpec, s conversion.Scope) error { + return nil +} + +// Convert_operators_PackageManifestSpec_To_v1_PackageManifestSpec is an autogenerated conversion function. +func Convert_operators_PackageManifestSpec_To_v1_PackageManifestSpec(in *operators.PackageManifestSpec, out *PackageManifestSpec, s conversion.Scope) error { + return autoConvert_operators_PackageManifestSpec_To_v1_PackageManifestSpec(in, out, s) +} + +func autoConvert_v1_PackageManifestStatus_To_operators_PackageManifestStatus(in *PackageManifestStatus, out *operators.PackageManifestStatus, s conversion.Scope) error { + out.CatalogSource = in.CatalogSource + out.CatalogSourceDisplayName = in.CatalogSourceDisplayName + out.CatalogSourcePublisher = in.CatalogSourcePublisher + out.CatalogSourceNamespace = in.CatalogSourceNamespace + if err := Convert_v1_AppLink_To_operators_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.PackageName = in.PackageName + out.Channels = *(*[]operators.PackageChannel)(unsafe.Pointer(&in.Channels)) + out.DefaultChannel = in.DefaultChannel + return nil +} + +// Convert_v1_PackageManifestStatus_To_operators_PackageManifestStatus is an autogenerated conversion function. +func Convert_v1_PackageManifestStatus_To_operators_PackageManifestStatus(in *PackageManifestStatus, out *operators.PackageManifestStatus, s conversion.Scope) error { + return autoConvert_v1_PackageManifestStatus_To_operators_PackageManifestStatus(in, out, s) +} + +func autoConvert_operators_PackageManifestStatus_To_v1_PackageManifestStatus(in *operators.PackageManifestStatus, out *PackageManifestStatus, s conversion.Scope) error { + out.CatalogSource = in.CatalogSource + out.CatalogSourceDisplayName = in.CatalogSourceDisplayName + out.CatalogSourcePublisher = in.CatalogSourcePublisher + out.CatalogSourceNamespace = in.CatalogSourceNamespace + if err := Convert_operators_AppLink_To_v1_AppLink(&in.Provider, &out.Provider, s); err != nil { + return err + } + out.PackageName = in.PackageName + out.Channels = *(*[]PackageChannel)(unsafe.Pointer(&in.Channels)) + out.DefaultChannel = in.DefaultChannel + return nil +} + +// Convert_operators_PackageManifestStatus_To_v1_PackageManifestStatus is an autogenerated conversion function. +func Convert_operators_PackageManifestStatus_To_v1_PackageManifestStatus(in *operators.PackageManifestStatus, out *PackageManifestStatus, s conversion.Scope) error { + return autoConvert_operators_PackageManifestStatus_To_v1_PackageManifestStatus(in, out, s) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.deepcopy.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.deepcopy.go new file mode 100644 index 000000000..b333feb07 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.deepcopy.go @@ -0,0 +1,213 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AppLink) DeepCopyInto(out *AppLink) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppLink. +func (in *AppLink) DeepCopy() *AppLink { + if in == nil { + return nil + } + out := new(AppLink) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CSVDescription) DeepCopyInto(out *CSVDescription) { + *out = *in + if in.Icon != nil { + in, out := &in.Icon, &out.Icon + *out = make([]Icon, len(*in)) + copy(*out, *in) + } + in.Version.DeepCopyInto(&out.Version) + out.Provider = in.Provider + if in.Annotations != nil { + in, out := &in.Annotations, &out.Annotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.InstallModes != nil { + in, out := &in.InstallModes, &out.InstallModes + *out = make([]v1alpha1.InstallMode, len(*in)) + copy(*out, *in) + } + in.CustomResourceDefinitions.DeepCopyInto(&out.CustomResourceDefinitions) + in.APIServiceDefinitions.DeepCopyInto(&out.APIServiceDefinitions) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSVDescription. +func (in *CSVDescription) DeepCopy() *CSVDescription { + if in == nil { + return nil + } + out := new(CSVDescription) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Icon) DeepCopyInto(out *Icon) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Icon. +func (in *Icon) DeepCopy() *Icon { + if in == nil { + return nil + } + out := new(Icon) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageChannel) DeepCopyInto(out *PackageChannel) { + *out = *in + in.CurrentCSVDesc.DeepCopyInto(&out.CurrentCSVDesc) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageChannel. +func (in *PackageChannel) DeepCopy() *PackageChannel { + if in == nil { + return nil + } + out := new(PackageChannel) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifest) DeepCopyInto(out *PackageManifest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifest. +func (in *PackageManifest) DeepCopy() *PackageManifest { + if in == nil { + return nil + } + out := new(PackageManifest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PackageManifest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestList) DeepCopyInto(out *PackageManifestList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PackageManifest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestList. +func (in *PackageManifestList) DeepCopy() *PackageManifestList { + if in == nil { + return nil + } + out := new(PackageManifestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PackageManifestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestSpec) DeepCopyInto(out *PackageManifestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestSpec. +func (in *PackageManifestSpec) DeepCopy() *PackageManifestSpec { + if in == nil { + return nil + } + out := new(PackageManifestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestStatus) DeepCopyInto(out *PackageManifestStatus) { + *out = *in + out.Provider = in.Provider + if in.Channels != nil { + in, out := &in.Channels, &out.Channels + *out = make([]PackageChannel, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestStatus. +func (in *PackageManifestStatus) DeepCopy() *PackageManifestStatus { + if in == nil { + return nil + } + out := new(PackageManifestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.defaults.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.defaults.go new file mode 100644 index 000000000..41c150b3b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1/zz_generated.defaults.go @@ -0,0 +1,32 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/zz_generated.deepcopy.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/zz_generated.deepcopy.go new file mode 100644 index 000000000..a2c56b1a9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/zz_generated.deepcopy.go @@ -0,0 +1,213 @@ +// +build !ignore_autogenerated + +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package operators + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AppLink) DeepCopyInto(out *AppLink) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppLink. +func (in *AppLink) DeepCopy() *AppLink { + if in == nil { + return nil + } + out := new(AppLink) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CSVDescription) DeepCopyInto(out *CSVDescription) { + *out = *in + if in.Icon != nil { + in, out := &in.Icon, &out.Icon + *out = make([]Icon, len(*in)) + copy(*out, *in) + } + in.Version.DeepCopyInto(&out.Version) + out.Provider = in.Provider + if in.Annotations != nil { + in, out := &in.Annotations, &out.Annotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.InstallModes != nil { + in, out := &in.InstallModes, &out.InstallModes + *out = make([]v1alpha1.InstallMode, len(*in)) + copy(*out, *in) + } + in.CustomResourceDefinitions.DeepCopyInto(&out.CustomResourceDefinitions) + in.APIServiceDefinitions.DeepCopyInto(&out.APIServiceDefinitions) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSVDescription. +func (in *CSVDescription) DeepCopy() *CSVDescription { + if in == nil { + return nil + } + out := new(CSVDescription) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Icon) DeepCopyInto(out *Icon) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Icon. +func (in *Icon) DeepCopy() *Icon { + if in == nil { + return nil + } + out := new(Icon) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageChannel) DeepCopyInto(out *PackageChannel) { + *out = *in + in.CurrentCSVDesc.DeepCopyInto(&out.CurrentCSVDesc) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageChannel. +func (in *PackageChannel) DeepCopy() *PackageChannel { + if in == nil { + return nil + } + out := new(PackageChannel) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifest) DeepCopyInto(out *PackageManifest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifest. +func (in *PackageManifest) DeepCopy() *PackageManifest { + if in == nil { + return nil + } + out := new(PackageManifest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PackageManifest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestList) DeepCopyInto(out *PackageManifestList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PackageManifest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestList. +func (in *PackageManifestList) DeepCopy() *PackageManifestList { + if in == nil { + return nil + } + out := new(PackageManifestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PackageManifestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestSpec) DeepCopyInto(out *PackageManifestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestSpec. +func (in *PackageManifestSpec) DeepCopy() *PackageManifestSpec { + if in == nil { + return nil + } + out := new(PackageManifestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackageManifestStatus) DeepCopyInto(out *PackageManifestStatus) { + *out = *in + out.Provider = in.Provider + if in.Channels != nil { + in, out := &in.Channels, &out.Channels + *out = make([]PackageChannel, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageManifestStatus. +func (in *PackageManifestStatus) DeepCopy() *PackageManifestStatus { + if in == nil { + return nil + } + out := new(PackageManifestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/config.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/config.go new file mode 100644 index 000000000..0e497c29b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/config.go @@ -0,0 +1,74 @@ +// Copyright 2018 The Kubernetes Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package apiserver + +import ( + "strings" + + openapinamer "k8s.io/apiserver/pkg/endpoints/openapi" + genericapiserver "k8s.io/apiserver/pkg/server" + "k8s.io/client-go/informers" + + generatedopenapi "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/openapi" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/generic" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/version" +) + +// Config contains configuration for launching an instance of metrics-server. +type Config struct { + GenericConfig *genericapiserver.Config + ProviderConfig generic.ProviderConfig +} + +type completedConfig struct { + genericapiserver.CompletedConfig + ProviderConfig *generic.ProviderConfig +} + +// Complete fills in any fields not set that are required to have valid data. It's mutating the receiver. +func (c *Config) Complete(informers informers.SharedInformerFactory) completedConfig { + c.GenericConfig.Version = version.VersionInfo() + + // enable OpenAPI schemas + c.GenericConfig.OpenAPIConfig = genericapiserver.DefaultOpenAPIConfig(generatedopenapi.GetOpenAPIDefinitions, openapinamer.NewDefinitionNamer(generic.Scheme)) + c.GenericConfig.OpenAPIConfig.Info.Title = "Package API server" + c.GenericConfig.OpenAPIConfig.Info.Version = strings.Split(c.GenericConfig.Version.String(), "-")[0] + c.GenericConfig.SwaggerConfig = genericapiserver.DefaultSwaggerConfig() + + return completedConfig{ + CompletedConfig: c.GenericConfig.Complete(informers), + ProviderConfig: &c.ProviderConfig, + } +} + +type PackageManifestServer struct { + *genericapiserver.GenericAPIServer +} + +// New returns a new instance of MetricsServer from the given config. +func (c completedConfig) New() (*PackageManifestServer, error) { + genericServer, err := c.CompletedConfig.New("packagemanifest-server", genericapiserver.NewEmptyDelegate()) // completion is done in Complete, no need for a second time + if err != nil { + return nil, err + } + + if err := generic.InstallStorage(c.ProviderConfig, genericServer); err != nil { + return nil, err + } + + return &PackageManifestServer{ + GenericAPIServer: genericServer, + }, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/generic/storage.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/generic/storage.go new file mode 100644 index 000000000..daf129839 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/generic/storage.go @@ -0,0 +1,101 @@ +// Copyright 2018 The Kubernetes Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package generic + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/runtime/serializer" + utilerrors "k8s.io/apimachinery/pkg/util/errors" + "k8s.io/apiserver/pkg/registry/rest" + generic "k8s.io/apiserver/pkg/server" + + apps "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/install" + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/storage" +) + +var ( + // Scheme contains the types needed by the resource metrics API. + Scheme = runtime.NewScheme() + // Codecs is a codec factory for serving the resource metrics API. + Codecs = serializer.NewCodecFactory(Scheme) +) + +func init() { + operators.Install(Scheme) + apps.Install(Scheme) + + // we need to add the options to empty v1 + // TODO fix the server code to avoid this + metav1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + + // TODO: keep the generic API server from wanting this + unversioned := schema.GroupVersion{Group: "", Version: "v1"} + Scheme.AddUnversionedTypes(unversioned, + &metav1.Status{}, + &metav1.APIVersions{}, + &metav1.APIGroupList{}, + &metav1.APIGroup{}, + &metav1.APIResourceList{}, + ) +} + +// ProviderConfig holds the providers for packagemanifests. +type ProviderConfig struct { + Provider provider.PackageManifestProvider +} + +// BuildStorage constructs APIGroupInfo for the packages.apps.redhat.com and packages.operators.coreos.com API groups. +func BuildStorage(providers *ProviderConfig) []generic.APIGroupInfo { + + // Build storage for packages.operators.coreos.com + operatorInfo := generic.NewDefaultAPIGroupInfo(v1.Group, Scheme, metav1.ParameterCodec, Codecs) + operatorStorage := storage.NewStorage(v1.Resource("packagemanifests"), providers.Provider, Scheme) + operatorResources := map[string]rest.Storage{ + "packagemanifests": operatorStorage, + } + operatorInfo.VersionedResourcesStorageMap[v1.Version] = operatorResources + + // Build storage for packages.apps.redhat.com + appInfo := generic.NewDefaultAPIGroupInfo(v1alpha1.Group, Scheme, metav1.ParameterCodec, Codecs) + + // Use storage for package.operators.coreos.com since types are identical + appResources := map[string]rest.Storage{ + "packagemanifests": operatorStorage, + } + appInfo.VersionedResourcesStorageMap[v1alpha1.Version] = appResources + + return []generic.APIGroupInfo{ + operatorInfo, + appInfo, + } +} + +// InstallStorage builds the storage for the packages.apps.redhat.com and packages.operators.coreos.com API groups and then installs them into the given API server. +func InstallStorage(providers *ProviderConfig, server *generic.GenericAPIServer) error { + errs := []error{} + groups := BuildStorage(providers) + for i := 0; i < len(groups); i++ { + info := groups[i] + errs = append(errs, server.InstallAPIGroup(&info)) + } + + return utilerrors.NewAggregate(errs) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/client.go new file mode 100644 index 000000000..fb7455aea --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/client.go @@ -0,0 +1,16 @@ +package client + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" + "k8s.io/client-go/rest" +) + +// NewClient creates a client that can interact with the ALM resources in k8s api +func NewClient(kubeconfig string) (client versioned.Interface, err error) { + var config *rest.Config + config, err = getConfig(kubeconfig) + if err != nil { + return + } + return versioned.NewForConfig(config) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/clientset.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/clientset.go new file mode 100644 index 000000000..d5665e485 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/clientset.go @@ -0,0 +1,104 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + appsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion" + operatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + Apps() appsinternalversion.AppsInterface + Operators() operatorsinternalversion.OperatorsInterface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + apps *appsinternalversion.AppsClient + operators *operatorsinternalversion.OperatorsClient +} + +// Apps retrieves the AppsClient +func (c *Clientset) Apps() appsinternalversion.AppsInterface { + return c.apps +} + +// Operators retrieves the OperatorsClient +func (c *Clientset) Operators() operatorsinternalversion.OperatorsInterface { + return c.operators +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.apps, err = appsinternalversion.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.operators, err = operatorsinternalversion.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.apps = appsinternalversion.NewForConfigOrDie(c) + cs.operators = operatorsinternalversion.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.apps = appsinternalversion.New(c) + cs.operators = operatorsinternalversion.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/doc.go new file mode 100644 index 000000000..676a0fe25 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package internalversion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/clientset_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/clientset_generated.go new file mode 100644 index 000000000..16163f86b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/clientset_generated.go @@ -0,0 +1,84 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion" + appsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion" + fakeappsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/fake" + operatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion" + fakeoperatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +var _ clientset.Interface = &Clientset{} + +// Apps retrieves the AppsClient +func (c *Clientset) Apps() appsinternalversion.AppsInterface { + return &fakeappsinternalversion.FakeApps{Fake: &c.Fake} +} + +// Operators retrieves the OperatorsClient +func (c *Clientset) Operators() operatorsinternalversion.OperatorsInterface { + return &fakeoperatorsinternalversion.FakeOperators{Fake: &c.Fake} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/doc.go new file mode 100644 index 000000000..ee22a9450 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/register.go new file mode 100644 index 000000000..f687c9b2a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/fake/register.go @@ -0,0 +1,58 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + appsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps" + operatorsinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) +var parameterCodec = runtime.NewParameterCodec(scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + appsinternalversion.AddToScheme, + operatorsinternalversion.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme/doc.go new file mode 100644 index 000000000..25323d108 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme/register.go new file mode 100644 index 000000000..461b92382 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme/register.go @@ -0,0 +1,43 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + apps "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/install" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/install" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + Install(Scheme) +} + +// Install registers the API group and adds types to a scheme +func Install(scheme *runtime.Scheme) { + apps.Install(scheme) + operators.Install(scheme) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/apps_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/apps_client.go new file mode 100644 index 000000000..30a4702d7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/apps_client.go @@ -0,0 +1,91 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme" + rest "k8s.io/client-go/rest" +) + +type AppsInterface interface { + RESTClient() rest.Interface +} + +// AppsClient is used to interact with features provided by the apps group. +type AppsClient struct { + restClient rest.Interface +} + +// NewForConfig creates a new AppsClient for the given config. +func NewForConfig(c *rest.Config) (*AppsClient, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AppsClient{client}, nil +} + +// NewForConfigOrDie creates a new AppsClient for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AppsClient { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AppsClient for the given RESTClient. +func New(c rest.Interface) *AppsClient { + return &AppsClient{c} +} + +func setConfigDefaults(config *rest.Config) error { + config.APIPath = "/apis" + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + if config.GroupVersion == nil || config.GroupVersion.Group != scheme.Scheme.PrioritizedVersionsForGroup("apps")[0].Group { + gv := scheme.Scheme.PrioritizedVersionsForGroup("apps")[0] + config.GroupVersion = &gv + } + config.NegotiatedSerializer = scheme.Codecs + + if config.QPS == 0 { + config.QPS = 5 + } + if config.Burst == 0 { + config.Burst = 10 + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AppsClient) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/doc.go new file mode 100644 index 000000000..8be96d732 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package internalversion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/fake/doc.go new file mode 100644 index 000000000..da6f0eb8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/fake/fake_apps_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/fake/fake_apps_client.go new file mode 100644 index 000000000..b9de320cc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/fake/fake_apps_client.go @@ -0,0 +1,35 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeApps struct { + *testing.Fake +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeApps) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/generated_expansion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/generated_expansion.go new file mode 100644 index 000000000..1ffc8deb0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/apps/internalversion/generated_expansion.go @@ -0,0 +1,19 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/doc.go new file mode 100644 index 000000000..8be96d732 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package internalversion diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/doc.go new file mode 100644 index 000000000..da6f0eb8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operators_client.go new file mode 100644 index 000000000..cebcdcda8 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/fake_operators_client.go @@ -0,0 +1,40 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeOperators struct { + *testing.Fake +} + +func (c *FakeOperators) PackageManifests(namespace string) internalversion.PackageManifestInterface { + return &FakePackageManifests{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeOperators) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/fake_packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/fake_packagemanifest.go new file mode 100644 index 000000000..d57470add --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/fake/fake_packagemanifest.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakePackageManifests implements PackageManifestInterface +type FakePackageManifests struct { + Fake *FakeOperators + ns string +} + +var packagemanifestsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "", Resource: "packagemanifests"} + +var packagemanifestsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "", Kind: "PackageManifest"} + +// Get takes name of the packageManifest, and returns the corresponding packageManifest object, and an error if there is any. +func (c *FakePackageManifests) Get(name string, options v1.GetOptions) (result *operators.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(packagemanifestsResource, c.ns, name), &operators.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.PackageManifest), err +} + +// List takes label and field selectors, and returns the list of PackageManifests that match those selectors. +func (c *FakePackageManifests) List(opts v1.ListOptions) (result *operators.PackageManifestList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(packagemanifestsResource, packagemanifestsKind, c.ns, opts), &operators.PackageManifestList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operators.PackageManifestList{ListMeta: obj.(*operators.PackageManifestList).ListMeta} + for _, item := range obj.(*operators.PackageManifestList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested packageManifests. +func (c *FakePackageManifests) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(packagemanifestsResource, c.ns, opts)) + +} + +// Create takes the representation of a packageManifest and creates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *FakePackageManifests) Create(packageManifest *operators.PackageManifest) (result *operators.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(packagemanifestsResource, c.ns, packageManifest), &operators.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.PackageManifest), err +} + +// Update takes the representation of a packageManifest and updates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *FakePackageManifests) Update(packageManifest *operators.PackageManifest) (result *operators.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(packagemanifestsResource, c.ns, packageManifest), &operators.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.PackageManifest), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakePackageManifests) UpdateStatus(packageManifest *operators.PackageManifest) (*operators.PackageManifest, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(packagemanifestsResource, "status", c.ns, packageManifest), &operators.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.PackageManifest), err +} + +// Delete takes name of the packageManifest and deletes it. Returns an error if one occurs. +func (c *FakePackageManifests) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(packagemanifestsResource, c.ns, name), &operators.PackageManifest{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakePackageManifests) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(packagemanifestsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operators.PackageManifestList{}) + return err +} + +// Patch applies the patch and returns the patched packageManifest. +func (c *FakePackageManifests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(packagemanifestsResource, c.ns, name, data, subresources...), &operators.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operators.PackageManifest), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/generated_expansion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/generated_expansion.go new file mode 100644 index 000000000..1b4155141 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +type PackageManifestExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/operators_client.go new file mode 100644 index 000000000..6107bdb52 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/operators_client.go @@ -0,0 +1,96 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme" + rest "k8s.io/client-go/rest" +) + +type OperatorsInterface interface { + RESTClient() rest.Interface + PackageManifestsGetter +} + +// OperatorsClient is used to interact with features provided by the operators.coreos.com group. +type OperatorsClient struct { + restClient rest.Interface +} + +func (c *OperatorsClient) PackageManifests(namespace string) PackageManifestInterface { + return newPackageManifests(c, namespace) +} + +// NewForConfig creates a new OperatorsClient for the given config. +func NewForConfig(c *rest.Config) (*OperatorsClient, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &OperatorsClient{client}, nil +} + +// NewForConfigOrDie creates a new OperatorsClient for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *OperatorsClient { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new OperatorsClient for the given RESTClient. +func New(c rest.Interface) *OperatorsClient { + return &OperatorsClient{c} +} + +func setConfigDefaults(config *rest.Config) error { + config.APIPath = "/apis" + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + if config.GroupVersion == nil || config.GroupVersion.Group != scheme.Scheme.PrioritizedVersionsForGroup("operators.coreos.com")[0].Group { + gv := scheme.Scheme.PrioritizedVersionsForGroup("operators.coreos.com")[0] + config.GroupVersion = &gv + } + config.NegotiatedSerializer = scheme.Codecs + + if config.QPS == 0 { + config.QPS = 5 + } + if config.Burst == 0 { + config.Burst = 10 + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *OperatorsClient) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/packagemanifest.go new file mode 100644 index 000000000..e871c35e6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/typed/operators/internalversion/packagemanifest.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// PackageManifestsGetter has a method to return a PackageManifestInterface. +// A group's client should implement this interface. +type PackageManifestsGetter interface { + PackageManifests(namespace string) PackageManifestInterface +} + +// PackageManifestInterface has methods to work with PackageManifest resources. +type PackageManifestInterface interface { + Create(*operators.PackageManifest) (*operators.PackageManifest, error) + Update(*operators.PackageManifest) (*operators.PackageManifest, error) + UpdateStatus(*operators.PackageManifest) (*operators.PackageManifest, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*operators.PackageManifest, error) + List(opts v1.ListOptions) (*operators.PackageManifestList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.PackageManifest, err error) + PackageManifestExpansion +} + +// packageManifests implements PackageManifestInterface +type packageManifests struct { + client rest.Interface + ns string +} + +// newPackageManifests returns a PackageManifests +func newPackageManifests(c *OperatorsClient, namespace string) *packageManifests { + return &packageManifests{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the packageManifest, and returns the corresponding packageManifest object, and an error if there is any. +func (c *packageManifests) Get(name string, options v1.GetOptions) (result *operators.PackageManifest, err error) { + result = &operators.PackageManifest{} + err = c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of PackageManifests that match those selectors. +func (c *packageManifests) List(opts v1.ListOptions) (result *operators.PackageManifestList, err error) { + result = &operators.PackageManifestList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested packageManifests. +func (c *packageManifests) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a packageManifest and creates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *packageManifests) Create(packageManifest *operators.PackageManifest) (result *operators.PackageManifest, err error) { + result = &operators.PackageManifest{} + err = c.client.Post(). + Namespace(c.ns). + Resource("packagemanifests"). + Body(packageManifest). + Do(). + Into(result) + return +} + +// Update takes the representation of a packageManifest and updates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *packageManifests) Update(packageManifest *operators.PackageManifest) (result *operators.PackageManifest, err error) { + result = &operators.PackageManifest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(packageManifest.Name). + Body(packageManifest). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *packageManifests) UpdateStatus(packageManifest *operators.PackageManifest) (result *operators.PackageManifest, err error) { + result = &operators.PackageManifest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(packageManifest.Name). + SubResource("status"). + Body(packageManifest). + Do(). + Into(result) + return +} + +// Delete takes name of the packageManifest and deletes it. Returns an error if one occurs. +func (c *packageManifests) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *packageManifests) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched packageManifest. +func (c *packageManifests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operators.PackageManifest, err error) { + result = &operators.PackageManifest{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("packagemanifests"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/clientset.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/clientset.go new file mode 100644 index 000000000..b2e607639 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/clientset.go @@ -0,0 +1,120 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + appsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1" + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + AppsV1alpha1() appsv1alpha1.AppsV1alpha1Interface + // Deprecated: please explicitly pick a version if possible. + Apps() appsv1alpha1.AppsV1alpha1Interface + OperatorsV1() operatorsv1.OperatorsV1Interface + // Deprecated: please explicitly pick a version if possible. + Operators() operatorsv1.OperatorsV1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + appsV1alpha1 *appsv1alpha1.AppsV1alpha1Client + operatorsV1 *operatorsv1.OperatorsV1Client +} + +// AppsV1alpha1 retrieves the AppsV1alpha1Client +func (c *Clientset) AppsV1alpha1() appsv1alpha1.AppsV1alpha1Interface { + return c.appsV1alpha1 +} + +// Deprecated: Apps retrieves the default version of AppsClient. +// Please explicitly pick a version. +func (c *Clientset) Apps() appsv1alpha1.AppsV1alpha1Interface { + return c.appsV1alpha1 +} + +// OperatorsV1 retrieves the OperatorsV1Client +func (c *Clientset) OperatorsV1() operatorsv1.OperatorsV1Interface { + return c.operatorsV1 +} + +// Deprecated: Operators retrieves the default version of OperatorsClient. +// Please explicitly pick a version. +func (c *Clientset) Operators() operatorsv1.OperatorsV1Interface { + return c.operatorsV1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.appsV1alpha1, err = appsv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.operatorsV1, err = operatorsv1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.appsV1alpha1 = appsv1alpha1.NewForConfigOrDie(c) + cs.operatorsV1 = operatorsv1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.appsV1alpha1 = appsv1alpha1.New(c) + cs.operatorsV1 = operatorsv1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/doc.go new file mode 100644 index 000000000..b51d8e686 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/clientset_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 000000000..937deac72 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" + appsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1" + fakeappsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake" + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1" + fakeoperatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +var _ clientset.Interface = &Clientset{} + +// AppsV1alpha1 retrieves the AppsV1alpha1Client +func (c *Clientset) AppsV1alpha1() appsv1alpha1.AppsV1alpha1Interface { + return &fakeappsv1alpha1.FakeAppsV1alpha1{Fake: &c.Fake} +} + +// Apps retrieves the AppsV1alpha1Client +func (c *Clientset) Apps() appsv1alpha1.AppsV1alpha1Interface { + return &fakeappsv1alpha1.FakeAppsV1alpha1{Fake: &c.Fake} +} + +// OperatorsV1 retrieves the OperatorsV1Client +func (c *Clientset) OperatorsV1() operatorsv1.OperatorsV1Interface { + return &fakeoperatorsv1.FakeOperatorsV1{Fake: &c.Fake} +} + +// Operators retrieves the OperatorsV1Client +func (c *Clientset) Operators() operatorsv1.OperatorsV1Interface { + return &fakeoperatorsv1.FakeOperatorsV1{Fake: &c.Fake} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/doc.go new file mode 100644 index 000000000..ee22a9450 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/register.go new file mode 100644 index 000000000..be8abde6b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/fake/register.go @@ -0,0 +1,58 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + appsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) +var parameterCodec = runtime.NewParameterCodec(scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + appsv1alpha1.AddToScheme, + operatorsv1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme/doc.go new file mode 100644 index 000000000..25323d108 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme/register.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme/register.go new file mode 100644 index 000000000..b0d4f1a21 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme/register.go @@ -0,0 +1,58 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + appsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + appsv1alpha1.AddToScheme, + operatorsv1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/apps_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/apps_client.go new file mode 100644 index 000000000..0a83b8680 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/apps_client.go @@ -0,0 +1,90 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + rest "k8s.io/client-go/rest" +) + +type AppsV1alpha1Interface interface { + RESTClient() rest.Interface + PackageManifestsGetter +} + +// AppsV1alpha1Client is used to interact with features provided by the apps.redhat.com group. +type AppsV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AppsV1alpha1Client) PackageManifests(namespace string) PackageManifestInterface { + return newPackageManifests(c, namespace) +} + +// NewForConfig creates a new AppsV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AppsV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AppsV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AppsV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AppsV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AppsV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AppsV1alpha1Client { + return &AppsV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AppsV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/doc.go new file mode 100644 index 000000000..06a90bb0e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/doc.go new file mode 100644 index 000000000..da6f0eb8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/fake_apps_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/fake_apps_client.go new file mode 100644 index 000000000..2e595ee22 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/fake_apps_client.go @@ -0,0 +1,40 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAppsV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAppsV1alpha1) PackageManifests(namespace string) v1alpha1.PackageManifestInterface { + return &FakePackageManifests{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAppsV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/fake_packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/fake_packagemanifest.go new file mode 100644 index 000000000..410385169 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/fake/fake_packagemanifest.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakePackageManifests implements PackageManifestInterface +type FakePackageManifests struct { + Fake *FakeAppsV1alpha1 + ns string +} + +var packagemanifestsResource = schema.GroupVersionResource{Group: "apps.redhat.com", Version: "v1alpha1", Resource: "packagemanifests"} + +var packagemanifestsKind = schema.GroupVersionKind{Group: "apps.redhat.com", Version: "v1alpha1", Kind: "PackageManifest"} + +// Get takes name of the packageManifest, and returns the corresponding packageManifest object, and an error if there is any. +func (c *FakePackageManifests) Get(name string, options v1.GetOptions) (result *v1alpha1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(packagemanifestsResource, c.ns, name), &v1alpha1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.PackageManifest), err +} + +// List takes label and field selectors, and returns the list of PackageManifests that match those selectors. +func (c *FakePackageManifests) List(opts v1.ListOptions) (result *v1alpha1.PackageManifestList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(packagemanifestsResource, packagemanifestsKind, c.ns, opts), &v1alpha1.PackageManifestList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.PackageManifestList{ListMeta: obj.(*v1alpha1.PackageManifestList).ListMeta} + for _, item := range obj.(*v1alpha1.PackageManifestList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested packageManifests. +func (c *FakePackageManifests) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(packagemanifestsResource, c.ns, opts)) + +} + +// Create takes the representation of a packageManifest and creates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *FakePackageManifests) Create(packageManifest *v1alpha1.PackageManifest) (result *v1alpha1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(packagemanifestsResource, c.ns, packageManifest), &v1alpha1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.PackageManifest), err +} + +// Update takes the representation of a packageManifest and updates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *FakePackageManifests) Update(packageManifest *v1alpha1.PackageManifest) (result *v1alpha1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(packagemanifestsResource, c.ns, packageManifest), &v1alpha1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.PackageManifest), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakePackageManifests) UpdateStatus(packageManifest *v1alpha1.PackageManifest) (*v1alpha1.PackageManifest, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(packagemanifestsResource, "status", c.ns, packageManifest), &v1alpha1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.PackageManifest), err +} + +// Delete takes name of the packageManifest and deletes it. Returns an error if one occurs. +func (c *FakePackageManifests) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(packagemanifestsResource, c.ns, name), &v1alpha1.PackageManifest{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakePackageManifests) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(packagemanifestsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.PackageManifestList{}) + return err +} + +// Patch applies the patch and returns the patched packageManifest. +func (c *FakePackageManifests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(packagemanifestsResource, c.ns, name, data, subresources...), &v1alpha1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.PackageManifest), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/generated_expansion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/generated_expansion.go new file mode 100644 index 000000000..0fc098da6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type PackageManifestExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/packagemanifest.go new file mode 100644 index 000000000..553be981f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/apps/v1alpha1/packagemanifest.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// PackageManifestsGetter has a method to return a PackageManifestInterface. +// A group's client should implement this interface. +type PackageManifestsGetter interface { + PackageManifests(namespace string) PackageManifestInterface +} + +// PackageManifestInterface has methods to work with PackageManifest resources. +type PackageManifestInterface interface { + Create(*v1alpha1.PackageManifest) (*v1alpha1.PackageManifest, error) + Update(*v1alpha1.PackageManifest) (*v1alpha1.PackageManifest, error) + UpdateStatus(*v1alpha1.PackageManifest) (*v1alpha1.PackageManifest, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.PackageManifest, error) + List(opts v1.ListOptions) (*v1alpha1.PackageManifestList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PackageManifest, err error) + PackageManifestExpansion +} + +// packageManifests implements PackageManifestInterface +type packageManifests struct { + client rest.Interface + ns string +} + +// newPackageManifests returns a PackageManifests +func newPackageManifests(c *AppsV1alpha1Client, namespace string) *packageManifests { + return &packageManifests{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the packageManifest, and returns the corresponding packageManifest object, and an error if there is any. +func (c *packageManifests) Get(name string, options v1.GetOptions) (result *v1alpha1.PackageManifest, err error) { + result = &v1alpha1.PackageManifest{} + err = c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of PackageManifests that match those selectors. +func (c *packageManifests) List(opts v1.ListOptions) (result *v1alpha1.PackageManifestList, err error) { + result = &v1alpha1.PackageManifestList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested packageManifests. +func (c *packageManifests) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a packageManifest and creates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *packageManifests) Create(packageManifest *v1alpha1.PackageManifest) (result *v1alpha1.PackageManifest, err error) { + result = &v1alpha1.PackageManifest{} + err = c.client.Post(). + Namespace(c.ns). + Resource("packagemanifests"). + Body(packageManifest). + Do(). + Into(result) + return +} + +// Update takes the representation of a packageManifest and updates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *packageManifests) Update(packageManifest *v1alpha1.PackageManifest) (result *v1alpha1.PackageManifest, err error) { + result = &v1alpha1.PackageManifest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(packageManifest.Name). + Body(packageManifest). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *packageManifests) UpdateStatus(packageManifest *v1alpha1.PackageManifest) (result *v1alpha1.PackageManifest, err error) { + result = &v1alpha1.PackageManifest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(packageManifest.Name). + SubResource("status"). + Body(packageManifest). + Do(). + Into(result) + return +} + +// Delete takes name of the packageManifest and deletes it. Returns an error if one occurs. +func (c *packageManifests) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *packageManifests) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched packageManifest. +func (c *packageManifests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PackageManifest, err error) { + result = &v1alpha1.PackageManifest{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("packagemanifests"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/doc.go new file mode 100644 index 000000000..00df41cd1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/doc.go new file mode 100644 index 000000000..da6f0eb8e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/fake_operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/fake_operators_client.go new file mode 100644 index 000000000..497b8e2c5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/fake_operators_client.go @@ -0,0 +1,40 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeOperatorsV1 struct { + *testing.Fake +} + +func (c *FakeOperatorsV1) PackageManifests(namespace string) v1.PackageManifestInterface { + return &FakePackageManifests{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeOperatorsV1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/fake_packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/fake_packagemanifest.go new file mode 100644 index 000000000..0e9b39791 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/fake/fake_packagemanifest.go @@ -0,0 +1,140 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakePackageManifests implements PackageManifestInterface +type FakePackageManifests struct { + Fake *FakeOperatorsV1 + ns string +} + +var packagemanifestsResource = schema.GroupVersionResource{Group: "operators.coreos.com", Version: "v1", Resource: "packagemanifests"} + +var packagemanifestsKind = schema.GroupVersionKind{Group: "operators.coreos.com", Version: "v1", Kind: "PackageManifest"} + +// Get takes name of the packageManifest, and returns the corresponding packageManifest object, and an error if there is any. +func (c *FakePackageManifests) Get(name string, options v1.GetOptions) (result *operatorsv1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(packagemanifestsResource, c.ns, name), &operatorsv1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.PackageManifest), err +} + +// List takes label and field selectors, and returns the list of PackageManifests that match those selectors. +func (c *FakePackageManifests) List(opts v1.ListOptions) (result *operatorsv1.PackageManifestList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(packagemanifestsResource, packagemanifestsKind, c.ns, opts), &operatorsv1.PackageManifestList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &operatorsv1.PackageManifestList{ListMeta: obj.(*operatorsv1.PackageManifestList).ListMeta} + for _, item := range obj.(*operatorsv1.PackageManifestList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested packageManifests. +func (c *FakePackageManifests) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(packagemanifestsResource, c.ns, opts)) + +} + +// Create takes the representation of a packageManifest and creates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *FakePackageManifests) Create(packageManifest *operatorsv1.PackageManifest) (result *operatorsv1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(packagemanifestsResource, c.ns, packageManifest), &operatorsv1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.PackageManifest), err +} + +// Update takes the representation of a packageManifest and updates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *FakePackageManifests) Update(packageManifest *operatorsv1.PackageManifest) (result *operatorsv1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(packagemanifestsResource, c.ns, packageManifest), &operatorsv1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.PackageManifest), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakePackageManifests) UpdateStatus(packageManifest *operatorsv1.PackageManifest) (*operatorsv1.PackageManifest, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(packagemanifestsResource, "status", c.ns, packageManifest), &operatorsv1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.PackageManifest), err +} + +// Delete takes name of the packageManifest and deletes it. Returns an error if one occurs. +func (c *FakePackageManifests) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(packagemanifestsResource, c.ns, name), &operatorsv1.PackageManifest{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakePackageManifests) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(packagemanifestsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &operatorsv1.PackageManifestList{}) + return err +} + +// Patch applies the patch and returns the patched packageManifest. +func (c *FakePackageManifests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *operatorsv1.PackageManifest, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(packagemanifestsResource, c.ns, name, data, subresources...), &operatorsv1.PackageManifest{}) + + if obj == nil { + return nil, err + } + return obj.(*operatorsv1.PackageManifest), err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/generated_expansion.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/generated_expansion.go new file mode 100644 index 000000000..eada72d93 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +type PackageManifestExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/operators_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/operators_client.go new file mode 100644 index 000000000..710bae77f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/operators_client.go @@ -0,0 +1,90 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + rest "k8s.io/client-go/rest" +) + +type OperatorsV1Interface interface { + RESTClient() rest.Interface + PackageManifestsGetter +} + +// OperatorsV1Client is used to interact with features provided by the operators.coreos.com group. +type OperatorsV1Client struct { + restClient rest.Interface +} + +func (c *OperatorsV1Client) PackageManifests(namespace string) PackageManifestInterface { + return newPackageManifests(c, namespace) +} + +// NewForConfig creates a new OperatorsV1Client for the given config. +func NewForConfig(c *rest.Config) (*OperatorsV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &OperatorsV1Client{client}, nil +} + +// NewForConfigOrDie creates a new OperatorsV1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *OperatorsV1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new OperatorsV1Client for the given RESTClient. +func New(c rest.Interface) *OperatorsV1Client { + return &OperatorsV1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *OperatorsV1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/packagemanifest.go new file mode 100644 index 000000000..ff0c326d9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/typed/operators/v1/packagemanifest.go @@ -0,0 +1,174 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + scheme "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// PackageManifestsGetter has a method to return a PackageManifestInterface. +// A group's client should implement this interface. +type PackageManifestsGetter interface { + PackageManifests(namespace string) PackageManifestInterface +} + +// PackageManifestInterface has methods to work with PackageManifest resources. +type PackageManifestInterface interface { + Create(*v1.PackageManifest) (*v1.PackageManifest, error) + Update(*v1.PackageManifest) (*v1.PackageManifest, error) + UpdateStatus(*v1.PackageManifest) (*v1.PackageManifest, error) + Delete(name string, options *metav1.DeleteOptions) error + DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error + Get(name string, options metav1.GetOptions) (*v1.PackageManifest, error) + List(opts metav1.ListOptions) (*v1.PackageManifestList, error) + Watch(opts metav1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.PackageManifest, err error) + PackageManifestExpansion +} + +// packageManifests implements PackageManifestInterface +type packageManifests struct { + client rest.Interface + ns string +} + +// newPackageManifests returns a PackageManifests +func newPackageManifests(c *OperatorsV1Client, namespace string) *packageManifests { + return &packageManifests{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the packageManifest, and returns the corresponding packageManifest object, and an error if there is any. +func (c *packageManifests) Get(name string, options metav1.GetOptions) (result *v1.PackageManifest, err error) { + result = &v1.PackageManifest{} + err = c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of PackageManifests that match those selectors. +func (c *packageManifests) List(opts metav1.ListOptions) (result *v1.PackageManifestList, err error) { + result = &v1.PackageManifestList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested packageManifests. +func (c *packageManifests) Watch(opts metav1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a packageManifest and creates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *packageManifests) Create(packageManifest *v1.PackageManifest) (result *v1.PackageManifest, err error) { + result = &v1.PackageManifest{} + err = c.client.Post(). + Namespace(c.ns). + Resource("packagemanifests"). + Body(packageManifest). + Do(). + Into(result) + return +} + +// Update takes the representation of a packageManifest and updates it. Returns the server's representation of the packageManifest, and an error, if there is any. +func (c *packageManifests) Update(packageManifest *v1.PackageManifest) (result *v1.PackageManifest, err error) { + result = &v1.PackageManifest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(packageManifest.Name). + Body(packageManifest). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *packageManifests) UpdateStatus(packageManifest *v1.PackageManifest) (result *v1.PackageManifest, err error) { + result = &v1.PackageManifest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(packageManifest.Name). + SubResource("status"). + Body(packageManifest). + Do(). + Into(result) + return +} + +// Delete takes name of the packageManifest and deletes it. Returns an error if one occurs. +func (c *packageManifests) Delete(name string, options *metav1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("packagemanifests"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *packageManifests) DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("packagemanifests"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched packageManifest. +func (c *packageManifests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.PackageManifest, err error) { + result = &v1.PackageManifest{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("packagemanifests"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/fakes/fake_registry_client.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/fakes/fake_registry_client.go new file mode 100644 index 000000000..61356922b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/fakes/fake_registry_client.go @@ -0,0 +1,777 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "context" + "sync" + + "github.com/operator-framework/operator-registry/pkg/api" + "google.golang.org/grpc" +) + +type FakeRegistryClient struct { + GetBundleStub func(context.Context, *api.GetBundleRequest, ...grpc.CallOption) (*api.Bundle, error) + getBundleMutex sync.RWMutex + getBundleArgsForCall []struct { + arg1 context.Context + arg2 *api.GetBundleRequest + arg3 []grpc.CallOption + } + getBundleReturns struct { + result1 *api.Bundle + result2 error + } + getBundleReturnsOnCall map[int]struct { + result1 *api.Bundle + result2 error + } + GetBundleForChannelStub func(context.Context, *api.GetBundleInChannelRequest, ...grpc.CallOption) (*api.Bundle, error) + getBundleForChannelMutex sync.RWMutex + getBundleForChannelArgsForCall []struct { + arg1 context.Context + arg2 *api.GetBundleInChannelRequest + arg3 []grpc.CallOption + } + getBundleForChannelReturns struct { + result1 *api.Bundle + result2 error + } + getBundleForChannelReturnsOnCall map[int]struct { + result1 *api.Bundle + result2 error + } + GetBundleThatReplacesStub func(context.Context, *api.GetReplacementRequest, ...grpc.CallOption) (*api.Bundle, error) + getBundleThatReplacesMutex sync.RWMutex + getBundleThatReplacesArgsForCall []struct { + arg1 context.Context + arg2 *api.GetReplacementRequest + arg3 []grpc.CallOption + } + getBundleThatReplacesReturns struct { + result1 *api.Bundle + result2 error + } + getBundleThatReplacesReturnsOnCall map[int]struct { + result1 *api.Bundle + result2 error + } + GetChannelEntriesThatProvideStub func(context.Context, *api.GetAllProvidersRequest, ...grpc.CallOption) (api.Registry_GetChannelEntriesThatProvideClient, error) + getChannelEntriesThatProvideMutex sync.RWMutex + getChannelEntriesThatProvideArgsForCall []struct { + arg1 context.Context + arg2 *api.GetAllProvidersRequest + arg3 []grpc.CallOption + } + getChannelEntriesThatProvideReturns struct { + result1 api.Registry_GetChannelEntriesThatProvideClient + result2 error + } + getChannelEntriesThatProvideReturnsOnCall map[int]struct { + result1 api.Registry_GetChannelEntriesThatProvideClient + result2 error + } + GetChannelEntriesThatReplaceStub func(context.Context, *api.GetAllReplacementsRequest, ...grpc.CallOption) (api.Registry_GetChannelEntriesThatReplaceClient, error) + getChannelEntriesThatReplaceMutex sync.RWMutex + getChannelEntriesThatReplaceArgsForCall []struct { + arg1 context.Context + arg2 *api.GetAllReplacementsRequest + arg3 []grpc.CallOption + } + getChannelEntriesThatReplaceReturns struct { + result1 api.Registry_GetChannelEntriesThatReplaceClient + result2 error + } + getChannelEntriesThatReplaceReturnsOnCall map[int]struct { + result1 api.Registry_GetChannelEntriesThatReplaceClient + result2 error + } + GetDefaultBundleThatProvidesStub func(context.Context, *api.GetDefaultProviderRequest, ...grpc.CallOption) (*api.Bundle, error) + getDefaultBundleThatProvidesMutex sync.RWMutex + getDefaultBundleThatProvidesArgsForCall []struct { + arg1 context.Context + arg2 *api.GetDefaultProviderRequest + arg3 []grpc.CallOption + } + getDefaultBundleThatProvidesReturns struct { + result1 *api.Bundle + result2 error + } + getDefaultBundleThatProvidesReturnsOnCall map[int]struct { + result1 *api.Bundle + result2 error + } + GetLatestChannelEntriesThatProvideStub func(context.Context, *api.GetLatestProvidersRequest, ...grpc.CallOption) (api.Registry_GetLatestChannelEntriesThatProvideClient, error) + getLatestChannelEntriesThatProvideMutex sync.RWMutex + getLatestChannelEntriesThatProvideArgsForCall []struct { + arg1 context.Context + arg2 *api.GetLatestProvidersRequest + arg3 []grpc.CallOption + } + getLatestChannelEntriesThatProvideReturns struct { + result1 api.Registry_GetLatestChannelEntriesThatProvideClient + result2 error + } + getLatestChannelEntriesThatProvideReturnsOnCall map[int]struct { + result1 api.Registry_GetLatestChannelEntriesThatProvideClient + result2 error + } + GetPackageStub func(context.Context, *api.GetPackageRequest, ...grpc.CallOption) (*api.Package, error) + getPackageMutex sync.RWMutex + getPackageArgsForCall []struct { + arg1 context.Context + arg2 *api.GetPackageRequest + arg3 []grpc.CallOption + } + getPackageReturns struct { + result1 *api.Package + result2 error + } + getPackageReturnsOnCall map[int]struct { + result1 *api.Package + result2 error + } + ListPackagesStub func(context.Context, *api.ListPackageRequest, ...grpc.CallOption) (api.Registry_ListPackagesClient, error) + listPackagesMutex sync.RWMutex + listPackagesArgsForCall []struct { + arg1 context.Context + arg2 *api.ListPackageRequest + arg3 []grpc.CallOption + } + listPackagesReturns struct { + result1 api.Registry_ListPackagesClient + result2 error + } + listPackagesReturnsOnCall map[int]struct { + result1 api.Registry_ListPackagesClient + result2 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeRegistryClient) GetBundle(arg1 context.Context, arg2 *api.GetBundleRequest, arg3 ...grpc.CallOption) (*api.Bundle, error) { + fake.getBundleMutex.Lock() + ret, specificReturn := fake.getBundleReturnsOnCall[len(fake.getBundleArgsForCall)] + fake.getBundleArgsForCall = append(fake.getBundleArgsForCall, struct { + arg1 context.Context + arg2 *api.GetBundleRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetBundle", []interface{}{arg1, arg2, arg3}) + fake.getBundleMutex.Unlock() + if fake.GetBundleStub != nil { + return fake.GetBundleStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getBundleReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetBundleCallCount() int { + fake.getBundleMutex.RLock() + defer fake.getBundleMutex.RUnlock() + return len(fake.getBundleArgsForCall) +} + +func (fake *FakeRegistryClient) GetBundleCalls(stub func(context.Context, *api.GetBundleRequest, ...grpc.CallOption) (*api.Bundle, error)) { + fake.getBundleMutex.Lock() + defer fake.getBundleMutex.Unlock() + fake.GetBundleStub = stub +} + +func (fake *FakeRegistryClient) GetBundleArgsForCall(i int) (context.Context, *api.GetBundleRequest, []grpc.CallOption) { + fake.getBundleMutex.RLock() + defer fake.getBundleMutex.RUnlock() + argsForCall := fake.getBundleArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetBundleReturns(result1 *api.Bundle, result2 error) { + fake.getBundleMutex.Lock() + defer fake.getBundleMutex.Unlock() + fake.GetBundleStub = nil + fake.getBundleReturns = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetBundleReturnsOnCall(i int, result1 *api.Bundle, result2 error) { + fake.getBundleMutex.Lock() + defer fake.getBundleMutex.Unlock() + fake.GetBundleStub = nil + if fake.getBundleReturnsOnCall == nil { + fake.getBundleReturnsOnCall = make(map[int]struct { + result1 *api.Bundle + result2 error + }) + } + fake.getBundleReturnsOnCall[i] = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetBundleForChannel(arg1 context.Context, arg2 *api.GetBundleInChannelRequest, arg3 ...grpc.CallOption) (*api.Bundle, error) { + fake.getBundleForChannelMutex.Lock() + ret, specificReturn := fake.getBundleForChannelReturnsOnCall[len(fake.getBundleForChannelArgsForCall)] + fake.getBundleForChannelArgsForCall = append(fake.getBundleForChannelArgsForCall, struct { + arg1 context.Context + arg2 *api.GetBundleInChannelRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetBundleForChannel", []interface{}{arg1, arg2, arg3}) + fake.getBundleForChannelMutex.Unlock() + if fake.GetBundleForChannelStub != nil { + return fake.GetBundleForChannelStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getBundleForChannelReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetBundleForChannelCallCount() int { + fake.getBundleForChannelMutex.RLock() + defer fake.getBundleForChannelMutex.RUnlock() + return len(fake.getBundleForChannelArgsForCall) +} + +func (fake *FakeRegistryClient) GetBundleForChannelCalls(stub func(context.Context, *api.GetBundleInChannelRequest, ...grpc.CallOption) (*api.Bundle, error)) { + fake.getBundleForChannelMutex.Lock() + defer fake.getBundleForChannelMutex.Unlock() + fake.GetBundleForChannelStub = stub +} + +func (fake *FakeRegistryClient) GetBundleForChannelArgsForCall(i int) (context.Context, *api.GetBundleInChannelRequest, []grpc.CallOption) { + fake.getBundleForChannelMutex.RLock() + defer fake.getBundleForChannelMutex.RUnlock() + argsForCall := fake.getBundleForChannelArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetBundleForChannelReturns(result1 *api.Bundle, result2 error) { + fake.getBundleForChannelMutex.Lock() + defer fake.getBundleForChannelMutex.Unlock() + fake.GetBundleForChannelStub = nil + fake.getBundleForChannelReturns = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetBundleForChannelReturnsOnCall(i int, result1 *api.Bundle, result2 error) { + fake.getBundleForChannelMutex.Lock() + defer fake.getBundleForChannelMutex.Unlock() + fake.GetBundleForChannelStub = nil + if fake.getBundleForChannelReturnsOnCall == nil { + fake.getBundleForChannelReturnsOnCall = make(map[int]struct { + result1 *api.Bundle + result2 error + }) + } + fake.getBundleForChannelReturnsOnCall[i] = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetBundleThatReplaces(arg1 context.Context, arg2 *api.GetReplacementRequest, arg3 ...grpc.CallOption) (*api.Bundle, error) { + fake.getBundleThatReplacesMutex.Lock() + ret, specificReturn := fake.getBundleThatReplacesReturnsOnCall[len(fake.getBundleThatReplacesArgsForCall)] + fake.getBundleThatReplacesArgsForCall = append(fake.getBundleThatReplacesArgsForCall, struct { + arg1 context.Context + arg2 *api.GetReplacementRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetBundleThatReplaces", []interface{}{arg1, arg2, arg3}) + fake.getBundleThatReplacesMutex.Unlock() + if fake.GetBundleThatReplacesStub != nil { + return fake.GetBundleThatReplacesStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getBundleThatReplacesReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetBundleThatReplacesCallCount() int { + fake.getBundleThatReplacesMutex.RLock() + defer fake.getBundleThatReplacesMutex.RUnlock() + return len(fake.getBundleThatReplacesArgsForCall) +} + +func (fake *FakeRegistryClient) GetBundleThatReplacesCalls(stub func(context.Context, *api.GetReplacementRequest, ...grpc.CallOption) (*api.Bundle, error)) { + fake.getBundleThatReplacesMutex.Lock() + defer fake.getBundleThatReplacesMutex.Unlock() + fake.GetBundleThatReplacesStub = stub +} + +func (fake *FakeRegistryClient) GetBundleThatReplacesArgsForCall(i int) (context.Context, *api.GetReplacementRequest, []grpc.CallOption) { + fake.getBundleThatReplacesMutex.RLock() + defer fake.getBundleThatReplacesMutex.RUnlock() + argsForCall := fake.getBundleThatReplacesArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetBundleThatReplacesReturns(result1 *api.Bundle, result2 error) { + fake.getBundleThatReplacesMutex.Lock() + defer fake.getBundleThatReplacesMutex.Unlock() + fake.GetBundleThatReplacesStub = nil + fake.getBundleThatReplacesReturns = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetBundleThatReplacesReturnsOnCall(i int, result1 *api.Bundle, result2 error) { + fake.getBundleThatReplacesMutex.Lock() + defer fake.getBundleThatReplacesMutex.Unlock() + fake.GetBundleThatReplacesStub = nil + if fake.getBundleThatReplacesReturnsOnCall == nil { + fake.getBundleThatReplacesReturnsOnCall = make(map[int]struct { + result1 *api.Bundle + result2 error + }) + } + fake.getBundleThatReplacesReturnsOnCall[i] = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatProvide(arg1 context.Context, arg2 *api.GetAllProvidersRequest, arg3 ...grpc.CallOption) (api.Registry_GetChannelEntriesThatProvideClient, error) { + fake.getChannelEntriesThatProvideMutex.Lock() + ret, specificReturn := fake.getChannelEntriesThatProvideReturnsOnCall[len(fake.getChannelEntriesThatProvideArgsForCall)] + fake.getChannelEntriesThatProvideArgsForCall = append(fake.getChannelEntriesThatProvideArgsForCall, struct { + arg1 context.Context + arg2 *api.GetAllProvidersRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetChannelEntriesThatProvide", []interface{}{arg1, arg2, arg3}) + fake.getChannelEntriesThatProvideMutex.Unlock() + if fake.GetChannelEntriesThatProvideStub != nil { + return fake.GetChannelEntriesThatProvideStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getChannelEntriesThatProvideReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatProvideCallCount() int { + fake.getChannelEntriesThatProvideMutex.RLock() + defer fake.getChannelEntriesThatProvideMutex.RUnlock() + return len(fake.getChannelEntriesThatProvideArgsForCall) +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatProvideCalls(stub func(context.Context, *api.GetAllProvidersRequest, ...grpc.CallOption) (api.Registry_GetChannelEntriesThatProvideClient, error)) { + fake.getChannelEntriesThatProvideMutex.Lock() + defer fake.getChannelEntriesThatProvideMutex.Unlock() + fake.GetChannelEntriesThatProvideStub = stub +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatProvideArgsForCall(i int) (context.Context, *api.GetAllProvidersRequest, []grpc.CallOption) { + fake.getChannelEntriesThatProvideMutex.RLock() + defer fake.getChannelEntriesThatProvideMutex.RUnlock() + argsForCall := fake.getChannelEntriesThatProvideArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatProvideReturns(result1 api.Registry_GetChannelEntriesThatProvideClient, result2 error) { + fake.getChannelEntriesThatProvideMutex.Lock() + defer fake.getChannelEntriesThatProvideMutex.Unlock() + fake.GetChannelEntriesThatProvideStub = nil + fake.getChannelEntriesThatProvideReturns = struct { + result1 api.Registry_GetChannelEntriesThatProvideClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatProvideReturnsOnCall(i int, result1 api.Registry_GetChannelEntriesThatProvideClient, result2 error) { + fake.getChannelEntriesThatProvideMutex.Lock() + defer fake.getChannelEntriesThatProvideMutex.Unlock() + fake.GetChannelEntriesThatProvideStub = nil + if fake.getChannelEntriesThatProvideReturnsOnCall == nil { + fake.getChannelEntriesThatProvideReturnsOnCall = make(map[int]struct { + result1 api.Registry_GetChannelEntriesThatProvideClient + result2 error + }) + } + fake.getChannelEntriesThatProvideReturnsOnCall[i] = struct { + result1 api.Registry_GetChannelEntriesThatProvideClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatReplace(arg1 context.Context, arg2 *api.GetAllReplacementsRequest, arg3 ...grpc.CallOption) (api.Registry_GetChannelEntriesThatReplaceClient, error) { + fake.getChannelEntriesThatReplaceMutex.Lock() + ret, specificReturn := fake.getChannelEntriesThatReplaceReturnsOnCall[len(fake.getChannelEntriesThatReplaceArgsForCall)] + fake.getChannelEntriesThatReplaceArgsForCall = append(fake.getChannelEntriesThatReplaceArgsForCall, struct { + arg1 context.Context + arg2 *api.GetAllReplacementsRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetChannelEntriesThatReplace", []interface{}{arg1, arg2, arg3}) + fake.getChannelEntriesThatReplaceMutex.Unlock() + if fake.GetChannelEntriesThatReplaceStub != nil { + return fake.GetChannelEntriesThatReplaceStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getChannelEntriesThatReplaceReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatReplaceCallCount() int { + fake.getChannelEntriesThatReplaceMutex.RLock() + defer fake.getChannelEntriesThatReplaceMutex.RUnlock() + return len(fake.getChannelEntriesThatReplaceArgsForCall) +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatReplaceCalls(stub func(context.Context, *api.GetAllReplacementsRequest, ...grpc.CallOption) (api.Registry_GetChannelEntriesThatReplaceClient, error)) { + fake.getChannelEntriesThatReplaceMutex.Lock() + defer fake.getChannelEntriesThatReplaceMutex.Unlock() + fake.GetChannelEntriesThatReplaceStub = stub +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatReplaceArgsForCall(i int) (context.Context, *api.GetAllReplacementsRequest, []grpc.CallOption) { + fake.getChannelEntriesThatReplaceMutex.RLock() + defer fake.getChannelEntriesThatReplaceMutex.RUnlock() + argsForCall := fake.getChannelEntriesThatReplaceArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatReplaceReturns(result1 api.Registry_GetChannelEntriesThatReplaceClient, result2 error) { + fake.getChannelEntriesThatReplaceMutex.Lock() + defer fake.getChannelEntriesThatReplaceMutex.Unlock() + fake.GetChannelEntriesThatReplaceStub = nil + fake.getChannelEntriesThatReplaceReturns = struct { + result1 api.Registry_GetChannelEntriesThatReplaceClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetChannelEntriesThatReplaceReturnsOnCall(i int, result1 api.Registry_GetChannelEntriesThatReplaceClient, result2 error) { + fake.getChannelEntriesThatReplaceMutex.Lock() + defer fake.getChannelEntriesThatReplaceMutex.Unlock() + fake.GetChannelEntriesThatReplaceStub = nil + if fake.getChannelEntriesThatReplaceReturnsOnCall == nil { + fake.getChannelEntriesThatReplaceReturnsOnCall = make(map[int]struct { + result1 api.Registry_GetChannelEntriesThatReplaceClient + result2 error + }) + } + fake.getChannelEntriesThatReplaceReturnsOnCall[i] = struct { + result1 api.Registry_GetChannelEntriesThatReplaceClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetDefaultBundleThatProvides(arg1 context.Context, arg2 *api.GetDefaultProviderRequest, arg3 ...grpc.CallOption) (*api.Bundle, error) { + fake.getDefaultBundleThatProvidesMutex.Lock() + ret, specificReturn := fake.getDefaultBundleThatProvidesReturnsOnCall[len(fake.getDefaultBundleThatProvidesArgsForCall)] + fake.getDefaultBundleThatProvidesArgsForCall = append(fake.getDefaultBundleThatProvidesArgsForCall, struct { + arg1 context.Context + arg2 *api.GetDefaultProviderRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetDefaultBundleThatProvides", []interface{}{arg1, arg2, arg3}) + fake.getDefaultBundleThatProvidesMutex.Unlock() + if fake.GetDefaultBundleThatProvidesStub != nil { + return fake.GetDefaultBundleThatProvidesStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getDefaultBundleThatProvidesReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetDefaultBundleThatProvidesCallCount() int { + fake.getDefaultBundleThatProvidesMutex.RLock() + defer fake.getDefaultBundleThatProvidesMutex.RUnlock() + return len(fake.getDefaultBundleThatProvidesArgsForCall) +} + +func (fake *FakeRegistryClient) GetDefaultBundleThatProvidesCalls(stub func(context.Context, *api.GetDefaultProviderRequest, ...grpc.CallOption) (*api.Bundle, error)) { + fake.getDefaultBundleThatProvidesMutex.Lock() + defer fake.getDefaultBundleThatProvidesMutex.Unlock() + fake.GetDefaultBundleThatProvidesStub = stub +} + +func (fake *FakeRegistryClient) GetDefaultBundleThatProvidesArgsForCall(i int) (context.Context, *api.GetDefaultProviderRequest, []grpc.CallOption) { + fake.getDefaultBundleThatProvidesMutex.RLock() + defer fake.getDefaultBundleThatProvidesMutex.RUnlock() + argsForCall := fake.getDefaultBundleThatProvidesArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetDefaultBundleThatProvidesReturns(result1 *api.Bundle, result2 error) { + fake.getDefaultBundleThatProvidesMutex.Lock() + defer fake.getDefaultBundleThatProvidesMutex.Unlock() + fake.GetDefaultBundleThatProvidesStub = nil + fake.getDefaultBundleThatProvidesReturns = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetDefaultBundleThatProvidesReturnsOnCall(i int, result1 *api.Bundle, result2 error) { + fake.getDefaultBundleThatProvidesMutex.Lock() + defer fake.getDefaultBundleThatProvidesMutex.Unlock() + fake.GetDefaultBundleThatProvidesStub = nil + if fake.getDefaultBundleThatProvidesReturnsOnCall == nil { + fake.getDefaultBundleThatProvidesReturnsOnCall = make(map[int]struct { + result1 *api.Bundle + result2 error + }) + } + fake.getDefaultBundleThatProvidesReturnsOnCall[i] = struct { + result1 *api.Bundle + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetLatestChannelEntriesThatProvide(arg1 context.Context, arg2 *api.GetLatestProvidersRequest, arg3 ...grpc.CallOption) (api.Registry_GetLatestChannelEntriesThatProvideClient, error) { + fake.getLatestChannelEntriesThatProvideMutex.Lock() + ret, specificReturn := fake.getLatestChannelEntriesThatProvideReturnsOnCall[len(fake.getLatestChannelEntriesThatProvideArgsForCall)] + fake.getLatestChannelEntriesThatProvideArgsForCall = append(fake.getLatestChannelEntriesThatProvideArgsForCall, struct { + arg1 context.Context + arg2 *api.GetLatestProvidersRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetLatestChannelEntriesThatProvide", []interface{}{arg1, arg2, arg3}) + fake.getLatestChannelEntriesThatProvideMutex.Unlock() + if fake.GetLatestChannelEntriesThatProvideStub != nil { + return fake.GetLatestChannelEntriesThatProvideStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getLatestChannelEntriesThatProvideReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetLatestChannelEntriesThatProvideCallCount() int { + fake.getLatestChannelEntriesThatProvideMutex.RLock() + defer fake.getLatestChannelEntriesThatProvideMutex.RUnlock() + return len(fake.getLatestChannelEntriesThatProvideArgsForCall) +} + +func (fake *FakeRegistryClient) GetLatestChannelEntriesThatProvideCalls(stub func(context.Context, *api.GetLatestProvidersRequest, ...grpc.CallOption) (api.Registry_GetLatestChannelEntriesThatProvideClient, error)) { + fake.getLatestChannelEntriesThatProvideMutex.Lock() + defer fake.getLatestChannelEntriesThatProvideMutex.Unlock() + fake.GetLatestChannelEntriesThatProvideStub = stub +} + +func (fake *FakeRegistryClient) GetLatestChannelEntriesThatProvideArgsForCall(i int) (context.Context, *api.GetLatestProvidersRequest, []grpc.CallOption) { + fake.getLatestChannelEntriesThatProvideMutex.RLock() + defer fake.getLatestChannelEntriesThatProvideMutex.RUnlock() + argsForCall := fake.getLatestChannelEntriesThatProvideArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetLatestChannelEntriesThatProvideReturns(result1 api.Registry_GetLatestChannelEntriesThatProvideClient, result2 error) { + fake.getLatestChannelEntriesThatProvideMutex.Lock() + defer fake.getLatestChannelEntriesThatProvideMutex.Unlock() + fake.GetLatestChannelEntriesThatProvideStub = nil + fake.getLatestChannelEntriesThatProvideReturns = struct { + result1 api.Registry_GetLatestChannelEntriesThatProvideClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetLatestChannelEntriesThatProvideReturnsOnCall(i int, result1 api.Registry_GetLatestChannelEntriesThatProvideClient, result2 error) { + fake.getLatestChannelEntriesThatProvideMutex.Lock() + defer fake.getLatestChannelEntriesThatProvideMutex.Unlock() + fake.GetLatestChannelEntriesThatProvideStub = nil + if fake.getLatestChannelEntriesThatProvideReturnsOnCall == nil { + fake.getLatestChannelEntriesThatProvideReturnsOnCall = make(map[int]struct { + result1 api.Registry_GetLatestChannelEntriesThatProvideClient + result2 error + }) + } + fake.getLatestChannelEntriesThatProvideReturnsOnCall[i] = struct { + result1 api.Registry_GetLatestChannelEntriesThatProvideClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetPackage(arg1 context.Context, arg2 *api.GetPackageRequest, arg3 ...grpc.CallOption) (*api.Package, error) { + fake.getPackageMutex.Lock() + ret, specificReturn := fake.getPackageReturnsOnCall[len(fake.getPackageArgsForCall)] + fake.getPackageArgsForCall = append(fake.getPackageArgsForCall, struct { + arg1 context.Context + arg2 *api.GetPackageRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("GetPackage", []interface{}{arg1, arg2, arg3}) + fake.getPackageMutex.Unlock() + if fake.GetPackageStub != nil { + return fake.GetPackageStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.getPackageReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) GetPackageCallCount() int { + fake.getPackageMutex.RLock() + defer fake.getPackageMutex.RUnlock() + return len(fake.getPackageArgsForCall) +} + +func (fake *FakeRegistryClient) GetPackageCalls(stub func(context.Context, *api.GetPackageRequest, ...grpc.CallOption) (*api.Package, error)) { + fake.getPackageMutex.Lock() + defer fake.getPackageMutex.Unlock() + fake.GetPackageStub = stub +} + +func (fake *FakeRegistryClient) GetPackageArgsForCall(i int) (context.Context, *api.GetPackageRequest, []grpc.CallOption) { + fake.getPackageMutex.RLock() + defer fake.getPackageMutex.RUnlock() + argsForCall := fake.getPackageArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) GetPackageReturns(result1 *api.Package, result2 error) { + fake.getPackageMutex.Lock() + defer fake.getPackageMutex.Unlock() + fake.GetPackageStub = nil + fake.getPackageReturns = struct { + result1 *api.Package + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) GetPackageReturnsOnCall(i int, result1 *api.Package, result2 error) { + fake.getPackageMutex.Lock() + defer fake.getPackageMutex.Unlock() + fake.GetPackageStub = nil + if fake.getPackageReturnsOnCall == nil { + fake.getPackageReturnsOnCall = make(map[int]struct { + result1 *api.Package + result2 error + }) + } + fake.getPackageReturnsOnCall[i] = struct { + result1 *api.Package + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) ListPackages(arg1 context.Context, arg2 *api.ListPackageRequest, arg3 ...grpc.CallOption) (api.Registry_ListPackagesClient, error) { + fake.listPackagesMutex.Lock() + ret, specificReturn := fake.listPackagesReturnsOnCall[len(fake.listPackagesArgsForCall)] + fake.listPackagesArgsForCall = append(fake.listPackagesArgsForCall, struct { + arg1 context.Context + arg2 *api.ListPackageRequest + arg3 []grpc.CallOption + }{arg1, arg2, arg3}) + fake.recordInvocation("ListPackages", []interface{}{arg1, arg2, arg3}) + fake.listPackagesMutex.Unlock() + if fake.ListPackagesStub != nil { + return fake.ListPackagesStub(arg1, arg2, arg3...) + } + if specificReturn { + return ret.result1, ret.result2 + } + fakeReturns := fake.listPackagesReturns + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeRegistryClient) ListPackagesCallCount() int { + fake.listPackagesMutex.RLock() + defer fake.listPackagesMutex.RUnlock() + return len(fake.listPackagesArgsForCall) +} + +func (fake *FakeRegistryClient) ListPackagesCalls(stub func(context.Context, *api.ListPackageRequest, ...grpc.CallOption) (api.Registry_ListPackagesClient, error)) { + fake.listPackagesMutex.Lock() + defer fake.listPackagesMutex.Unlock() + fake.ListPackagesStub = stub +} + +func (fake *FakeRegistryClient) ListPackagesArgsForCall(i int) (context.Context, *api.ListPackageRequest, []grpc.CallOption) { + fake.listPackagesMutex.RLock() + defer fake.listPackagesMutex.RUnlock() + argsForCall := fake.listPackagesArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeRegistryClient) ListPackagesReturns(result1 api.Registry_ListPackagesClient, result2 error) { + fake.listPackagesMutex.Lock() + defer fake.listPackagesMutex.Unlock() + fake.ListPackagesStub = nil + fake.listPackagesReturns = struct { + result1 api.Registry_ListPackagesClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) ListPackagesReturnsOnCall(i int, result1 api.Registry_ListPackagesClient, result2 error) { + fake.listPackagesMutex.Lock() + defer fake.listPackagesMutex.Unlock() + fake.ListPackagesStub = nil + if fake.listPackagesReturnsOnCall == nil { + fake.listPackagesReturnsOnCall = make(map[int]struct { + result1 api.Registry_ListPackagesClient + result2 error + }) + } + fake.listPackagesReturnsOnCall[i] = struct { + result1 api.Registry_ListPackagesClient + result2 error + }{result1, result2} +} + +func (fake *FakeRegistryClient) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.getBundleMutex.RLock() + defer fake.getBundleMutex.RUnlock() + fake.getBundleForChannelMutex.RLock() + defer fake.getBundleForChannelMutex.RUnlock() + fake.getBundleThatReplacesMutex.RLock() + defer fake.getBundleThatReplacesMutex.RUnlock() + fake.getChannelEntriesThatProvideMutex.RLock() + defer fake.getChannelEntriesThatProvideMutex.RUnlock() + fake.getChannelEntriesThatReplaceMutex.RLock() + defer fake.getChannelEntriesThatReplaceMutex.RUnlock() + fake.getDefaultBundleThatProvidesMutex.RLock() + defer fake.getDefaultBundleThatProvidesMutex.RUnlock() + fake.getLatestChannelEntriesThatProvideMutex.RLock() + defer fake.getLatestChannelEntriesThatProvideMutex.RUnlock() + fake.getPackageMutex.RLock() + defer fake.getPackageMutex.RUnlock() + fake.listPackagesMutex.RLock() + defer fake.listPackagesMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeRegistryClient) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ api.RegistryClient = new(FakeRegistryClient) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/interface.go new file mode 100644 index 000000000..d495c83e5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/interface.go @@ -0,0 +1,46 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package operators + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/operators" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // Operators provides access to shared informers for resources in Operators. + Operators() operators.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// Operators returns a new operators.Interface. +func (g *group) Operators() operators.Interface { + return operators.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/operators/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/operators/interface.go new file mode 100644 index 000000000..00ae77f9f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/operators/interface.go @@ -0,0 +1,45 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package operators + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // PackageManifests returns a PackageManifestInformer. + PackageManifests() PackageManifestInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// PackageManifests returns a PackageManifestInformer. +func (v *version) PackageManifests() PackageManifestInformer { + return &packageManifestInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/operators/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/operators/packagemanifest.go new file mode 100644 index 000000000..d914bcb55 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apis/operators/packagemanifest.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package operators + +import ( + time "time" + + apisoperators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apis/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// PackageManifestInformer provides access to a shared informer and lister for +// PackageManifests. +type PackageManifestInformer interface { + Informer() cache.SharedIndexInformer + Lister() operators.PackageManifestLister +} + +type packageManifestInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewPackageManifestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredPackageManifestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().PackageManifests(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().PackageManifests(namespace).Watch(options) + }, + }, + &apisoperators.PackageManifest{}, + resyncPeriod, + indexers, + ) +} + +func (f *packageManifestInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *packageManifestInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&apisoperators.PackageManifest{}, f.defaultInformer) +} + +func (f *packageManifestInformer) Lister() operators.PackageManifestLister { + return operators.NewPackageManifestLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/interface.go new file mode 100644 index 000000000..cbaa433d2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/interface.go @@ -0,0 +1,46 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package apps + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/v1alpha1" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/v1alpha1/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/v1alpha1/interface.go new file mode 100644 index 000000000..42ad4e3fe --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/v1alpha1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // PackageManifests returns a PackageManifestInformer. + PackageManifests() PackageManifestInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// PackageManifests returns a PackageManifestInformer. +func (v *version) PackageManifests() PackageManifestInformer { + return &packageManifestInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/v1alpha1/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/v1alpha1/packagemanifest.go new file mode 100644 index 000000000..231ac91c2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps/v1alpha1/packagemanifest.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + appsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apps/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// PackageManifestInformer provides access to a shared informer and lister for +// PackageManifests. +type PackageManifestInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.PackageManifestLister +} + +type packageManifestInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewPackageManifestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredPackageManifestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AppsV1alpha1().PackageManifests(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AppsV1alpha1().PackageManifests(namespace).Watch(options) + }, + }, + &appsv1alpha1.PackageManifest{}, + resyncPeriod, + indexers, + ) +} + +func (f *packageManifestInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *packageManifestInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&appsv1alpha1.PackageManifest{}, f.defaultInformer) +} + +func (f *packageManifestInformer) Lister() v1alpha1.PackageManifestLister { + return v1alpha1.NewPackageManifestLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/factory.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/factory.go new file mode 100644 index 000000000..c7de543ae --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/factory.go @@ -0,0 +1,186 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" + apps "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/apps" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Apps() apps.Interface + Operators() operators.Interface +} + +func (f *sharedInformerFactory) Apps() apps.Interface { + return apps.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) Operators() operators.Interface { + return operators.New(f, f.namespace, f.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/generic.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/generic.go new file mode 100644 index 000000000..6b0943ded --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/generic.go @@ -0,0 +1,67 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=apps.redhat.com, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("packagemanifests"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Apps().V1alpha1().PackageManifests().Informer()}, nil + + // Group=operators.coreos.com, Version=v1 + case v1.SchemeGroupVersion.WithResource("packagemanifests"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().V1().PackageManifests().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces/factory_interfaces.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 000000000..f875805a6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,38 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/interface.go new file mode 100644 index 000000000..3ab21521c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/interface.go @@ -0,0 +1,46 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package operators + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/v1" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1 provides access to shared informers for resources in V1. + V1() v1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1 returns a new v1.Interface. +func (g *group) V1() v1.Interface { + return v1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/v1/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/v1/interface.go new file mode 100644 index 000000000..d5126f9bb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/v1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // PackageManifests returns a PackageManifestInformer. + PackageManifests() PackageManifestInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// PackageManifests returns a PackageManifestInformer. +func (v *version) PackageManifests() PackageManifestInformer { + return &packageManifestInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/v1/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/v1/packagemanifest.go new file mode 100644 index 000000000..e50caf95c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/operators/v1/packagemanifest.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + time "time" + + operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + versioned "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/externalversions/internalinterfaces" + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// PackageManifestInformer provides access to a shared informer and lister for +// PackageManifests. +type PackageManifestInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1.PackageManifestLister +} + +type packageManifestInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewPackageManifestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredPackageManifestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1().PackageManifests(namespace).List(options) + }, + WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OperatorsV1().PackageManifests(namespace).Watch(options) + }, + }, + &operatorsv1.PackageManifest{}, + resyncPeriod, + indexers, + ) +} + +func (f *packageManifestInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *packageManifestInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operatorsv1.PackageManifest{}, f.defaultInformer) +} + +func (f *packageManifestInformer) Lister() v1.PackageManifestLister { + return v1.NewPackageManifestLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/factory.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/factory.go new file mode 100644 index 000000000..8b5dc2dd1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/factory.go @@ -0,0 +1,180 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + reflect "reflect" + sync "sync" + time "time" + + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/internalinterfaces" + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client internalversion.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client internalversion.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client internalversion.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client internalversion.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Operators() operators.Interface +} + +func (f *sharedInformerFactory) Operators() operators.Interface { + return operators.New(f, f.namespace, f.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/generic.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/generic.go new file mode 100644 index 000000000..795466495 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/generic.go @@ -0,0 +1,62 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + "fmt" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=operators.coreos.com, Version=internalVersion + case operators.SchemeGroupVersion.WithResource("packagemanifests"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Operators().InternalVersion().PackageManifests().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/internalinterfaces/factory_interfaces.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/internalinterfaces/factory_interfaces.go new file mode 100644 index 000000000..228f80bd9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/internalinterfaces/factory_interfaces.go @@ -0,0 +1,38 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +type NewInformerFunc func(internalversion.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/interface.go new file mode 100644 index 000000000..94246fc89 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/interface.go @@ -0,0 +1,46 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package operators + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/internalversion" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // InternalVersion provides access to shared informers for resources in InternalVersion. + InternalVersion() internalversion.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// InternalVersion returns a new internalversion.Interface. +func (g *group) InternalVersion() internalversion.Interface { + return internalversion.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/internalversion/interface.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/internalversion/interface.go new file mode 100644 index 000000000..bb9a44f66 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/internalversion/interface.go @@ -0,0 +1,45 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // PackageManifests returns a PackageManifestInformer. + PackageManifests() PackageManifestInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// PackageManifests returns a PackageManifestInformer. +func (v *version) PackageManifests() PackageManifestInformer { + return &packageManifestInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/internalversion/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/internalversion/packagemanifest.go new file mode 100644 index 000000000..a507bc117 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/operators/internalversion/packagemanifest.go @@ -0,0 +1,89 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + clientsetinternalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/internalversion" + internalinterfaces "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/informers/internalversion/internalinterfaces" + internalversion "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/internalversion" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// PackageManifestInformer provides access to a shared informer and lister for +// PackageManifests. +type PackageManifestInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.PackageManifestLister +} + +type packageManifestInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewPackageManifestInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredPackageManifestInformer constructs a new informer for PackageManifest type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredPackageManifestInformer(client clientsetinternalversion.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().PackageManifests(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Operators().PackageManifests(namespace).Watch(options) + }, + }, + &operators.PackageManifest{}, + resyncPeriod, + indexers, + ) +} + +func (f *packageManifestInformer) defaultInformer(client clientsetinternalversion.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredPackageManifestInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *packageManifestInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&operators.PackageManifest{}, f.defaultInformer) +} + +func (f *packageManifestInformer) Lister() internalversion.PackageManifestLister { + return internalversion.NewPackageManifestLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apis/operators/expansion_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apis/operators/expansion_generated.go new file mode 100644 index 000000000..cd6cf308e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apis/operators/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package operators + +// PackageManifestListerExpansion allows custom methods to be added to +// PackageManifestLister. +type PackageManifestListerExpansion interface{} + +// PackageManifestNamespaceListerExpansion allows custom methods to be added to +// PackageManifestNamespaceLister. +type PackageManifestNamespaceListerExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apis/operators/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apis/operators/packagemanifest.go new file mode 100644 index 000000000..6aa3e8341 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apis/operators/packagemanifest.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package operators + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// PackageManifestLister helps list PackageManifests. +type PackageManifestLister interface { + // List lists all PackageManifests in the indexer. + List(selector labels.Selector) (ret []*operators.PackageManifest, err error) + // PackageManifests returns an object that can list and get PackageManifests. + PackageManifests(namespace string) PackageManifestNamespaceLister + PackageManifestListerExpansion +} + +// packageManifestLister implements the PackageManifestLister interface. +type packageManifestLister struct { + indexer cache.Indexer +} + +// NewPackageManifestLister returns a new PackageManifestLister. +func NewPackageManifestLister(indexer cache.Indexer) PackageManifestLister { + return &packageManifestLister{indexer: indexer} +} + +// List lists all PackageManifests in the indexer. +func (s *packageManifestLister) List(selector labels.Selector) (ret []*operators.PackageManifest, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*operators.PackageManifest)) + }) + return ret, err +} + +// PackageManifests returns an object that can list and get PackageManifests. +func (s *packageManifestLister) PackageManifests(namespace string) PackageManifestNamespaceLister { + return packageManifestNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// PackageManifestNamespaceLister helps list and get PackageManifests. +type PackageManifestNamespaceLister interface { + // List lists all PackageManifests in the indexer for a given namespace. + List(selector labels.Selector) (ret []*operators.PackageManifest, err error) + // Get retrieves the PackageManifest from the indexer for a given namespace and name. + Get(name string) (*operators.PackageManifest, error) + PackageManifestNamespaceListerExpansion +} + +// packageManifestNamespaceLister implements the PackageManifestNamespaceLister +// interface. +type packageManifestNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all PackageManifests in the indexer for a given namespace. +func (s packageManifestNamespaceLister) List(selector labels.Selector) (ret []*operators.PackageManifest, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*operators.PackageManifest)) + }) + return ret, err +} + +// Get retrieves the PackageManifest from the indexer for a given namespace and name. +func (s packageManifestNamespaceLister) Get(name string) (*operators.PackageManifest, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(operators.Resource("packagemanifest"), name) + } + return obj.(*operators.PackageManifest), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apps/v1alpha1/expansion_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apps/v1alpha1/expansion_generated.go new file mode 100644 index 000000000..cac91be62 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apps/v1alpha1/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// PackageManifestListerExpansion allows custom methods to be added to +// PackageManifestLister. +type PackageManifestListerExpansion interface{} + +// PackageManifestNamespaceListerExpansion allows custom methods to be added to +// PackageManifestNamespaceLister. +type PackageManifestNamespaceListerExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apps/v1alpha1/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apps/v1alpha1/packagemanifest.go new file mode 100644 index 000000000..4eb4e878e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/apps/v1alpha1/packagemanifest.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/apps/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// PackageManifestLister helps list PackageManifests. +type PackageManifestLister interface { + // List lists all PackageManifests in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.PackageManifest, err error) + // PackageManifests returns an object that can list and get PackageManifests. + PackageManifests(namespace string) PackageManifestNamespaceLister + PackageManifestListerExpansion +} + +// packageManifestLister implements the PackageManifestLister interface. +type packageManifestLister struct { + indexer cache.Indexer +} + +// NewPackageManifestLister returns a new PackageManifestLister. +func NewPackageManifestLister(indexer cache.Indexer) PackageManifestLister { + return &packageManifestLister{indexer: indexer} +} + +// List lists all PackageManifests in the indexer. +func (s *packageManifestLister) List(selector labels.Selector) (ret []*v1alpha1.PackageManifest, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.PackageManifest)) + }) + return ret, err +} + +// PackageManifests returns an object that can list and get PackageManifests. +func (s *packageManifestLister) PackageManifests(namespace string) PackageManifestNamespaceLister { + return packageManifestNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// PackageManifestNamespaceLister helps list and get PackageManifests. +type PackageManifestNamespaceLister interface { + // List lists all PackageManifests in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.PackageManifest, err error) + // Get retrieves the PackageManifest from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.PackageManifest, error) + PackageManifestNamespaceListerExpansion +} + +// packageManifestNamespaceLister implements the PackageManifestNamespaceLister +// interface. +type packageManifestNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all PackageManifests in the indexer for a given namespace. +func (s packageManifestNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.PackageManifest, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.PackageManifest)) + }) + return ret, err +} + +// Get retrieves the PackageManifest from the indexer for a given namespace and name. +func (s packageManifestNamespaceLister) Get(name string) (*v1alpha1.PackageManifest, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("packagemanifest"), name) + } + return obj.(*v1alpha1.PackageManifest), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/internalversion/expansion_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/internalversion/expansion_generated.go new file mode 100644 index 000000000..29efada05 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/internalversion/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +// PackageManifestListerExpansion allows custom methods to be added to +// PackageManifestLister. +type PackageManifestListerExpansion interface{} + +// PackageManifestNamespaceListerExpansion allows custom methods to be added to +// PackageManifestNamespaceLister. +type PackageManifestNamespaceListerExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/internalversion/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/internalversion/packagemanifest.go new file mode 100644 index 000000000..7089a179c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/internalversion/packagemanifest.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + operators "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// PackageManifestLister helps list PackageManifests. +type PackageManifestLister interface { + // List lists all PackageManifests in the indexer. + List(selector labels.Selector) (ret []*operators.PackageManifest, err error) + // PackageManifests returns an object that can list and get PackageManifests. + PackageManifests(namespace string) PackageManifestNamespaceLister + PackageManifestListerExpansion +} + +// packageManifestLister implements the PackageManifestLister interface. +type packageManifestLister struct { + indexer cache.Indexer +} + +// NewPackageManifestLister returns a new PackageManifestLister. +func NewPackageManifestLister(indexer cache.Indexer) PackageManifestLister { + return &packageManifestLister{indexer: indexer} +} + +// List lists all PackageManifests in the indexer. +func (s *packageManifestLister) List(selector labels.Selector) (ret []*operators.PackageManifest, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*operators.PackageManifest)) + }) + return ret, err +} + +// PackageManifests returns an object that can list and get PackageManifests. +func (s *packageManifestLister) PackageManifests(namespace string) PackageManifestNamespaceLister { + return packageManifestNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// PackageManifestNamespaceLister helps list and get PackageManifests. +type PackageManifestNamespaceLister interface { + // List lists all PackageManifests in the indexer for a given namespace. + List(selector labels.Selector) (ret []*operators.PackageManifest, err error) + // Get retrieves the PackageManifest from the indexer for a given namespace and name. + Get(name string) (*operators.PackageManifest, error) + PackageManifestNamespaceListerExpansion +} + +// packageManifestNamespaceLister implements the PackageManifestNamespaceLister +// interface. +type packageManifestNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all PackageManifests in the indexer for a given namespace. +func (s packageManifestNamespaceLister) List(selector labels.Selector) (ret []*operators.PackageManifest, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*operators.PackageManifest)) + }) + return ret, err +} + +// Get retrieves the PackageManifest from the indexer for a given namespace and name. +func (s packageManifestNamespaceLister) Get(name string) (*operators.PackageManifest, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(operators.Resource("packagemanifest"), name) + } + return obj.(*operators.PackageManifest), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/v1/expansion_generated.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/v1/expansion_generated.go new file mode 100644 index 000000000..95596f6f0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/v1/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +// PackageManifestListerExpansion allows custom methods to be added to +// PackageManifestLister. +type PackageManifestListerExpansion interface{} + +// PackageManifestNamespaceListerExpansion allows custom methods to be added to +// PackageManifestNamespaceLister. +type PackageManifestNamespaceListerExpansion interface{} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/v1/packagemanifest.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/v1/packagemanifest.go new file mode 100644 index 000000000..5e82f6075 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/listers/operators/v1/packagemanifest.go @@ -0,0 +1,94 @@ +/* +Copyright 2019 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// PackageManifestLister helps list PackageManifests. +type PackageManifestLister interface { + // List lists all PackageManifests in the indexer. + List(selector labels.Selector) (ret []*v1.PackageManifest, err error) + // PackageManifests returns an object that can list and get PackageManifests. + PackageManifests(namespace string) PackageManifestNamespaceLister + PackageManifestListerExpansion +} + +// packageManifestLister implements the PackageManifestLister interface. +type packageManifestLister struct { + indexer cache.Indexer +} + +// NewPackageManifestLister returns a new PackageManifestLister. +func NewPackageManifestLister(indexer cache.Indexer) PackageManifestLister { + return &packageManifestLister{indexer: indexer} +} + +// List lists all PackageManifests in the indexer. +func (s *packageManifestLister) List(selector labels.Selector) (ret []*v1.PackageManifest, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1.PackageManifest)) + }) + return ret, err +} + +// PackageManifests returns an object that can list and get PackageManifests. +func (s *packageManifestLister) PackageManifests(namespace string) PackageManifestNamespaceLister { + return packageManifestNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// PackageManifestNamespaceLister helps list and get PackageManifests. +type PackageManifestNamespaceLister interface { + // List lists all PackageManifests in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1.PackageManifest, err error) + // Get retrieves the PackageManifest from the indexer for a given namespace and name. + Get(name string) (*v1.PackageManifest, error) + PackageManifestNamespaceListerExpansion +} + +// packageManifestNamespaceLister implements the PackageManifestNamespaceLister +// interface. +type packageManifestNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all PackageManifests in the indexer for a given namespace. +func (s packageManifestNamespaceLister) List(selector labels.Selector) (ret []*v1.PackageManifest, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1.PackageManifest)) + }) + return ret, err +} + +// Get retrieves the PackageManifest from the indexer for a given namespace and name. +func (s packageManifestNamespaceLister) Get(name string) (*v1.PackageManifest, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1.Resource("packagemanifest"), name) + } + return obj.(*v1.PackageManifest), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/util.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/util.go new file mode 100644 index 000000000..60bfa220d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/util.go @@ -0,0 +1,36 @@ +package client + +import ( + "net" + "os" + + log "github.com/sirupsen/logrus" + _ "k8s.io/client-go/plugin/pkg/client/auth/oidc" + "k8s.io/client-go/rest" + "k8s.io/client-go/tools/clientcmd" +) + +// getConfig returns a kubernetes config for configuring a client from a kubeconfig string +func getConfig(kubeconfig string) (*rest.Config, error) { + if len(kubeconfig) == 0 { + // Work around https://github.com/kubernetes/kubernetes/issues/40973 + // See https://github.com/coreos/etcd-operator/issues/731#issuecomment-283804819 + if len(os.Getenv("KUBERNETES_SERVICE_HOST")) == 0 { + addrs, err := net.LookupHost("kubernetes.default.svc") + if err != nil { + return nil, err + } + + os.Setenv("KUBERNETES_SERVICE_HOST", addrs[0]) + } + + if len(os.Getenv("KUBERNETES_SERVICE_PORT")) == 0 { + os.Setenv("KUBERNETES_SERVICE_PORT", "443") + } + + log.Infof("Using in-cluster kube client config") + return rest.InClusterConfig() + } + log.Infof("Loading kube client config from path %q", kubeconfig) + return clientcmd.BuildConfigFromFlags("", kubeconfig) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/interfaces.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/interfaces.go new file mode 100644 index 000000000..980ac4031 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/interfaces.go @@ -0,0 +1,8 @@ +package provider + +import "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + +type PackageManifestProvider interface { + Get(name, namespace string) (*operators.PackageManifest, error) + List(namespace string) (*operators.PackageManifestList, error) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.6.1/etcdcluster.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.6.1/etcdcluster.crd.yaml new file mode 100644 index 000000000..6f2068711 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.6.1/etcdcluster.crd.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: etcdclusters.etcd.database.coreos.com +spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.6.1/etcdoperator.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.6.1/etcdoperator.clusterserviceversion.yaml new file mode 100644 index 000000000..37a86f204 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.6.1/etcdoperator.clusterserviceversion.yaml @@ -0,0 +1,175 @@ +#! validate-crd: ./deploy/chart/templates/03-clusterserviceversion.crd.yaml +#! parse-kind: ClusterServiceVersion +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: etcdoperator.v0.6.1 + namespace: placeholder + annotations: + tectonic-visibility: ocs +spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + **High availability** + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + **Automated updates** + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + **Backups included** + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.6.1 + maturity: alpha + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-status-descriptors: etcdoperator.v0.6.1 + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + verbs: + - "*" + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:bd944a211eaf8f31da5e6d69e8541e7cada8f16a9f7a5a570b22478997819943 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: service + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdbackup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdbackup.crd.yaml new file mode 100644 index 000000000..5fa9e2ef0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdbackup.crd.yaml @@ -0,0 +1,13 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: etcdbackups.etcd.database.coreos.com +spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdcluster.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdcluster.crd.yaml new file mode 100644 index 000000000..6f2068711 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdcluster.crd.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: etcdclusters.etcd.database.coreos.com +spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdoperator.v0.9.0.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdoperator.v0.9.0.clusterserviceversion.yaml new file mode 100644 index 000000000..6ab15ca2b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdoperator.v0.9.0.clusterserviceversion.yaml @@ -0,0 +1,282 @@ +#! validate-crd: ./deploy/chart/templates/03-clusterserviceversion.crd.yaml +#! parse-kind: ClusterServiceVersion +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: etcdoperator.v0.9.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' +spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.0 + maturity: alpha + replaces: etcdoperator.v0.6.1 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:db563baa8194fcfe39d1df744ed70024b0f1f9e9b55b5923c2f3a413c44dc6b8 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdrestore.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdrestore.crd.yaml new file mode 100644 index 000000000..8e28bb20a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.0/etcdrestore.crd.yaml @@ -0,0 +1,13 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: etcdrestores.etcd.database.coreos.com +spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdbackup.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdbackup.crd.yaml new file mode 100644 index 000000000..5fa9e2ef0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdbackup.crd.yaml @@ -0,0 +1,13 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: etcdbackups.etcd.database.coreos.com +spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdcluster.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdcluster.crd.yaml new file mode 100644 index 000000000..6f2068711 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdcluster.crd.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: etcdclusters.etcd.database.coreos.com +spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdoperator.v0.9.2.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdoperator.v0.9.2.clusterserviceversion.yaml new file mode 100644 index 000000000..26226f4b5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdoperator.v0.9.2.clusterserviceversion.yaml @@ -0,0 +1,282 @@ +#! validate-crd: ./deploy/chart/templates/03-clusterserviceversion.crd.yaml +#! parse-kind: ClusterServiceVersion +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: etcdoperator.v0.9.2 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"","awsSecret":""}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":[""],"storageType":"S3","s3":{"path":"","awsSecret":""}}}]' +spec: + displayName: etcd + description: | + etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd. + A simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers. + + _The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._ + + ### Reading and writing to etcd + + Communicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service. + + [Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. + + + **Automated updates** + + + Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. + + + **Backups included** + + + Coming soon, the ability to schedule backups to happen on or off cluster. + keywords: ['etcd', 'key value', 'database', 'coreos', 'open source'] + version: 0.9.2 + maturity: alpha + replaces: etcdoperator.v0.9.0 + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + labels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + selector: + matchLabels: + alm-owner-etcd: etcdoperator + operated-by: etcdoperator + links: + - name: Blog + url: https://coreos.com/etcd + - name: Documentation + url: https://coreos.com/operators/etcd/docs/latest/ + - name: etcd Operator Source Code + url: https://github.com/coreos/etcd-operator + + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: etcd-operator + rules: + - apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "*" + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + deployments: + - name: etcd-operator + spec: + replicas: 1 + selector: + matchLabels: + name: etcd-operator-alm-owned + template: + metadata: + name: etcd-operator-alm-owned + labels: + name: etcd-operator-alm-owned + spec: + serviceAccountName: etcd-operator + containers: + - name: etcd-operator + command: + - etcd-operator + - --create-crd=false + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-backup-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-backup-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: etcd-restore-operator + image: quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2 + command: + - etcd-restore-operator + - --create-crd=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + customresourcedefinitions: + owned: + - name: etcdclusters.etcd.database.coreos.com + version: v1beta2 + kind: EtcdCluster + displayName: etcd Cluster + description: Represents a cluster of etcd nodes. + resources: + - kind: Service + version: v1 + - kind: Pod + version: v1 + specDescriptors: + - description: The desired number of member Pods for the etcd cluster. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: pod.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The status of each of the member Pods for the etcd cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The service at which the running etcd cluster can be accessed. + displayName: Service + path: serviceName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Service' + - description: The current size of the etcd cluster. + displayName: Cluster Size + path: size + - description: The current version of the etcd cluster. + displayName: Current Version + path: currentVersion + - description: 'The target version of the etcd cluster, after upgrading.' + displayName: Target Version + path: targetVersion + - description: The current status of the etcd cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the cluster. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdbackups.etcd.database.coreos.com + version: v1beta2 + kind: EtcdBackup + displayName: etcd Backup + description: Represents the intent to backup an etcd cluster. + specDescriptors: + - description: Specifies the endpoints of an etcd cluster. + displayName: etcd Endpoint(s) + path: etcdEndpoints + x-descriptors: + - 'urn:alm:descriptor:etcd:endpoint' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the backup was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any backup related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - name: etcdrestores.etcd.database.coreos.com + version: v1beta2 + kind: EtcdRestore + displayName: etcd Restore + description: Represents the intent to restore an etcd cluster from a backup. + specDescriptors: + - description: References the EtcdCluster which should be restored, + displayName: etcd Cluster + path: etcdCluster.name + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:EtcdCluster' + - 'urn:alm:descriptor:text' + - description: The full AWS S3 path where the backup is saved. + displayName: S3 Path + path: s3.path + x-descriptors: + - 'urn:alm:descriptor:aws:s3:path' + - description: The name of the secret object that stores the AWS credential and config files. + displayName: AWS Secret + path: s3.awsSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: Indicates if the restore was successful. + displayName: Succeeded + path: succeeded + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Indicates the reason for any restore related failures. + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdrestore.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdrestore.crd.yaml new file mode 100644 index 000000000..8e28bb20a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/0.9.2/etcdrestore.crd.yaml @@ -0,0 +1,13 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: etcdrestores.etcd.database.coreos.com +spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/etcd.package.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/etcd.package.yaml new file mode 100644 index 000000000..6d324d387 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/etcd/etcd.package.yaml @@ -0,0 +1,5 @@ +#! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml +packageName: etcd +channels: +- name: alpha + currentCSV: etcdoperator.v0.9.2 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/alertmanager.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/alertmanager.crd.yaml new file mode 100644 index 000000000..ce56f4bb6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/alertmanager.crd.yaml @@ -0,0 +1,2398 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: alertmanagers.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheus.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheus.crd.yaml new file mode 100644 index 000000000..1a02408aa --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheus.crd.yaml @@ -0,0 +1,2971 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: prometheuses.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheusoperator.0.14.0.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheusoperator.0.14.0.clusterserviceversion.yaml new file mode 100644 index 000000000..1ea668e05 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheusoperator.0.14.0.clusterserviceversion.yaml @@ -0,0 +1,241 @@ +#! validate-crd: ./deploy/chart/templates/03-clusterserviceversion.crd.yaml +#! parse-kind: ClusterServiceVersion +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: prometheusoperator.0.14.0 + namespace: placeholder +spec: + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ## Supported Features + + **High availability** + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + **Updates via automated operations** + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + **Handles the dynamic nature of containers** + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.14.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:5037b4e90dbb03ebdefaa547ddf6a1f748c8eeebeedf6b9d9f0913ad662b5731 + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.14.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.14.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Define resources requests and limits for single Pods + displayName: Resource Request + path: resources.requests + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheusrule.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheusrule.crd.yaml new file mode 100644 index 000000000..7ced5a680 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/prometheusrule.crd.yaml @@ -0,0 +1,51 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: prometheusrules.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/servicemonitor.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/servicemonitor.crd.yaml new file mode 100644 index 000000000..029639684 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.14.0/servicemonitor.crd.yaml @@ -0,0 +1,224 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: servicemonitors.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/alertmanager.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/alertmanager.crd.yaml new file mode 100644 index 000000000..ce56f4bb6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/alertmanager.crd.yaml @@ -0,0 +1,2398 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: alertmanagers.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheus.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheus.crd.yaml new file mode 100644 index 000000000..1a02408aa --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheus.crd.yaml @@ -0,0 +1,2971 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: prometheuses.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheusoperator.0.15.0.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheusoperator.0.15.0.clusterserviceversion.yaml new file mode 100644 index 000000000..85e976e91 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheusoperator.0.15.0.clusterserviceversion.yaml @@ -0,0 +1,265 @@ +#! validate-crd: ./deploy/chart/templates/03-clusterserviceversion.crd.yaml +#! parse-kind: ClusterServiceVersion +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: prometheusoperator.0.15.0 + namespace: placeholder + annotations: + tectonic-visibility: ocs + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v1.7.0","serviceAccountName":"prometheus-k8s","serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' +spec: + replaces: prometheusoperator.0.14.0 + displayName: Prometheus + description: | + An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. + + _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + + ### Monitoring applications + + Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + + [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + + ### Supported Features + + + **High availability** + + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + + **Updates via automated operations** + + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + + **Handles the dynamic nature of containers** + + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: CoreOS, Inc + email: support@coreos.com + + provider: + name: CoreOS, Inc + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator Source Code + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.15.0 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-14-0 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: ["get", "list"] + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - servicemonitors + verbs: + - "*" + - apiGroups: + - apps + resources: + - statefulsets + verbs: ["*"] + - apiGroups: [""] + resources: + - configmaps + - secrets + verbs: ["*"] + - apiGroups: [""] + resources: + - pods + verbs: ["list", "delete"] + - apiGroups: [""] + resources: + - services + - endpoints + verbs: ["get", "create", "update"] + - apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] + - apiGroups: [""] + resources: + - namespaces + verbs: ['list'] + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-14-0 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:0e92dd9b5789c4b13d53e1319d0a6375bcca4caaf0d698af61198061222a576d + command: + - sh + - -c + - > + /bin/operator --namespace=$K8S_NAMESPACE --crd-apigroup monitoring.coreos.com + --labels alm-status-descriptors=prometheusoperator.0.15.0,alm-owner-prometheus=prometheusoperator + --kubelet-service=kube-system/kubelet + --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + maturity: alpha + version: 0.15.0 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + statusDescriptors: + - description: The current number of Pods for the cluster + displayName: Cluster Size + path: replicas + - path: prometheusSelector + displayName: Prometheus Service Selector + description: Label selector to find the service that routes to this prometheus + x-descriptors: + - 'urn:alm:descriptor:label:selector' + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: Selector to select which namespaces the Endpoints objects are discovered from + displayName: Monitoring Namespaces + path: namespaceSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alert Manager + description: Configures an Alert Manager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheusrule.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheusrule.crd.yaml new file mode 100644 index 000000000..7ced5a680 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/prometheusrule.crd.yaml @@ -0,0 +1,51 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: prometheusrules.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/servicemonitor.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/servicemonitor.crd.yaml new file mode 100644 index 000000000..029639684 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.15.0/servicemonitor.crd.yaml @@ -0,0 +1,224 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: servicemonitors.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/alertmanager.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/alertmanager.crd.yaml new file mode 100644 index 000000000..ce56f4bb6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/alertmanager.crd.yaml @@ -0,0 +1,2398 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: alertmanagers.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheus.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheus.crd.yaml new file mode 100644 index 000000000..1a02408aa --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheus.crd.yaml @@ -0,0 +1,2971 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: prometheuses.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP or TCP. Defaults + to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationHostToContainer + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a list may not be possible + if the server configuration has changed or more than + a few minutes have passed. The resourceVersion field + returned when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + Secrets changes after initial creation of a Prometheus object are + not reflected in the running Pods. To change the secrets mounted into + the Prometheus Pods, the object must be deleted and recreated with + the new list of secrets. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + DEPRECATED' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a list + may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + s3: + description: ThanosSpec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheusoperator.0.22.2.clusterserviceversion.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheusoperator.0.22.2.clusterserviceversion.yaml new file mode 100644 index 000000000..a24ff65fd --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheusoperator.0.22.2.clusterserviceversion.yaml @@ -0,0 +1,272 @@ +#! validate-crd: ./deploy/chart/templates/03-clusterserviceversion.crd.yaml +#! parse-kind: ClusterServiceVersion +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: prometheusoperator.0.22.2 + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' +spec: + replaces: prometheusoperator.0.15.0 + displayName: Prometheus Operator + description: | + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. + + Once installed, the Prometheus Operator provides the following features: + + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. + + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. + + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + + ### Other Supported Features + + **High availability** + + Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. + + **Updates via automated operations** + + New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. + + **Handles the dynamic nature of containers** + + Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. + + keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] + + maintainers: + - name: Red Hat + email: openshift-operators@redhat.com + + provider: + name: Red Hat + + links: + - name: Prometheus + url: https://www.prometheus.io/ + - name: Documentation + url: https://coreos.com/operators/prometheus/docs/latest/ + - name: Prometheus Operator + url: https://github.com/coreos/prometheus-operator + + labels: + alm-status-descriptors: prometheusoperator.0.22.2 + alm-owner-prometheus: prometheusoperator + + selector: + matchLabels: + alm-owner-prometheus: prometheusoperator + + icon: + - base64data: PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg== + mediatype: image/svg+xml + + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: prometheus-k8s + rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - serviceAccountName: prometheus-operator-0-22-2 + rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete + - apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch + deployments: + - name: prometheus-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: prometheus-operator + template: + metadata: + labels: + k8s-app: prometheus-operator + spec: + serviceAccount: prometheus-operator-0-22-2 + containers: + - name: prometheus-operator + image: quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf + args: + - -namespace=$(K8S_NAMESPACE) + - -manage-crds=false + - -logtostderr=true + - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1 + - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2 + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + nodeSelector: + beta.kubernetes.io/os: linux + maturity: beta + version: 0.22.2 + customresourcedefinitions: + owned: + - name: prometheuses.monitoring.coreos.com + version: v1 + kind: Prometheus + displayName: Prometheus + description: A running Prometheus instance + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: A selector for the ConfigMaps from which to load rule files + displayName: Rule Config Map Selector + path: ruleSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - description: ServiceMonitors to be selected for target discovery + displayName: Service Monitor Selector + path: serviceMonitorSelector + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - description: The ServiceAccount to use to run the Prometheus pods + displayName: Service Account + path: serviceAccountName + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: prometheusrules.monitoring.coreos.com + version: v1 + kind: PrometheusRule + displayName: Prometheus Rule + description: A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules. + - name: servicemonitors.monitoring.coreos.com + version: v1 + kind: ServiceMonitor + displayName: Service Monitor + description: Configures prometheus to monitor a particular k8s service + resources: + - kind: Pod + version: v1 + specDescriptors: + - description: The label to use to retrieve the job name from + displayName: Job Label + path: jobLabel + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: A list of endpoints allowed as part of this ServiceMonitor + displayName: Endpoints + path: endpoints + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - name: alertmanagers.monitoring.coreos.com + version: v1 + kind: Alertmanager + displayName: Alertmanager + description: Configures an Alertmanager for the namespace + resources: + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 + specDescriptors: + - description: Desired number of Pods for the cluster + displayName: Size + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheusrule.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheusrule.crd.yaml new file mode 100644 index 000000000..7ced5a680 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/prometheusrule.crd.yaml @@ -0,0 +1,51 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: prometheusrules.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: PrometheusRule + plural: prometheusrules + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + type: string + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/servicemonitor.crd.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/servicemonitor.crd.yaml new file mode 100644 index 000000000..029639684 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/0.22.2/servicemonitor.crd.yaml @@ -0,0 +1,224 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: servicemonitors.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + kind: ServiceMonitor + plural: servicemonitors + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: A selector for selecting namespaces either selecting all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/prometheus.package.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/prometheus.package.yaml new file mode 100644 index 000000000..ad3cb62fb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/manifests/prometheus/prometheus.package.yaml @@ -0,0 +1,5 @@ +#! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml +packageName: prometheus +channels: +- name: preview + currentCSV: prometheusoperator.0.22.2 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/registry.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/registry.go new file mode 100644 index 000000000..1f1a65113 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/registry.go @@ -0,0 +1,338 @@ +package provider + +import ( + "context" + "encoding/json" + "fmt" + "io" + "sync" + "time" + + "github.com/operator-framework/operator-registry/pkg/api" + "github.com/sirupsen/logrus" + "google.golang.org/grpc" + "google.golang.org/grpc/connectivity" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/client-go/tools/cache" + "k8s.io/kubernetes/pkg/util/labels" + + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/informers/externalversions" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" +) + +const ( + defaultConnectionTimeout = 5 * time.Second +) + +type sourceKey struct { + name string + namespace string +} + +type registryClient struct { + api.RegistryClient + source *operatorsv1alpha1.CatalogSource + conn *grpc.ClientConn +} + +func newRegistryClient(source *operatorsv1alpha1.CatalogSource, conn *grpc.ClientConn) registryClient { + return registryClient{ + RegistryClient: api.NewRegistryClient(conn), + source: source, + conn: conn, + } +} + +// RegistryProvider aggregates several `CatalogSources` and establishes gRPC connections to their registry servers. +type RegistryProvider struct { + queueinformer.Operator + + mu sync.RWMutex + globalNamespace string + clients map[sourceKey]registryClient +} + +var _ PackageManifestProvider = &RegistryProvider{} + +func NewRegistryProvider(ctx context.Context, crClient versioned.Interface, operator queueinformer.Operator, wakeupInterval time.Duration, watchedNamespaces []string, globalNamespace string) (*RegistryProvider, error) { + p := &RegistryProvider{ + Operator: operator, + + globalNamespace: globalNamespace, + clients: make(map[sourceKey]registryClient), + } + + for _, namespace := range watchedNamespaces { + informerFactory := externalversions.NewSharedInformerFactoryWithOptions(crClient, wakeupInterval, externalversions.WithNamespace(namespace)) + catsrcInformer := informerFactory.Operators().V1alpha1().CatalogSources() + + // Register queue and QueueInformer + logrus.WithField("namespace", namespace).Info("watching catalogsources") + catsrcQueueInformer, err := queueinformer.NewQueueInformer( + ctx, + queueinformer.WithInformer(catsrcInformer.Informer()), + queueinformer.WithSyncer(queueinformer.LegacySyncHandler(p.syncCatalogSource).ToSyncerWithDelete(p.catalogSourceDeleted)), + ) + if err != nil { + return nil, err + } + p.RegisterQueueInformer(catsrcQueueInformer) + } + + return p, nil +} + +func (p *RegistryProvider) getClient(key sourceKey) (registryClient, bool) { + p.mu.RLock() + defer p.mu.RUnlock() + + client, ok := p.clients[key] + return client, ok +} + +func (p *RegistryProvider) setClient(client registryClient, key sourceKey) { + p.mu.Lock() + defer p.mu.Unlock() + + p.clients[key] = client +} + +func (p *RegistryProvider) removeClient(key sourceKey) (registryClient, bool) { + p.mu.Lock() + defer p.mu.Unlock() + + client, ok := p.clients[key] + if !ok { + return registryClient{}, false + } + + delete(p.clients, key) + return client, true +} + +func (p *RegistryProvider) syncCatalogSource(obj interface{}) (syncError error) { + source, ok := obj.(*operatorsv1alpha1.CatalogSource) + if !ok { + logrus.Errorf("catalogsource type assertion failed: wrong type: %#v", obj) + } + + logger := logrus.WithFields(logrus.Fields{ + "action": "sync catalogsource", + "name": source.GetName(), + "namespace": source.GetNamespace(), + }) + + if source.Status.RegistryServiceStatus == nil { + logger.Debug("registry service is not ready for grpc connection") + return + } + + key := sourceKey{source.GetName(), source.GetNamespace()} + client, ok := p.getClient(key) + if ok && source.Status.RegistryServiceStatus.ServiceName != "" { + logger.Info("update detected, attempting to reset grpc connection") + client.conn.ResetConnectBackoff() + + ctx, cancel := context.WithTimeout(context.TODO(), defaultConnectionTimeout) + defer cancel() + + changed := client.conn.WaitForStateChange(ctx, connectivity.TransientFailure) + if !changed { + logger.Debugf("grpc connection reset timeout") + syncError = fmt.Errorf("grpc connection reset timeout") + return + } + + logger.Info("grpc connection reset") + return + } else if ok { + // Address type grpc CatalogSource, drop the connection dial in to the new address + client.conn.Close() + } + + logger.Info("attempting to add a new grpc connection") + conn, err := grpc.Dial(source.Address(), grpc.WithInsecure()) + if err != nil { + logger.WithField("err", err.Error()).Errorf("could not connect to registry service") + syncError = err + return + } + + p.setClient(newRegistryClient(source, conn), key) + logger.Info("new grpc connection added") + + return +} + +func (p *RegistryProvider) catalogSourceDeleted(obj interface{}) { + catsrc, ok := obj.(metav1.Object) + if !ok { + if !ok { + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("couldn't get object from tombstone %#v", obj)) + return + } + + catsrc, ok = tombstone.Obj.(metav1.Object) + if !ok { + utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not a Namespace %#v", obj)) + return + } + } + } + + logger := logrus.WithFields(logrus.Fields{ + "action": "CatalogSource Deleted", + "name": catsrc.GetName(), + "namespace": catsrc.GetNamespace(), + }) + logger.Debugf("attempting to remove grpc connection") + + key := sourceKey{catsrc.GetName(), catsrc.GetNamespace()} + client, removed := p.removeClient(key) + if removed { + err := client.conn.Close() + if err != nil { + logger.WithField("err", err.Error()).Error("error closing connection") + utilruntime.HandleError(fmt.Errorf("error closing connection %s", err.Error())) + return + } + logger.Debug("grpc connection removed") + return + } + + logger.Debugf("no gRPC connection to remove") + +} + +func (p *RegistryProvider) Get(namespace, name string) (*operators.PackageManifest, error) { + logger := logrus.WithFields(logrus.Fields{ + "action": "Get PackageManifest", + "name": name, + "namespace": namespace, + }) + + pkgs, err := p.List(namespace) + if err != nil { + return nil, fmt.Errorf("could not list packages in namespace %s", namespace) + } + + for _, pkg := range pkgs.Items { + if pkg.GetName() == name { + return &pkg, nil + } + } + + logger.Info("package not found") + return nil, nil +} + +func (p *RegistryProvider) List(namespace string) (*operators.PackageManifestList, error) { + logger := logrus.WithFields(logrus.Fields{ + "action": "List PackageManifests", + "namespace": namespace, + }) + + p.mu.RLock() + defer p.mu.RUnlock() + + pkgs := []operators.PackageManifest{} + for _, client := range p.clients { + if client.source.GetNamespace() == namespace || client.source.GetNamespace() == p.globalNamespace || namespace == metav1.NamespaceAll { + logger.Debugf("found CatalogSource %s", client.source.GetName()) + + stream, err := client.ListPackages(context.Background(), &api.ListPackageRequest{}) + if err != nil { + logger.WithField("err", err.Error()).Warnf("error getting stream") + continue + } + for { + pkgName, err := stream.Recv() + if err == io.EOF { + break + } + + if err != nil { + logger.WithField("err", err.Error()).Warnf("error getting data") + break + } + pkg, err := client.GetPackage(context.Background(), &api.GetPackageRequest{Name: pkgName.GetName()}) + if err != nil { + logger.WithField("err", err.Error()).Warnf("error getting package") + break + } + newPkg, err := toPackageManifest(pkg, client) + if err != nil { + logger.WithField("err", err.Error()).Warnf("error converting to packagemanifest") + break + } + + // Set request namespace to stop kube clients from complaining about global namespace mismatch. + if namespace != metav1.NamespaceAll { + newPkg.SetNamespace(namespace) + } + pkgs = append(pkgs, *newPkg) + } + } + } + + return &operators.PackageManifestList{Items: pkgs}, nil +} + +func toPackageManifest(pkg *api.Package, client registryClient) (*operators.PackageManifest, error) { + pkgChannels := pkg.GetChannels() + catsrc := client.source + manifest := &operators.PackageManifest{ + ObjectMeta: metav1.ObjectMeta{ + Name: pkg.GetName(), + Namespace: catsrc.GetNamespace(), + Labels: labels.CloneAndAddLabel( + labels.CloneAndAddLabel(catsrc.GetLabels(), + "catalog", catsrc.GetName()), "catalog-namespace", catsrc.GetNamespace()), + CreationTimestamp: catsrc.GetCreationTimestamp(), + }, + Status: operators.PackageManifestStatus{ + CatalogSource: catsrc.GetName(), + CatalogSourceDisplayName: catsrc.Spec.DisplayName, + CatalogSourcePublisher: catsrc.Spec.Publisher, + CatalogSourceNamespace: catsrc.GetNamespace(), + PackageName: pkg.Name, + Channels: make([]operators.PackageChannel, len(pkgChannels)), + DefaultChannel: pkg.GetDefaultChannelName(), + }, + } + + for i, pkgChannel := range pkgChannels { + bundle, err := client.GetBundleForChannel(context.Background(), &api.GetBundleInChannelRequest{PkgName: pkg.GetName(), ChannelName: pkgChannel.GetName()}) + if err != nil { + return nil, err + } + + csv := operatorsv1alpha1.ClusterServiceVersion{} + err = json.Unmarshal([]byte(bundle.GetCsvJson()), &csv) + if err != nil { + return nil, err + } + manifest.Status.Channels[i] = operators.PackageChannel{ + Name: pkgChannel.GetName(), + CurrentCSV: csv.GetName(), + CurrentCSVDesc: operators.CreateCSVDescription(&csv), + } + + if manifest.Status.DefaultChannel != "" && pkgChannel.GetName() == manifest.Status.DefaultChannel || i == 0 { + manifest.Status.Provider = operators.AppLink{ + Name: csv.Spec.Provider.Name, + URL: csv.Spec.Provider.URL, + } + manifest.ObjectMeta.Labels["provider"] = manifest.Status.Provider.Name + manifest.ObjectMeta.Labels["provider-url"] = manifest.Status.Provider.URL + } + } + + return manifest, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/registry_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/registry_test.go new file mode 100644 index 000000000..c688c4c5e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider/registry_test.go @@ -0,0 +1,615 @@ +//go:generate counterfeiter -o ../client/fakes/fake_registry_client.go ../../../vendor/github.com/operator-framework/operator-registry/pkg/api/registry.pb.go RegistryClient +package provider + +import ( + "context" + "encoding/json" + "net" + "os" + "testing" + "time" + + "github.com/operator-framework/operator-registry/pkg/api" + registryserver "github.com/operator-framework/operator-registry/pkg/server" + "github.com/operator-framework/operator-registry/pkg/sqlite" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/require" + "google.golang.org/grpc" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + k8sfake "k8s.io/client-go/kubernetes/fake" + + operatorsv1alpha1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned/fake" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/fakes" +) + +const ( + port = "50051" + address = "localhost:" + dbName = "test.db" +) + +func server() { + _ = os.Remove(dbName) + lis, err := net.Listen("tcp", ":"+port) + if err != nil { + logrus.Fatalf("failed to listen: %v", err) + } + s := grpc.NewServer() + + load, err := sqlite.NewSQLLiteLoader(dbName) + if err != nil { + logrus.Fatal(err) + } + + loader := sqlite.NewSQLLoaderForDirectory(load, "manifests") + if err := loader.Populate(); err != nil { + logrus.Fatal(err) + } + load.Close() + + store, err := sqlite.NewSQLLiteQuerier(dbName) + if err != nil { + logrus.Fatal(err) + } + + api.RegisterRegistryServer(s, registryserver.NewRegistryServer(store)) + if err := s.Serve(lis); err != nil { + logrus.Fatalf("failed to serve: %v", err) + } +} + +type packageValue struct { + name string + namespace string +} + +func packageManifest(value packageValue) operators.PackageManifest { + return operators.PackageManifest{ + ObjectMeta: metav1.ObjectMeta{ + Name: value.name, + Namespace: value.namespace, + }, + } +} + +func NewFakeRegistryProvider(ctx context.Context, clientObjs []runtime.Object, k8sObjs []runtime.Object, watchedNamespaces []string, globalNamespace string) (*RegistryProvider, error) { + clientFake := fake.NewSimpleClientset(clientObjs...) + k8sClientFake := k8sfake.NewSimpleClientset(k8sObjs...) + opClientFake := operatorclient.NewClient(k8sClientFake, nil, nil) + + op, err := queueinformer.NewOperator(opClientFake.KubernetesInterface().Discovery()) + if err != nil { + return nil, err + } + + resyncInterval := 5 * time.Minute + + return NewRegistryProvider(ctx, clientFake, op, resyncInterval, watchedNamespaces, globalNamespace) +} + +func catalogSource(name, namespace string) *operatorsv1alpha1.CatalogSource { + return &operatorsv1alpha1.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + } +} + +func withRegistryServiceStatus(catalogSource *operatorsv1alpha1.CatalogSource, protocol, serviceName, serviceNamespace, port string, createdAt metav1.Time) *operatorsv1alpha1.CatalogSource { + out := catalogSource.DeepCopy() + out.Status.RegistryServiceStatus = &operatorsv1alpha1.RegistryServiceStatus{ + Protocol: protocol, + ServiceName: serviceName, + ServiceNamespace: serviceNamespace, + Port: port, + CreatedAt: createdAt, + } + + return out +} + +func TestMain(m *testing.M) { + go server() + exit := m.Run() + if err := os.Remove(dbName); err != nil { + logrus.Warnf("couldn't remove db") + } + os.Exit(exit) +} + +func TestToPackageManifest(t *testing.T) { + tests := []struct { + name string + apiPkg *api.Package + catalogSource *operatorsv1alpha1.CatalogSource + bundle *api.Bundle + expectedErr string + expected *operators.PackageManifest + }{ + { + name: "ToPackageManifest/GoodBundle", + apiPkg: &api.Package{ + Name: "etcd", + Channels: []*api.Channel{ + { + Name: "alpha", + CsvName: "etcdoperator.v0.9.2", + }, + }, + DefaultChannelName: "alpha", + }, + catalogSource: catalogSource("cool-operators", "ns"), + bundle: &api.Bundle{ + CsvName: "etcdoperator.v0.9.2", + PackageName: "etcd", + ChannelName: "alpha", + CsvJson: "{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"installModes\":[{\"supported\":true,\"type\":\"OwnNamespace\"},{\"supported\":true,\"type\":\"SingleNamespace\"},{\"supported\":false,\"type\":\"MultiNamespace\"},{\"supported\":false,\"type\":\"AllNamespaces\"}],\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}", + Object: []string{ + "{\"apiVersion\":\"apiextensions.k8s.io/v1beta1\",\"kind\":\"CustomResourceDefinition\",\"metadata\":{\"name\":\"etcdbackups.etcd.database.coreos.com\"},\"spec\":{\"group\":\"etcd.database.coreos.com\",\"names\":{\"kind\":\"EtcdBackup\",\"listKind\":\"EtcdBackupList\",\"plural\":\"etcdbackups\",\"singular\":\"etcdbackup\"},\"scope\":\"Namespaced\",\"version\":\"v1beta2\"}}", + "{\"apiVersion\":\"apiextensions.k8s.io/v1beta1\",\"kind\":\"CustomResourceDefinition\",\"metadata\":{\"name\":\"etcdclusters.etcd.database.coreos.com\"},\"spec\":{\"group\":\"etcd.database.coreos.com\",\"names\":{\"kind\":\"EtcdCluster\",\"listKind\":\"EtcdClusterList\",\"plural\":\"etcdclusters\",\"shortNames\":[\"etcdclus\",\"etcd\"],\"singular\":\"etcdcluster\"},\"scope\":\"Namespaced\",\"version\":\"v1beta2\"}}", + "{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}", + "{\"apiVersion\":\"apiextensions.k8s.io/v1beta1\",\"kind\":\"CustomResourceDefinition\",\"metadata\":{\"name\":\"etcdrestores.etcd.database.coreos.com\"},\"spec\":{\"group\":\"etcd.database.coreos.com\",\"names\":{\"kind\":\"EtcdRestore\",\"listKind\":\"EtcdRestoreList\",\"plural\":\"etcdrestores\",\"singular\":\"etcdrestore\"},\"scope\":\"Namespaced\",\"version\":\"v1beta2\"}}", + }, + }, + expectedErr: "", + expected: &operators.PackageManifest{ + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "ns", + "provider": "CoreOS, Inc", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "ns", + PackageName: "etcd", + Provider: operators.AppLink{ + Name: "CoreOS, Inc", + }, + DefaultChannel: "alpha", + Channels: []operators.PackageChannel{ + { + Name: "alpha", + CurrentCSV: "etcdoperator.v0.9.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte("{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"installModes\":[{\"supported\":true,\"type\":\"OwnNamespace\"},{\"supported\":true,\"type\":\"SingleNamespace\"},{\"supported\":false,\"type\":\"MultiNamespace\"},{\"supported\":false,\"type\":\"AllNamespaces\"}],\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}"), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + clientFake := &fakes.FakeRegistryClient{} + clientFake.GetBundleForChannelReturns(test.bundle, nil) + + client := registryClient{ + RegistryClient: clientFake, + source: test.catalogSource, + } + + packageManifest, err := toPackageManifest(test.apiPkg, client) + if test.expectedErr != "" { + require.Error(t, err) + require.Equal(t, test.expectedErr, err.Error()) + } else { + require.NoError(t, err) + } + require.Equal(t, test.expected, packageManifest) + }) + } +} + +func TestRegistryProviderGet(t *testing.T) { + type getRequest struct { + packageNamespace string + packageName string + } + tests := []struct { + name string + namespaces []string + globalNS string + catalogSources []runtime.Object + request getRequest + expectedErr string + expected *operators.PackageManifest + }{ + { + name: "SingleNamespace/PackageManifestNotFound", + namespaces: []string{"ns"}, + globalNS: "ns", + catalogSources: []runtime.Object{ + withRegistryServiceStatus(catalogSource("cool-operators", "ns"), "grpc", "cool-operators", "ns", port, metav1.NewTime(time.Now())), + }, + request: getRequest{ + packageNamespace: "ns", + packageName: "amq", + }, + expectedErr: "", + expected: nil, + }, + { + name: "SingleNamespace/PackageManifestFound", + namespaces: []string{"ns"}, + globalNS: "ns", + catalogSources: []runtime.Object{ + withRegistryServiceStatus(catalogSource("cool-operators", "ns"), "grpc", "cool-operators", "ns", port, metav1.NewTime(time.Now())), + }, + request: getRequest{ + // A package known to exist in the directory-loaded registry. + packageNamespace: "ns", + packageName: "etcd", + }, + expectedErr: "", + expected: &operators.PackageManifest{ + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "ns", + "provider": "CoreOS, Inc", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "ns", + PackageName: "etcd", + Provider: operators.AppLink{ + Name: "CoreOS, Inc", + }, + DefaultChannel: "alpha", + Channels: []operators.PackageChannel{ + { + Name: "alpha", + CurrentCSV: "etcdoperator.v0.9.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte("{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}"), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + }, + { + name: "SingleNamespace/TwoCatalogs/OneBadConnection/PackageManifestFound", + namespaces: []string{"ns"}, + globalNS: "ns", + catalogSources: []runtime.Object{ + withRegistryServiceStatus(catalogSource("cool-operators", "ns"), "grpc", "cool-operators", "ns", port, metav1.NewTime(time.Now())), + withRegistryServiceStatus(catalogSource("not-so-cool-operators", "ns"), "grpc", "not-so-cool-operators", "ns", "50052", metav1.NewTime(time.Now())), + }, + request: getRequest{ + // A package known to exist in the directory-loaded registry. + packageNamespace: "ns", + packageName: "etcd", + }, + expectedErr: "", + expected: &operators.PackageManifest{ + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "ns", + "provider": "CoreOS, Inc", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "ns", + PackageName: "etcd", + Provider: operators.AppLink{ + Name: "CoreOS, Inc", + }, + DefaultChannel: "alpha", + Channels: []operators.PackageChannel{ + { + Name: "alpha", + CurrentCSV: "etcdoperator.v0.9.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte("{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}"), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + }, + { + name: "GlobalNamespace/PackageManifestFound", + namespaces: []string{"ns", "global"}, + globalNS: "global", + catalogSources: []runtime.Object{ + withRegistryServiceStatus(catalogSource("cool-operators", "global"), "grpc", "cool-operators", "global", port, metav1.NewTime(time.Now())), + }, + request: getRequest{ + // A package known to exist in the directory-loaded registry. + packageNamespace: "ns", + packageName: "etcd", + }, + expectedErr: "", + expected: &operators.PackageManifest{ + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "global", + "provider": "CoreOS, Inc", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "global", + PackageName: "etcd", + Provider: operators.AppLink{ + Name: "CoreOS, Inc", + }, + DefaultChannel: "alpha", + Channels: []operators.PackageChannel{ + { + Name: "alpha", + CurrentCSV: "etcdoperator.v0.9.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte("{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}"), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + provider, err := NewFakeRegistryProvider(ctx, nil, nil, test.namespaces, test.globalNS) + require.NoError(t, err) + + for _, cs := range test.catalogSources { + catsrc := (cs).(*operatorsv1alpha1.CatalogSource) + conn, err := grpc.Dial(address+catsrc.Status.RegistryServiceStatus.Port, grpc.WithInsecure()) + require.NoError(t, err, "could not set up test grpc connection") + provider.clients[sourceKey{catsrc.GetName(), catsrc.GetNamespace()}] = newRegistryClient(catsrc, conn) + } + + packageManifest, err := provider.Get(test.request.packageNamespace, test.request.packageName) + if test.expectedErr != "" { + require.NotNil(t, err) + require.Equal(t, test.expectedErr, err.Error()) + } else { + require.Nil(t, err) + } + + require.EqualValues(t, test.expected, packageManifest) + }) + } +} + +func TestRegistryProviderList(t *testing.T) { + tests := []struct { + name string + namespaces []string + globalNS string + catalogSources []runtime.Object + requestNamespace string + expectedErr string + expected *operators.PackageManifestList + }{ + { + name: "NoPackages", + namespaces: []string{"ns"}, + globalNS: "ns", + catalogSources: nil, + requestNamespace: "wisconsin", + expectedErr: "", + expected: &operators.PackageManifestList{Items: []operators.PackageManifest{}}, + }, + { + name: "PackagesFound", + namespaces: []string{"ns"}, + globalNS: "ns", + catalogSources: []runtime.Object{ + withRegistryServiceStatus(catalogSource("cool-operators", "ns"), "grpc", "cool-operators", "ns", port, metav1.NewTime(time.Now())), + }, + requestNamespace: "ns", + expectedErr: "", + expected: &operators.PackageManifestList{Items: []operators.PackageManifest{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "prometheus", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "ns", + "provider": "Red Hat", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "ns", + PackageName: "prometheus", + Provider: operators.AppLink{ + Name: "Red Hat", + }, + DefaultChannel: "preview", + Channels: []operators.PackageChannel{ + { + Name: "preview", + CurrentCSV: "prometheusoperator.0.22.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte(`{"apiVersion":"operators.coreos.com/v1alpha1","kind":"ClusterServiceVersion","metadata":{"annotations":{"alm-examples":"[{\"apiVersion\":\"monitoring.coreos.com/v1\",\"kind\":\"Prometheus\",\"metadata\":{\"name\":\"example\",\"labels\":{\"prometheus\":\"k8s\"}},\"spec\":{\"replicas\":2,\"version\":\"v2.3.2\",\"serviceAccountName\":\"prometheus-k8s\",\"securityContext\": {}, \"serviceMonitorSelector\":{\"matchExpressions\":[{\"key\":\"k8s-app\",\"operator\":\"Exists\"}]},\"ruleSelector\":{\"matchLabels\":{\"role\":\"prometheus-rulefiles\",\"prometheus\":\"k8s\"}},\"alerting\":{\"alertmanagers\":[{\"namespace\":\"monitoring\",\"name\":\"alertmanager-main\",\"port\":\"web\"}]}}},{\"apiVersion\":\"monitoring.coreos.com/v1\",\"kind\":\"ServiceMonitor\",\"metadata\":{\"name\":\"example\",\"labels\":{\"k8s-app\":\"prometheus\"}},\"spec\":{\"selector\":{\"matchLabels\":{\"k8s-app\":\"prometheus\"}},\"endpoints\":[{\"port\":\"web\",\"interval\":\"30s\"}]}},{\"apiVersion\":\"monitoring.coreos.com/v1\",\"kind\":\"Alertmanager\",\"metadata\":{\"name\":\"alertmanager-main\"},\"spec\":{\"replicas\":3, \"securityContext\": {}}}]"},"name":"prometheusoperator.0.22.2","namespace":"placeholder"},"spec":{"customresourcedefinitions":{"owned":[{"description":"A running Prometheus instance","displayName":"Prometheus","kind":"Prometheus","name":"prometheuses.monitoring.coreos.com","resources":[{"kind":"StatefulSet","version":"v1beta2"},{"kind":"Pod","version":"v1"}],"specDescriptors":[{"description":"Desired number of Pods for the cluster","displayName":"Size","path":"replicas","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:podCount"]},{"description":"A selector for the ConfigMaps from which to load rule files","displayName":"Rule Config Map Selector","path":"ruleSelector","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap"]},{"description":"ServiceMonitors to be selected for target discovery","displayName":"Service Monitor Selector","path":"serviceMonitorSelector","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor"]},{"description":"The ServiceAccount to use to run the Prometheus pods","displayName":"Service Account","path":"serviceAccountName","x-descriptors":["urn:alm:descriptor:io.kubernetes:ServiceAccount"]},{"description":"Limits describes the minimum/maximum amount of compute resources required/allowed","displayName":"Resource Requirements","path":"resources","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:resourceRequirements"]}],"version":"v1"},{"description":"A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules.","displayName":"Prometheus Rule","kind":"PrometheusRule","name":"prometheusrules.monitoring.coreos.com","version":"v1"},{"description":"Configures prometheus to monitor a particular k8s service","displayName":"Service Monitor","kind":"ServiceMonitor","name":"servicemonitors.monitoring.coreos.com","resources":[{"kind":"Pod","version":"v1"}],"specDescriptors":[{"description":"The label to use to retrieve the job name from","displayName":"Job Label","path":"jobLabel","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:label"]},{"description":"A list of endpoints allowed as part of this ServiceMonitor","displayName":"Endpoints","path":"endpoints","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:endpointList"]}],"version":"v1"},{"description":"Configures an Alertmanager for the namespace","displayName":"Alertmanager","kind":"Alertmanager","name":"alertmanagers.monitoring.coreos.com","resources":[{"kind":"StatefulSet","version":"v1beta2"},{"kind":"Pod","version":"v1"}],"specDescriptors":[{"description":"Desired number of Pods for the cluster","displayName":"Size","path":"replicas","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:podCount"]},{"description":"Limits describes the minimum/maximum amount of compute resources required/allowed","displayName":"Resource Requirements","path":"resources","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:resourceRequirements"]}],"version":"v1"}]},"description":"The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances.\n\nOnce installed, the Prometheus Operator provides the following features:\n\n* **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator.\n\n* **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource.\n\n* **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language.\n\n### Other Supported Features\n\n**High availability**\n\nMultiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most.\n\n**Updates via automated operations**\n\nNew Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date.\n\n**Handles the dynamic nature of containers**\n\nAlerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment.\n","displayName":"Prometheus Operator","icon":[{"base64data":"PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg==","mediatype":"image/svg+xml"}],"install":{"spec":{"deployments":[{"name":"prometheus-operator","spec":{"replicas":1,"selector":{"matchLabels":{"k8s-app":"prometheus-operator"}},"template":{"metadata":{"labels":{"k8s-app":"prometheus-operator"}},"spec":{"containers":[{"args":["-namespace=$(K8S_NAMESPACE)","-manage-crds=false","-logtostderr=true","--config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1","--prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2"],"env":[{"name":"K8S_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf","name":"prometheus-operator","ports":[{"containerPort":8080,"name":"http"}],"resources":{"limits":{"cpu":"200m","memory":"100Mi"},"requests":{"cpu":"100m","memory":"50Mi"}},"securityContext":{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true}}],"nodeSelector":{"beta.kubernetes.io/os":"linux"},"serviceAccount":"prometheus-operator-0-22-2"}}}}],"permissions":[{"rules":[{"apiGroups":[""],"resources":["nodes","services","endpoints","pods"],"verbs":["get","list","watch"]},{"apiGroups":[""],"resources":["configmaps"],"verbs":["get"]}],"serviceAccountName":"prometheus-k8s"},{"rules":[{"apiGroups":["apiextensions.k8s.io"],"resources":["customresourcedefinitions"],"verbs":["*"]},{"apiGroups":["monitoring.coreos.com"],"resources":["alertmanagers","prometheuses","prometheuses/finalizers","alertmanagers/finalizers","servicemonitors","prometheusrules"],"verbs":["*"]},{"apiGroups":["apps"],"resources":["statefulsets"],"verbs":["*"]},{"apiGroups":[""],"resources":["configmaps","secrets"],"verbs":["*"]},{"apiGroups":[""],"resources":["pods"],"verbs":["list","delete"]},{"apiGroups":[""],"resources":["services","endpoints"],"verbs":["get","create","update"]},{"apiGroups":[""],"resources":["nodes"],"verbs":["list","watch"]},{"apiGroups":[""],"resources":["namespaces"],"verbs":["list","watch"]}],"serviceAccountName":"prometheus-operator-0-22-2"}]},"strategy":"deployment"},"keywords":["prometheus","monitoring","tsdb","alerting"],"labels":{"alm-owner-prometheus":"prometheusoperator","alm-status-descriptors":"prometheusoperator.0.22.2"},"links":[{"name":"Prometheus","url":"https://www.prometheus.io/"},{"name":"Documentation","url":"https://coreos.com/operators/prometheus/docs/latest/"},{"name":"Prometheus Operator","url":"https://github.com/coreos/prometheus-operator"}],"maintainers":[{"email":"openshift-operators@redhat.com","name":"Red Hat"}],"maturity":"beta","provider":{"name":"Red Hat"},"replaces":"prometheusoperator.0.15.0","selector":{"matchLabels":{"alm-owner-prometheus":"prometheusoperator"}},"version":"0.22.2"}}`), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "ns", + "provider": "CoreOS, Inc", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "ns", + PackageName: "etcd", + Provider: operators.AppLink{ + Name: "CoreOS, Inc", + }, + DefaultChannel: "alpha", + Channels: []operators.PackageChannel{ + { + Name: "alpha", + CurrentCSV: "etcdoperator.v0.9.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte("{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}"), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + }}, + }, + { + name: "TwoCatalogs/OneBadConnection/PackagesFound", + namespaces: []string{"ns"}, + globalNS: "ns", + catalogSources: []runtime.Object{ + withRegistryServiceStatus(catalogSource("cool-operators", "ns"), "grpc", "cool-operators", "ns", port, metav1.NewTime(time.Now())), + withRegistryServiceStatus(catalogSource("not-so-cool-operators", "ns"), "grpc", "not-so-cool-operators", "ns", "50052", metav1.NewTime(time.Now())), + }, + requestNamespace: "ns", + expectedErr: "", + expected: &operators.PackageManifestList{Items: []operators.PackageManifest{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "prometheus", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "ns", + "provider": "Red Hat", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "ns", + PackageName: "prometheus", + Provider: operators.AppLink{ + Name: "Red Hat", + }, + DefaultChannel: "preview", + Channels: []operators.PackageChannel{ + { + Name: "preview", + CurrentCSV: "prometheusoperator.0.22.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte(`{"apiVersion":"operators.coreos.com/v1alpha1","kind":"ClusterServiceVersion","metadata":{"annotations":{"alm-examples":"[{\"apiVersion\":\"monitoring.coreos.com/v1\",\"kind\":\"Prometheus\",\"metadata\":{\"name\":\"example\",\"labels\":{\"prometheus\":\"k8s\"}},\"spec\":{\"replicas\":2,\"version\":\"v2.3.2\",\"serviceAccountName\":\"prometheus-k8s\",\"securityContext\": {}, \"serviceMonitorSelector\":{\"matchExpressions\":[{\"key\":\"k8s-app\",\"operator\":\"Exists\"}]},\"ruleSelector\":{\"matchLabels\":{\"role\":\"prometheus-rulefiles\",\"prometheus\":\"k8s\"}},\"alerting\":{\"alertmanagers\":[{\"namespace\":\"monitoring\",\"name\":\"alertmanager-main\",\"port\":\"web\"}]}}},{\"apiVersion\":\"monitoring.coreos.com/v1\",\"kind\":\"ServiceMonitor\",\"metadata\":{\"name\":\"example\",\"labels\":{\"k8s-app\":\"prometheus\"}},\"spec\":{\"selector\":{\"matchLabels\":{\"k8s-app\":\"prometheus\"}},\"endpoints\":[{\"port\":\"web\",\"interval\":\"30s\"}]}},{\"apiVersion\":\"monitoring.coreos.com/v1\",\"kind\":\"Alertmanager\",\"metadata\":{\"name\":\"alertmanager-main\"},\"spec\":{\"replicas\":3, \"securityContext\": {}}}]"},"name":"prometheusoperator.0.22.2","namespace":"placeholder"},"spec":{"customresourcedefinitions":{"owned":[{"description":"A running Prometheus instance","displayName":"Prometheus","kind":"Prometheus","name":"prometheuses.monitoring.coreos.com","resources":[{"kind":"StatefulSet","version":"v1beta2"},{"kind":"Pod","version":"v1"}],"specDescriptors":[{"description":"Desired number of Pods for the cluster","displayName":"Size","path":"replicas","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:podCount"]},{"description":"A selector for the ConfigMaps from which to load rule files","displayName":"Rule Config Map Selector","path":"ruleSelector","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap"]},{"description":"ServiceMonitors to be selected for target discovery","displayName":"Service Monitor Selector","path":"serviceMonitorSelector","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor"]},{"description":"The ServiceAccount to use to run the Prometheus pods","displayName":"Service Account","path":"serviceAccountName","x-descriptors":["urn:alm:descriptor:io.kubernetes:ServiceAccount"]},{"description":"Limits describes the minimum/maximum amount of compute resources required/allowed","displayName":"Resource Requirements","path":"resources","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:resourceRequirements"]}],"version":"v1"},{"description":"A Prometheus Rule configures groups of sequentially evaluated recording and alerting rules.","displayName":"Prometheus Rule","kind":"PrometheusRule","name":"prometheusrules.monitoring.coreos.com","version":"v1"},{"description":"Configures prometheus to monitor a particular k8s service","displayName":"Service Monitor","kind":"ServiceMonitor","name":"servicemonitors.monitoring.coreos.com","resources":[{"kind":"Pod","version":"v1"}],"specDescriptors":[{"description":"The label to use to retrieve the job name from","displayName":"Job Label","path":"jobLabel","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:label"]},{"description":"A list of endpoints allowed as part of this ServiceMonitor","displayName":"Endpoints","path":"endpoints","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:endpointList"]}],"version":"v1"},{"description":"Configures an Alertmanager for the namespace","displayName":"Alertmanager","kind":"Alertmanager","name":"alertmanagers.monitoring.coreos.com","resources":[{"kind":"StatefulSet","version":"v1beta2"},{"kind":"Pod","version":"v1"}],"specDescriptors":[{"description":"Desired number of Pods for the cluster","displayName":"Size","path":"replicas","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:podCount"]},{"description":"Limits describes the minimum/maximum amount of compute resources required/allowed","displayName":"Resource Requirements","path":"resources","x-descriptors":["urn:alm:descriptor:com.tectonic.ui:resourceRequirements"]}],"version":"v1"}]},"description":"The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances.\n\nOnce installed, the Prometheus Operator provides the following features:\n\n* **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator.\n\n* **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource.\n\n* **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language.\n\n### Other Supported Features\n\n**High availability**\n\nMultiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most.\n\n**Updates via automated operations**\n\nNew Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date.\n\n**Handles the dynamic nature of containers**\n\nAlerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment.\n","displayName":"Prometheus Operator","icon":[{"base64data":"PHN2ZyB3aWR0aD0iMjQ5MCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NyIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTEyOC4wMDEuNjY3QzU3LjMxMS42NjcgMCA1Ny45NzEgMCAxMjguNjY0YzAgNzAuNjkgNTcuMzExIDEyNy45OTggMTI4LjAwMSAxMjcuOTk4UzI1NiAxOTkuMzU0IDI1NiAxMjguNjY0QzI1NiA1Ny45NyAxOTguNjg5LjY2NyAxMjguMDAxLjY2N3ptMCAyMzkuNTZjLTIwLjExMiAwLTM2LjQxOS0xMy40MzUtMzYuNDE5LTMwLjAwNGg3Mi44MzhjMCAxNi41NjYtMTYuMzA2IDMwLjAwNC0zNi40MTkgMzAuMDA0em02MC4xNTMtMzkuOTRINjcuODQyVjE3OC40N2gxMjAuMzE0djIxLjgxNmgtLjAwMnptLS40MzItMzMuMDQ1SDY4LjE4NWMtLjM5OC0uNDU4LS44MDQtLjkxLTEuMTg4LTEuMzc1LTEyLjMxNS0xNC45NTQtMTUuMjE2LTIyLjc2LTE4LjAzMi0zMC43MTYtLjA0OC0uMjYyIDE0LjkzMyAzLjA2IDI1LjU1NiA1LjQ1IDAgMCA1LjQ2NiAxLjI2NSAxMy40NTggMi43MjItNy42NzMtOC45OTQtMTIuMjMtMjAuNDI4LTEyLjIzLTMyLjExNiAwLTI1LjY1OCAxOS42OC00OC4wNzkgMTIuNTgtNjYuMjAxIDYuOTEuNTYyIDE0LjMgMTQuNTgzIDE0LjggMzYuNTA1IDcuMzQ2LTEwLjE1MiAxMC40Mi0yOC42OSAxMC40Mi00MC4wNTYgMC0xMS43NjkgNy43NTUtMjUuNDQgMTUuNTEyLTI1LjkwNy02LjkxNSAxMS4zOTYgMS43OSAyMS4xNjUgOS41MyA0NS40IDIuOTAyIDkuMTAzIDIuNTMyIDI0LjQyMyA0Ljc3MiAzNC4xMzguNzQ0LTIwLjE3OCA0LjIxMy00OS42MiAxNy4wMTQtNTkuNzg0LTUuNjQ3IDEyLjguODM2IDI4LjgxOCA1LjI3IDM2LjUxOCA3LjE1NCAxMi40MjQgMTEuNDkgMjEuODM2IDExLjQ5IDM5LjYzOCAwIDExLjkzNi00LjQwNyAyMy4xNzMtMTEuODQgMzEuOTU4IDguNDUyLTEuNTg2IDE0LjI4OS0zLjAxNiAxNC4yODktMy4wMTZsMjcuNDUtNS4zNTVjLjAwMi0uMDAyLTMuOTg3IDE2LjQwMS0xOS4zMTQgMzIuMTk3eiIgZmlsbD0iI0RBNEUzMSIvPjwvc3ZnPg==","mediatype":"image/svg+xml"}],"install":{"spec":{"deployments":[{"name":"prometheus-operator","spec":{"replicas":1,"selector":{"matchLabels":{"k8s-app":"prometheus-operator"}},"template":{"metadata":{"labels":{"k8s-app":"prometheus-operator"}},"spec":{"containers":[{"args":["-namespace=$(K8S_NAMESPACE)","-manage-crds=false","-logtostderr=true","--config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1","--prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.22.2"],"env":[{"name":"K8S_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"quay.io/coreos/prometheus-operator@sha256:3daa69a8c6c2f1d35dcf1fe48a7cd8b230e55f5229a1ded438f687debade5bcf","name":"prometheus-operator","ports":[{"containerPort":8080,"name":"http"}],"resources":{"limits":{"cpu":"200m","memory":"100Mi"},"requests":{"cpu":"100m","memory":"50Mi"}},"securityContext":{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true}}],"nodeSelector":{"beta.kubernetes.io/os":"linux"},"serviceAccount":"prometheus-operator-0-22-2"}}}}],"permissions":[{"rules":[{"apiGroups":[""],"resources":["nodes","services","endpoints","pods"],"verbs":["get","list","watch"]},{"apiGroups":[""],"resources":["configmaps"],"verbs":["get"]}],"serviceAccountName":"prometheus-k8s"},{"rules":[{"apiGroups":["apiextensions.k8s.io"],"resources":["customresourcedefinitions"],"verbs":["*"]},{"apiGroups":["monitoring.coreos.com"],"resources":["alertmanagers","prometheuses","prometheuses/finalizers","alertmanagers/finalizers","servicemonitors","prometheusrules"],"verbs":["*"]},{"apiGroups":["apps"],"resources":["statefulsets"],"verbs":["*"]},{"apiGroups":[""],"resources":["configmaps","secrets"],"verbs":["*"]},{"apiGroups":[""],"resources":["pods"],"verbs":["list","delete"]},{"apiGroups":[""],"resources":["services","endpoints"],"verbs":["get","create","update"]},{"apiGroups":[""],"resources":["nodes"],"verbs":["list","watch"]},{"apiGroups":[""],"resources":["namespaces"],"verbs":["list","watch"]}],"serviceAccountName":"prometheus-operator-0-22-2"}]},"strategy":"deployment"},"keywords":["prometheus","monitoring","tsdb","alerting"],"labels":{"alm-owner-prometheus":"prometheusoperator","alm-status-descriptors":"prometheusoperator.0.22.2"},"links":[{"name":"Prometheus","url":"https://www.prometheus.io/"},{"name":"Documentation","url":"https://coreos.com/operators/prometheus/docs/latest/"},{"name":"Prometheus Operator","url":"https://github.com/coreos/prometheus-operator"}],"maintainers":[{"email":"openshift-operators@redhat.com","name":"Red Hat"}],"maturity":"beta","provider":{"name":"Red Hat"},"replaces":"prometheusoperator.0.15.0","selector":{"matchLabels":{"alm-owner-prometheus":"prometheusoperator"}},"version":"0.22.2"}}`), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "etcd", + Namespace: "ns", + Labels: labels.Set{ + "catalog": "cool-operators", + "catalog-namespace": "ns", + "provider": "CoreOS, Inc", + "provider-url": "", + }, + }, + Status: operators.PackageManifestStatus{ + CatalogSource: "cool-operators", + CatalogSourceNamespace: "ns", + PackageName: "etcd", + Provider: operators.AppLink{ + Name: "CoreOS, Inc", + }, + DefaultChannel: "alpha", + Channels: []operators.PackageChannel{ + { + Name: "alpha", + CurrentCSV: "etcdoperator.v0.9.2", + CurrentCSVDesc: func() operators.CSVDescription { + csv := operatorsv1alpha1.ClusterServiceVersion{} + json.Unmarshal([]byte("{\"apiVersion\":\"operators.coreos.com/v1alpha1\",\"kind\":\"ClusterServiceVersion\",\"metadata\":{\"annotations\":{\"alm-examples\":\"[{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdCluster\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example\\\",\\\"namespace\\\":\\\"default\\\"},\\\"spec\\\":{\\\"size\\\":3,\\\"version\\\":\\\"3.2.13\\\"}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdRestore\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"spec\\\":{\\\"etcdCluster\\\":{\\\"name\\\":\\\"example-etcd-cluster\\\"},\\\"backupStorageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}},{\\\"apiVersion\\\":\\\"etcd.database.coreos.com/v1beta2\\\",\\\"kind\\\":\\\"EtcdBackup\\\",\\\"metadata\\\":{\\\"name\\\":\\\"example-etcd-cluster-backup\\\"},\\\"spec\\\":{\\\"etcdEndpoints\\\":[\\\"\\u003cetcd-cluster-endpoints\\u003e\\\"],\\\"storageType\\\":\\\"S3\\\",\\\"s3\\\":{\\\"path\\\":\\\"\\u003cfull-s3-path\\u003e\\\",\\\"awsSecret\\\":\\\"\\u003caws-secret\\u003e\\\"}}}]\",\"tectonic-visibility\":\"ocs\"},\"name\":\"etcdoperator.v0.9.2\",\"namespace\":\"placeholder\"},\"spec\":{\"customresourcedefinitions\":{\"owned\":[{\"description\":\"Represents a cluster of etcd nodes.\",\"displayName\":\"etcd Cluster\",\"kind\":\"EtcdCluster\",\"name\":\"etcdclusters.etcd.database.coreos.com\",\"resources\":[{\"kind\":\"Service\",\"version\":\"v1\"},{\"kind\":\"Pod\",\"version\":\"v1\"}],\"specDescriptors\":[{\"description\":\"The desired number of member Pods for the etcd cluster.\",\"displayName\":\"Size\",\"path\":\"size\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podCount\"]},{\"description\":\"Limits describes the minimum/maximum amount of compute resources required/allowed\",\"displayName\":\"Resource Requirements\",\"path\":\"pod.resources\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:resourceRequirements\"]}],\"statusDescriptors\":[{\"description\":\"The status of each of the member Pods for the etcd cluster.\",\"displayName\":\"Member Status\",\"path\":\"members\",\"x-descriptors\":[\"urn:alm:descriptor:com.tectonic.ui:podStatuses\"]},{\"description\":\"The service at which the running etcd cluster can be accessed.\",\"displayName\":\"Service\",\"path\":\"serviceName\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Service\"]},{\"description\":\"The current size of the etcd cluster.\",\"displayName\":\"Cluster Size\",\"path\":\"size\"},{\"description\":\"The current version of the etcd cluster.\",\"displayName\":\"Current Version\",\"path\":\"currentVersion\"},{\"description\":\"The target version of the etcd cluster, after upgrading.\",\"displayName\":\"Target Version\",\"path\":\"targetVersion\"},{\"description\":\"The current status of the etcd cluster.\",\"displayName\":\"Status\",\"path\":\"phase\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase\"]},{\"description\":\"Explanation for the current status of the cluster.\",\"displayName\":\"Status Details\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to backup an etcd cluster.\",\"displayName\":\"etcd Backup\",\"kind\":\"EtcdBackup\",\"name\":\"etcdbackups.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"Specifies the endpoints of an etcd cluster.\",\"displayName\":\"etcd Endpoint(s)\",\"path\":\"etcdEndpoints\",\"x-descriptors\":[\"urn:alm:descriptor:etcd:endpoint\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the backup was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any backup related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"},{\"description\":\"Represents the intent to restore an etcd cluster from a backup.\",\"displayName\":\"etcd Restore\",\"kind\":\"EtcdRestore\",\"name\":\"etcdrestores.etcd.database.coreos.com\",\"specDescriptors\":[{\"description\":\"References the EtcdCluster which should be restored,\",\"displayName\":\"etcd Cluster\",\"path\":\"etcdCluster.name\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:EtcdCluster\",\"urn:alm:descriptor:text\"]},{\"description\":\"The full AWS S3 path where the backup is saved.\",\"displayName\":\"S3 Path\",\"path\":\"s3.path\",\"x-descriptors\":[\"urn:alm:descriptor:aws:s3:path\"]},{\"description\":\"The name of the secret object that stores the AWS credential and config files.\",\"displayName\":\"AWS Secret\",\"path\":\"s3.awsSecret\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes:Secret\"]}],\"statusDescriptors\":[{\"description\":\"Indicates if the restore was successful.\",\"displayName\":\"Succeeded\",\"path\":\"succeeded\",\"x-descriptors\":[\"urn:alm:descriptor:text\"]},{\"description\":\"Indicates the reason for any restore related failures.\",\"displayName\":\"Reason\",\"path\":\"reason\",\"x-descriptors\":[\"urn:alm:descriptor:io.kubernetes.phase:reason\"]}],\"version\":\"v1beta2\"}]},\"description\":\"etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.\\nA simple use-case is to store database connection details or feature flags within etcd as key value pairs. These values can be watched, allowing your app to reconfigure itself when they change. Advanced uses take advantage of the consistency guarantees to implement database leader elections or do distributed locking across a cluster of workers.\\n\\n_The etcd Open Cloud Service is Public Alpha. The goal before Beta is to fully implement backup features._\\n\\n### Reading and writing to etcd\\n\\nCommunicate with etcd though its command line utility `etcdctl` or with the API using the automatically generated Kubernetes Service.\\n\\n[Read the complete guide to using the etcd Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/etcd-ocs.html)\\n\\n### Supported Features\\n\\n\\n**High availability**\\n\\n\\nMultiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.\\n\\n\\n**Automated updates**\\n\\n\\nRolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.\\n\\n\\n**Backups included**\\n\\n\\nComing soon, the ability to schedule backups to happen on or off cluster.\\n\",\"displayName\":\"etcd\",\"icon\":[{\"base64data\":\"iVBORw0KGgoAAAANSUhEUgAAAOEAAADZCAYAAADWmle6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAEKlJREFUeNrsndt1GzkShmEev4sTgeiHfRYdgVqbgOgITEVgOgLTEQydwIiKwFQCayoCU6+7DyYjsBiBFyVVz7RkXvqCSxXw/+f04XjGQ6IL+FBVuL769euXgZ7r39f/G9iP0X+u/jWDNZzZdGI/Ftama1jjuV4BwmcNpbAf1Fgu+V/9YRvNAyzT2a59+/GT/3hnn5m16wKWedJrmOCxkYztx9Q+py/+E0GJxtJdReWfz+mxNt+QzS2Mc0AI+HbBBwj9QViKbH5t64DsP2fvmGXUkWU4WgO+Uve2YQzBUGd7r+zH2ZG/tiUQc4QxKwgbwFfVGwwmdLL5wH78aPC/ZBem9jJpCAX3xtcNASSNgJLzUPSQyjB1zQNl8IQJ9MIU4lx2+Jo72ysXYKl1HSzN02BMa/vbZ5xyNJIshJzwf3L0dQhJw4Sih/SFw9Tk8sVeghVPoefaIYCkMZCKbrcP9lnZuk0uPUjGE/KE8JQry7W2tgfuC3vXgvNV+qSQbyFtAtyWk7zWiYevvuUQ9QEQCvJ+5mmu6dTjz1zFHLFj8Eb87MtxaZh/IQFIHom+9vgTWwZxAQjT9X4vtbEVPojwjiV471s00mhAckpwGuCn1HtFtRDaSh6y9zsL+LNBvCG/24ThcxHObdlWc1v+VQJe8LcO0jwtuF8BwnAAUgP9M8JPU2Me+Oh12auPGT6fHuTePE3bLDy+x9pTLnhMn+07TQGh//Bz1iI0c6kvtqInjvPZcYR3KsPVmUsPYt9nFig9SCY8VQNhpPBzn952bbgcsk2EvM89wzh3UEffBbyPqvBUBYQ8ODGPFOLsa7RF096WJ69L+E4EmnpjWu5o4ChlKaRTKT39RMMaVPEQRsz/nIWlDN80chjdJlSd1l0pJCAMVZsniobQVuxceMM9OFoaMd9zqZtjMEYYDW38Drb8Y0DYPLShxn0pvIFuOSxd7YCPet9zk452wsh54FJoeN05hcgSQoG5RR0Qh9Q4E4VvL4wcZq8UACgaRFEQKgSwWrkr5WFnGxiHSutqJGlXjBgIOayhwYBTA0ER0oisIVSUV0AAMT0IASCUO4hRIQSAEECMCCEPwqyQA0JCQBzEGjWNAqHiUVAoXUWbvggOIQCEAOJzxTjoaQ4AIaE64/aZridUsBYUgkhB15oGg1DBIl8IqirYwV6hPSGBSFteMCUBSVXwfYixBmamRubeMyjzMJQBDDowE3OesDD+zwqFoDqiEwXoXJpljB+PvWJGy75BKF1FPxhKygJuqUdYQGlLxNEXkrYyjQ0GbaAwEnUIlLRNvVjQDYUAsJB0HKLE4y0AIpQNgCIhBIhQTgCKhZBBpAN/v6LtQI50JfUgYOnnjmLUFHKhjxbAmdTCaTiBm3ovLPqG2urWAij6im0Nd9aTN9ygLUEt9LgSRnohxUPIKxlGaE+/6Y7znFf0yX+GnkvFFWmarkab2o9PmTeq8sbd2a7DaysXz7i64VeznN4jCQhN9gdDbRiuWrfrsq0mHIrlaq+hlotCtd3Um9u0BYWY8y5D67wccJoZjFca7iUs9VqZcfsZwTd1sbWGG+OcYaTnPAP7rTQVVlM4Sg3oGvB1tmNh0t/HKXZ1jFoIMwCQjtqbhNxUmkGYqgZEDZP11HN/S3gAYRozf0l8C5kKEKUvW0t1IfeWG/5MwgheZTT1E0AEhDkAePQO+Ig2H3DncAkQM4cwUQCD530dU4B5Yvmi2LlDqXfWrxMCcMth51RToRMNUXFnfc2KJ0+Ryl0VNOUwlhh6NoxK5gnViTgQpUG4SqSyt5z3zRJpuKmt3Q1614QaCBPaN6je+2XiFcWAKOXcUfIYKRyL/1lb7pe5VxSxxjQ6hImshqGRt5GWZVKO6q2wHwujfwDtIvaIdexj8Cm8+a68EqMfox6x/voMouZF4dHnEGNeCDMwT6vdNfekH1MafMk4PI06YtqLVGl95aEM9Z5vAeCTOA++YLtoVJRrsqNCaJ6WRmkdYaNec5BT/lcTRMqrhmwfjbpkj55+OKp8IEbU/JLgPJE6Wa3TTe9sHS+ShVD5QIyqIxMEwKh12olC6mHIed5ewEop80CNlfIOADYOT2nd6ZXCop+Ebqchc0JqxKcKASxChycJgUh1rnHA5ow9eTrhqNI7JWiAYYwBGGdpyNLoGw0Pkh96h1BpHihyywtATDM/7Hk2fN9EnH8BgKJCU4ooBkbXFMZJiPbrOyecGl3zgQDQL4hk10IZiOe+5w99Q/gBAEIJgPhJM4QAEEoFREAIAAEiIASAkD8Qt4AQAEIAERAGFlX4CACKAXGVM4ivMwWwCLFAlyeoaa70QePKm5Dlp+/n+ye/5dYgva6YsUaVeMa+tzNFeJtWwc+udbJ0Fg399kLielQJ5Ze61c2+7ytA6EZetiPxZC6tj22yJCv6jUwOyj/zcbqAxOMyAKEbfeHtNa7DtYXptjsk2kJxR+eIeim/tHNofUKYy8DMrQcAKWz6brpvzyIAlpwPhQ49l6b7skJf5Z+YTOYQc4FwLDxvoTDwaygQK+U/kVr+ytSFBG01Q3gnJJR4cNiAhx4HDub8/b5DULXlj6SVZghFiE+LdvE9vo/o8Lp1RmH5hzm0T6wdbZ6n+D6i44zDRc3ln6CpAEJfXiRU45oqLz8gFAThWsh7ughrRibc0QynHgZpNJa/ENJ+loCwu/qOGnFIjYR/n7TfgycULhcQhu6VC+HfF+L3BoAQ4WiZTw1M+FPCnA2gKC6/FAhXgDC+ojQGh3NuWsvfF1L/D5ohlCKtl1j2ldu9a/nPAKFwN56Bst10zCG0CPleXN/zXPgHQZXaZaBgrbzyY5V/mUA+6F0hwtGN9rwu5DVZPuwWqfxdFz1LWbJ2lwKEa+0Qsm4Dl3fp+Pu0lV97PgwIPfSsS+UQhj5Oo+vvFULazRIQyvGEcxPuNLCth2MvFsrKn8UOilAQShkh7TTczYNMoS6OdP47msrPi82lXKGWhCdMZYS0bFy+vcnGAjP1CIfvgbKNA9glecEH9RD6Ol4wRuWyN/G9MHnksS6o/GPf5XcwNSUlHzQhDuAKtWJmkwKElU7lylP5rgIcsquh/FI8YZCDpkJBuE4FQm7Icw8N+SrUGaQKyi8FwiDt1ve5o+Vu7qYHy/psgK8cvh+FTYuO77bhEC7GuaPiys/L1X4IgXDL+e3M5+ovLxBy5VLuIebw1oqcHoPfoaMJUsHays878r8KbDc3xtPx/84gZPBG/JwaufrsY/SRG/OY3//8QMNdsvdZCFtbW6f8pFuf5bflILAlX7O+4fdfugKyFYS8T2zAsXthdG0VurPGKwI06oF5vkBgHWkNp6ry29+lsPZMU3vijnXFNmoclr+6+Ou/FIb8yb30sS8YGjmTqCLyQsi5N/6ZwKs0Yenj68pfPjF6N782Dp2FzV9CTyoSeY8mLK16qGxIkLI8oa1n8tz9juP40DlK0epxYEbojbq+9QfurBeVIlCO9D2396bxiV4lkYQ3hOAFw2pbhqMGISkkQOMcQ9EqhDmGZZdo92JC0YHRNTfoSg+5e0IT+opqCKHoIU+4ztQIgBD1EFNrQAgIpYSil9lDmPHqkROPt+JC6AgPquSuumJmg0YARVCuneDfvPVeJokZ6pIXDkNxQtGzTF9/BQjRG0tQznfb74RwCQghpALBtIQnfK4zhxdyQvVCUeknMIT3hLyY+T5jo0yABqKPQNpUNw/09tGZod5jgCaYFxyYvJcNPkv9eof+I3pnCFEHIETjSM8L9tHZHYCQT9PaZGycU6yg8S4akDnJ+P03L0+t23XGzCLzRgII/Wqa+fv/xlfvmKvMUOcOrlCDdoei1MGdZm6G5VEIfRzzjd4aQs69n699Rx7ewhvCGzr2gmTPs8zNsJOrXt24FbkhhOjCfT4ICA/rPbyhUy94Dks0gJCX1NzCZui9YUd3oei+c257TalFbgg19ILHrlrL2gvWgXAL26EX76gZTNASQnad8Ibwhl284NhgXpB0c+jKhWO3Ms1hP9ihJYB9eMF6qd1BCPk0qA1s+LimFIu7m4nsdQIzPK4VbQ8hYvrnuSH2G9b2ggP78QmWqBdF9Vx8SSY6QYdUW7BTA1schZATyhvY8lHvcRbNUS9YGFy2U+qmzh2YPVc0I7yAOFyHfRpyUwtCSzOdPXMHmz7qDIM0e0V2wZTEk+6Ym6N63eBLp/b5Bts+2cKCSJ/LuoZO3ANSiE5hKAZjnvNSS4931jcw9jpwT0feV/qSJ1pVtCyfHKDkvK8Ejx7pUxGh2xFNSwx8QTi2H9ceC0/nni64MS/5N5dG39pDqvRV+WgGk71c9VFXF9b+xYvOw/d61iv7m3MvEHryhvecwC52jSSx4VIIgwnMNT/UsTxIgpPt3K/ARj15CptwL3Zd/ceDSATj2DGQjbxgWwhdeMMte7zpy5On9vymRm/YxBYljGVjKWF9VJf7I1+sex3wY8w/V1QPTborW/72gkdsRDaZMJBdbdHIC7aCkAu9atlLbtnrzerMnyToDaGwelOnk3/hHSem/ZK7e/t7jeeR20LYBgqa8J80gS8jbwi5F02Uj1u2NYJxap8PLkJfLxA2hIJyvnHX/AfeEPLpBfe0uSFHbnXaea3Qd5d6HcpYZ8L6M7lnFwMQ3MNg+RxUR1+6AshtbsVgfXTEg1sIGax9UND2p7f270wdG3eK9gXVGHdw2k5sOyZv+Nbs39Z308XR9DqWb2J+PwKDhuKHPobfuXf7gnYGHdCs7bhDDadD4entDug7LWNsnRNW4mYqwJ9dk+GGSTPBiA2j0G8RWNM5upZtcG4/3vMfP7KnbK2egx6CCnDPhRn7NgD3cghLIad5WcM2SO38iqHvvMOosyeMpQ5zlVCaaj06GVs9xUbHdiKoqrHWgquFEFMWUEWfXUxJAML23hAHFOctmjZQffKD2pywkhtSGHKNtpitLroscAeE7kCkSsC60vxEl6yMtL9EL5HKGCMszU5bk8gdkklAyEn5FO0yK419rIxBOIqwFMooDE0tHEVYijAUECIshRCGIhxFWIowFJ5QkEYIS5PTJrUwNGlPyN6QQPyKtpuM1E/K5+YJDV/MiA3AaehzqgAm7QnZG9IGYKo8bHnSK7VblLL3hOwNHziPuEGOqE5brrdR6i+atCfckyeWD47HkAkepRGLY/e8A8J0gCwYSNypF08bBm+e6zVz2UL4AshhBUjML/rXLefqC82bcQFhGC9JDwZ1uuu+At0S5gCETYHsV4DUeD9fDN2Zfy5OXaW2zAwQygCzBLJ8cvaW5OXKC1FxfTggFAHmoAJnSiOw2wps9KwRWgJCLaEswaj5NqkLwAYIU4BxqTSXbHXpJdRMPZgAOiAMqABCNGYIEEJutEK5IUAIwYMDQgiCACEEAcJs1Vda7gGqDhCmoiEghAAhBAHCrKXVo2C1DCBMRlp37uMIEECoX7xrX3P5C9QiINSuIcoPAUI0YkAICLNWgfJDh4T9hH7zqYH9+JHAq7zBqWjwhPAicTVCVQJCNF50JghHocahKK0X/ZnQKyEkhSdUpzG8OgQI42qC94EQjsYLRSmH+pbgq73L6bYkeEJ4DYTYmeg1TOBFc/usTTp3V9DdEuXJ2xDCUbXhaXk0/kAYmBvuMB4qkC35E5e5AMKkwSQgyxufyuPy6fMMgAFCSI73LFXU/N8AmEL9X4ABACNSKMHAgb34AAAAAElFTkSuQmCC\",\"mediatype\":\"image/png\"}],\"install\":{\"spec\":{\"deployments\":[{\"name\":\"etcd-operator\",\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"name\":\"etcd-operator-alm-owned\"}},\"template\":{\"metadata\":{\"labels\":{\"name\":\"etcd-operator-alm-owned\"},\"name\":\"etcd-operator-alm-owned\"},\"spec\":{\"containers\":[{\"command\":[\"etcd-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-operator\"},{\"command\":[\"etcd-backup-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-backup-operator\"},{\"command\":[\"etcd-restore-operator\",\"--create-crd=false\"],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"MY_POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}}],\"image\":\"quay.io/coreos/etcd-operator@sha256:c0301e4686c3ed4206e370b42de5a3bd2229b9fb4906cf85f3f30650424abec2\",\"name\":\"etcd-restore-operator\"}],\"serviceAccountName\":\"etcd-operator\"}}}}],\"permissions\":[{\"rules\":[{\"apiGroups\":[\"etcd.database.coreos.com\"],\"resources\":[\"etcdclusters\",\"etcdbackups\",\"etcdrestores\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"pods\",\"services\",\"endpoints\",\"persistentvolumeclaims\",\"events\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"apps\"],\"resources\":[\"deployments\"],\"verbs\":[\"*\"]},{\"apiGroups\":[\"\"],\"resources\":[\"secrets\"],\"verbs\":[\"get\"]}],\"serviceAccountName\":\"etcd-operator\"}]},\"strategy\":\"deployment\"},\"keywords\":[\"etcd\",\"key value\",\"database\",\"coreos\",\"open source\"],\"labels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"},\"links\":[{\"name\":\"Blog\",\"url\":\"https://coreos.com/etcd\"},{\"name\":\"Documentation\",\"url\":\"https://coreos.com/operators/etcd/docs/latest/\"},{\"name\":\"etcd Operator Source Code\",\"url\":\"https://github.com/coreos/etcd-operator\"}],\"maintainers\":[{\"email\":\"support@coreos.com\",\"name\":\"CoreOS, Inc\"}],\"maturity\":\"alpha\",\"provider\":{\"name\":\"CoreOS, Inc\"},\"replaces\":\"etcdoperator.v0.9.0\",\"selector\":{\"matchLabels\":{\"alm-owner-etcd\":\"etcdoperator\",\"operated-by\":\"etcdoperator\"}},\"version\":\"0.9.2\"}}"), &csv) + return operators.CreateCSVDescription(&csv) + }(), + }, + }, + }, + }, + }}, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.TODO()) + defer cancel() + provider, err := NewFakeRegistryProvider(ctx, nil, nil, test.namespaces, test.globalNS) + require.NoError(t, err) + + for _, cs := range test.catalogSources { + catsrc := (cs).(*operatorsv1alpha1.CatalogSource) + conn, err := grpc.Dial(address+catsrc.Status.RegistryServiceStatus.Port, grpc.WithInsecure()) + require.NoError(t, err, "could not set up test grpc connection") + provider.clients[sourceKey{catsrc.GetName(), catsrc.GetNamespace()}] = newRegistryClient(catsrc, conn) + } + + packageManifestList, err := provider.List(test.requestNamespace) + if test.expectedErr != "" { + require.NotNil(t, err) + require.Equal(t, test.expectedErr, err.Error()) + } else { + require.Nil(t, err) + } + + require.Equal(t, len(test.expected.Items), len(packageManifestList.Items)) + require.ElementsMatch(t, test.expected.Items, packageManifestList.Items) + }) + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/server/server.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/server/server.go new file mode 100644 index 000000000..f0447a9c1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/server/server.go @@ -0,0 +1,196 @@ +package server + +import ( + "context" + "fmt" + "io" + "net" + "time" + + log "github.com/sirupsen/logrus" + "github.com/spf13/cobra" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + genericserver "k8s.io/apiserver/pkg/server" + genericoptions "k8s.io/apiserver/pkg/server/options" + "k8s.io/client-go/informers" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + "k8s.io/client-go/tools/clientcmd" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver" + genericpackageserver "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apiserver/generic" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider" +) + +// NewCommandStartPackageServer provides a CLI handler for 'start master' command +// with a default PackageServerOptions. +func NewCommandStartPackageServer(ctx context.Context, defaults *PackageServerOptions) *cobra.Command { + cmd := &cobra.Command{ + Short: "Launch a package API server", + Long: "Launch a package API server", + RunE: func(c *cobra.Command, args []string) error { + if err := defaults.Run(ctx); err != nil { + return err + } + return nil + }, + } + + flags := cmd.Flags() + + // flags.BoolVar(&defaults.InsecureKubeletTLS, "kubelet-insecure-tls", defaults.InsecureKubeletTLS, "Do not verify CA of serving certificates presented by Kubelets. For testing purposes only.") + flags.DurationVar(&defaults.WakeupInterval, "interval", defaults.WakeupInterval, "interval at which to re-sync CatalogSources") + flags.StringSliceVar(&defaults.WatchedNamespaces, "watched-namespaces", defaults.WatchedNamespaces, "list of namespaces the package-server will watch watch for CatalogSources") + flags.StringVar(&defaults.Kubeconfig, "kubeconfig", defaults.Kubeconfig, "path to the kubeconfig used to connect to the Kubernetes API server and the Kubelets (defaults to in-cluster config)") + flags.BoolVar(&defaults.Debug, "debug", defaults.Debug, "use debug log level") + + defaults.SecureServing.AddFlags(flags) + defaults.Authentication.AddFlags(flags) + defaults.Authorization.AddFlags(flags) + defaults.Features.AddFlags(flags) + + return cmd +} + +type PackageServerOptions struct { + // RecommendedOptions *genericoptions.RecommendedOptions + SecureServing *genericoptions.SecureServingOptionsWithLoopback + Authentication *genericoptions.DelegatingAuthenticationOptions + Authorization *genericoptions.DelegatingAuthorizationOptions + Features *genericoptions.FeatureOptions + + GlobalNamespace string + WatchedNamespaces []string + WakeupInterval time.Duration + + Kubeconfig string + RegistryAddr string + + // Only to be used to for testing + DisableAuthForTesting bool + + // Enable debug log level + Debug bool + + SharedInformerFactory informers.SharedInformerFactory + StdOut io.Writer + StdErr io.Writer +} + +func NewPackageServerOptions(out, errOut io.Writer) *PackageServerOptions { + o := &PackageServerOptions{ + + SecureServing: genericoptions.NewSecureServingOptions().WithLoopback(), + Authentication: genericoptions.NewDelegatingAuthenticationOptions(), + Authorization: genericoptions.NewDelegatingAuthorizationOptions(), + Features: genericoptions.NewFeatureOptions(), + + WatchedNamespaces: []string{v1.NamespaceAll}, + WakeupInterval: 5 * time.Minute, + + DisableAuthForTesting: false, + Debug: false, + + StdOut: out, + StdErr: errOut, + } + + return o +} + +func (o *PackageServerOptions) Complete() error { + return nil +} + +func (o *PackageServerOptions) Config() (*apiserver.Config, error) { + if err := o.SecureServing.MaybeDefaultWithSelfSignedCerts("localhost", nil, []net.IP{net.ParseIP("127.0.0.1")}); err != nil { + return nil, fmt.Errorf("error creating self-signed certificates: %v", err) + } + + serverConfig := genericserver.NewConfig(genericpackageserver.Codecs) + if err := o.SecureServing.ApplyTo(&serverConfig.SecureServing, &serverConfig.LoopbackClientConfig); err != nil { + return nil, err + } + + if !o.DisableAuthForTesting { + if err := o.Authentication.ApplyTo(&serverConfig.Authentication, serverConfig.SecureServing, nil); err != nil { + return nil, err + } + if err := o.Authorization.ApplyTo(&serverConfig.Authorization); err != nil { + return nil, err + } + } + + return &apiserver.Config{ + GenericConfig: serverConfig, + ProviderConfig: genericpackageserver.ProviderConfig{}, + }, nil +} + +func (o *PackageServerOptions) Run(ctx context.Context) error { + if o.Debug { + log.SetLevel(log.DebugLevel) + } + + // grab the config for the API server + config, err := o.Config() + if err != nil { + return err + } + config.GenericConfig.EnableMetrics = true + + // set up the client config + var clientConfig *rest.Config + if len(o.Kubeconfig) > 0 { + loadingRules := &clientcmd.ClientConfigLoadingRules{ExplicitPath: o.Kubeconfig} + loader := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, &clientcmd.ConfigOverrides{}) + + clientConfig, err = loader.ClientConfig() + } else { + clientConfig, err = rest.InClusterConfig() + } + if err != nil { + return fmt.Errorf("unable to construct lister client config: %v", err) + } + + kubeClient, err := kubernetes.NewForConfig(clientConfig) + if err != nil { + return fmt.Errorf("unable to construct lister client: %v", err) + } + + crClient, err := client.NewClient(o.Kubeconfig) + if err != nil { + return err + } + + queueOperator, err := queueinformer.NewOperator(crClient.Discovery()) + if err != nil { + return err + } + + sourceProvider, err := provider.NewRegistryProvider(ctx, crClient, queueOperator, o.WakeupInterval, o.WatchedNamespaces, o.GlobalNamespace) + if err != nil { + return err + } + config.ProviderConfig.Provider = sourceProvider + + // we should never need to resync, since we're not worried about missing events, + // and resync is actually for regular interval-based reconciliation these days, + // so set the default resync interval to 0 + informerFactory := informers.NewSharedInformerFactory(kubeClient, 0) + + server, err := config.Complete(informerFactory).New() + if err != nil { + return err + } + + sourceProvider.Run(ctx) + <-sourceProvider.Ready() + + err = server.GenericAPIServer.PrepareRun().Run(ctx.Done()) + <-sourceProvider.Done() + + return err +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/storage/printer.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/storage/printer.go new file mode 100644 index 000000000..d614d9552 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/storage/printer.go @@ -0,0 +1,54 @@ +package storage + +import ( + "time" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/duration" + "k8s.io/kubernetes/pkg/printers" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" +) + +// translateTimestampSince returns the elapsed time since timestamp in +// human-readable approximation. +func translateTimestampSince(timestamp metav1.Time) string { + if timestamp.IsZero() { + return "" + } + + return duration.HumanDuration(time.Since(timestamp.Time)) +} + +func addTableHandlers(h printers.PrintHandler) { + podColumnDefinitions := []metav1beta1.TableColumnDefinition{ + {Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]}, + {Name: "Catalog", Type: "string", Description: "The source catalog for this package"}, + {Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]}, + } + h.TableHandler(podColumnDefinitions, printPackage) + h.TableHandler(podColumnDefinitions, printPackageList) + +} + +func printPackage(manifest *operators.PackageManifest, options printers.PrintOptions) ([]metav1beta1.TableRow, error) { + row := metav1beta1.TableRow{ + Object: runtime.RawExtension{Object: manifest}, + } + row.Cells = append(row.Cells, manifest.Name, manifest.Status.CatalogSourceDisplayName, translateTimestampSince(manifest.CreationTimestamp)) + return []metav1beta1.TableRow{row}, nil +} + +func printPackageList(manifestList *operators.PackageManifestList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) { + rows := make([]metav1beta1.TableRow, 0, len(manifestList.Items)) + for i := range manifestList.Items { + r, err := printPackage(&manifestList.Items[i], options) + if err != nil { + return nil, err + } + rows = append(rows, r...) + } + return rows, nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/storage/reststorage.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/storage/reststorage.go new file mode 100644 index 000000000..a6139e35e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/storage/reststorage.go @@ -0,0 +1,127 @@ +package storage + +import ( + "context" + "fmt" + + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/fields" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + genericreq "k8s.io/apiserver/pkg/endpoints/request" + "k8s.io/apiserver/pkg/registry/rest" + "k8s.io/kubernetes/pkg/printers" + printerstorage "k8s.io/kubernetes/pkg/printers/storage" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators" + "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/provider" +) + +type PackageManifestStorage struct { + groupResource schema.GroupResource + prov provider.PackageManifestProvider + scheme *runtime.Scheme + rest.TableConvertor +} + +var _ rest.Storage = &PackageManifestStorage{} +var _ rest.KindProvider = &PackageManifestStorage{} +var _ rest.Lister = &PackageManifestStorage{} +var _ rest.Getter = &PackageManifestStorage{} +var _ rest.Scoper = &PackageManifestStorage{} +var _ rest.TableConvertor = &PackageManifestStorage{} + +// NewStorage returns a struct that implements methods needed for Kubernetes to satisfy API requests for the `PackageManifest` resource +func NewStorage(groupResource schema.GroupResource, prov provider.PackageManifestProvider, scheme *runtime.Scheme) *PackageManifestStorage { + return &PackageManifestStorage{ + groupResource: groupResource, + prov: prov, + scheme: scheme, + TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(addTableHandlers)}, + } +} + +// New satisfies the Storage interface +func (m *PackageManifestStorage) New() runtime.Object { + return &operators.PackageManifest{} +} + +// Kind satisfies the KindProvider interface +func (m *PackageManifestStorage) Kind() string { + return "PackageManifest" +} + +// NewList satisfies part of the Lister interface +func (m *PackageManifestStorage) NewList() runtime.Object { + return &operators.PackageManifestList{} +} + +// List satisfies part of the Lister interface +func (m *PackageManifestStorage) List(ctx context.Context, options *metainternalversion.ListOptions) (runtime.Object, error) { + namespace := genericreq.NamespaceValue(ctx) + + labelSelector := labels.Everything() + if options != nil && options.LabelSelector != nil { + labelSelector = options.LabelSelector + } + + name, err := nameFor(options.FieldSelector) + if err != nil { + return nil, err + } + + res, err := m.prov.List(namespace) + if err != nil { + return nil, k8serrors.NewInternalError(err) + } + + // Filter by label selector + filtered := []operators.PackageManifest{} + for _, manifest := range res.Items { + if matches(manifest, name, labelSelector) { + filtered = append(filtered, manifest) + } + } + res.Items = filtered + + return res, nil +} + +// Get satisfies the Getter interface +func (m *PackageManifestStorage) Get(ctx context.Context, name string, opts *metav1.GetOptions) (runtime.Object, error) { + namespace := genericreq.NamespaceValue(ctx) + manifest, err := m.prov.Get(namespace, name) + if err != nil || manifest == nil { + return nil, k8serrors.NewNotFound(m.groupResource, name) + } + + return manifest, nil +} + +// NamespaceScoped satisfies the Scoper interface +func (m *PackageManifestStorage) NamespaceScoped() bool { + return true +} + +func nameFor(fs fields.Selector) (string, error) { + if fs == nil { + fs = fields.Everything() + } + name := "" + if value, found := fs.RequiresExactMatch("metadata.name"); found { + name = value + } else if !fs.Empty() { + return "", fmt.Errorf("field label not supported: %s", fs.Requirements()[0].Field) + } + return name, nil +} + +func matches(pm operators.PackageManifest, name string, ls labels.Selector) bool { + if name == "" { + name = pm.GetName() + } + return ls.Matches(labels.Set(pm.GetLabels())) && pm.GetName() == name +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/version/doc.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/version/doc.go new file mode 100644 index 000000000..f29bc704d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/version/doc.go @@ -0,0 +1,2 @@ +// Package version supplies the type for version information collected at build time. +package version diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/version/version.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/version/version.go new file mode 100644 index 000000000..72dd1cac1 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/version/version.go @@ -0,0 +1,43 @@ +// Copyright 2018 The Kubernetes Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package version + +import ( + "fmt" + "runtime" + + genericversion "k8s.io/apimachinery/pkg/version" +) + +// these come from ldflags +var ( + gitVersion = "v0.0.0-master+$Format:%h$" + gitCommit = "$Format:%H$" // sha1 from git, output of $(git rev-parse HEAD) + gitTreeState = "" // state of git tree, either "clean" or "dirty" + buildDate = "1970-01-01T00:00:00Z" // build date in ISO8601 format, output of $(date -u +'%Y-%m-%dT%H:%M:%SZ') +) + +// VersionInfo returns the version information for metrics-server. +func VersionInfo() *genericversion.Info { + return &genericversion.Info{ + GitVersion: gitVersion, + GitCommit: gitCommit, + GitTreeState: gitTreeState, + BuildDate: buildDate, + GoVersion: runtime.Version(), + Compiler: runtime.Compiler, + Platform: fmt.Sprintf("%s/%s", runtime.GOOS, runtime.GOARCH), + } +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/version/version.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/version/version.go new file mode 100644 index 000000000..3fe30acaf --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/pkg/version/version.go @@ -0,0 +1,19 @@ +package version + +import "fmt" + +// OLMVersion indicates what version of OLM the binary belongs to +var OLMVersion string + +// GitCommit indicates which git commit the binary was built from +var GitCommit string + +// String returns a pretty string concatenation of OLMVersion and GitCommit +func String() string { + return fmt.Sprintf("OLM version: %s\ngit commit: %s\n", OLMVersion, GitCommit) +} + +// Full returns a hyphenated concatenation of just OLMVersion and GitCommit +func Full() string { + return fmt.Sprintf("%s-%s", OLMVersion, GitCommit) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/build_bare.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/build_bare.sh new file mode 100644 index 000000000..e0520fa02 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/build_bare.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +# Note: run from root +# This is used to start and build services for running e2e tests + +set -e + +if [ -z "$NO_MINIKUBE" ]; then + ps x | grep -q [m]inikube || minikube start --kubernetes-version="v1.11.0" --extra-config=apiserver.v=4 || { echo 'Cannot start minikube.'; exit 1; } + eval $(minikube docker-env) || { echo 'Cannot switch to minikube docker'; exit 1; } + kubectl config use-context minikube + umask 0077 && kubectl config view --minify --flatten --context=minikube > minikube.kubeconfig +fi + +kubectl delete crds --all +kubectl create namespace $(cat $(pwd)/e2e.namespace) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/build_local.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/build_local.sh new file mode 100755 index 000000000..f4f0b7984 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/build_local.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +# Note: run from root +# This is used to start and build services for running e2e tests + +set -e + +if [ -z "$NO_MINIKUBE" ]; then + ps x | grep -q [m]inikube || minikube start --kubernetes-version="v1.13.0" --extra-config=apiserver.v=4 || { echo 'Cannot start minikube.'; exit 1; } + eval $(minikube docker-env) || { echo 'Cannot switch to minikube docker'; exit 1; } + kubectl config use-context minikube +fi + +docker build -f local.Dockerfile -t quay.io/operator-framework/olm:local -t quay.io/operator-framework/olm-e2e:local ./bin + +if [ -x "$(command -v kind)" ] && [ "kubectl config current-context" -eq "kind" ]; then + kind load docker-image quay.io/operator-framework/olm:local + kind load docker-image quay.io/operator-framework/olm-e2e:local +fi diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/generate_internal_groups.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/generate_internal_groups.sh new file mode 100755 index 000000000..258b53b56 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/generate_internal_groups.sh @@ -0,0 +1,110 @@ +#!/usr/bin/env bash + +# Copyright 2017 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +# generate-internal-groups generates everything for a project with internal types, e.g. an +# user-provided API server based on k8s.io/apiserver. + +if [ "$#" -lt 5 ] || [ "${1}" == "--help" ]; then + cat < ... + + the generators comma separated to run (deepcopy,defaulter,conversion,client,lister,informer) or "all". + the output package name (e.g. github.com/example/project/pkg/generated). + the internal types dir (e.g. github.com/example/project/pkg/apis). + the external types dir (e.g. github.com/example/project/pkg/apis or githubcom/example/apis). + the groups and their versions in the format "groupA:v1,v2 groupB:v1 groupC:v2", relative + to . + ... arbitrary flags passed to all generator binaries. + +Examples: + $(basename "$0") all github.com/example/project/pkg/client github.com/example/project/pkg/apis github.com/example/project/pkg/apis "foo:v1 bar:v1alpha1,v1beta1" + $(basename "$0") deepcopy,defaulter,conversion github.com/example/project/pkg/client github.com/example/project/pkg/apis github.com/example/project/apis "foo:v1 bar:v1alpha1,v1beta1" +EOF + exit 0 +fi + +GENS="$1" +OUTPUT_PKG="$2" +INT_APIS_PKG="$3" +EXT_APIS_PKG="$4" +GROUPS_WITH_VERSIONS="$5" +shift 5 + +go install ./"$(dirname "${0}")"/cmd/{defaulter-gen,conversion-gen,client-gen,lister-gen,informer-gen,deepcopy-gen} +function codegen::join() { local IFS="$1"; shift; echo "$*"; } + +# enumerate group versions +ALL_FQ_APIS=() # e.g. k8s.io/kubernetes/pkg/apis/apps k8s.io/api/apps/v1 +INT_FQ_APIS=() # e.g. k8s.io/kubernetes/pkg/apis/apps +EXT_FQ_APIS=() # e.g. k8s.io/api/apps/v1 +for GVs in ${GROUPS_WITH_VERSIONS}; do + IFS=: read -r G Vs <<<"${GVs}" + + if [ -n "${INT_APIS_PKG}" ]; then + ALL_FQ_APIS+=("${INT_APIS_PKG}/${G}") + INT_FQ_APIS+=("${INT_APIS_PKG}/${G}") + fi + + # enumerate versions + for V in ${Vs//,/ }; do + ALL_FQ_APIS+=("${EXT_APIS_PKG}/${G}/${V}") + EXT_FQ_APIS+=("${EXT_APIS_PKG}/${G}/${V}") + done +done + +if [ "${GENS}" = "all" ] || grep -qw "deepcopy" <<<"${GENS}"; then + echo "Generating deepcopy funcs" + "${GOPATH}/bin/deepcopy-gen" --input-dirs "$(codegen::join , "${ALL_FQ_APIS[@]}")" -O zz_generated.deepcopy --bounding-dirs "${INT_APIS_PKG},${EXT_APIS_PKG}" "$@" +fi + +if [ "${GENS}" = "all" ] || grep -qw "defaulter" <<<"${GENS}"; then + echo "Generating defaulters" + "${GOPATH}/bin/defaulter-gen" --input-dirs "$(codegen::join , "${EXT_FQ_APIS[@]}")" -O zz_generated.defaults "$@" +fi + +if [ "${GENS}" = "all" ] || grep -qw "conversion" <<<"${GENS}"; then + echo "Generating conversions" + "${GOPATH}/bin/conversion-gen" --input-dirs "$(codegen::join , "${ALL_FQ_APIS[@]}")" -O zz_generated.conversion "$@" +fi + +if [ "${GENS}" = "all" ] || grep -qw "client" <<<"${GENS}"; then + echo "Generating clientset for ${GROUPS_WITH_VERSIONS} at ${OUTPUT_PKG}/${CLIENTSET_PKG_NAME:-clientset}" + if [ -n "${INT_APIS_PKG}" ]; then + IFS=" " read -r -a APIS <<< "$(printf '%s/ ' "${INT_FQ_APIS[@]}")" + "${GOPATH}/bin/client-gen" --clientset-name "${CLIENTSET_NAME_INTERNAL:-internalversion}" --input-base "" --input "$(codegen::join , "${APIS[@]}")" --output-package "${OUTPUT_PKG}/${CLIENTSET_PKG_NAME:-clientset}" "$@" + fi + "${GOPATH}/bin/client-gen" --clientset-name "${CLIENTSET_NAME_VERSIONED:-versioned}" --input-base "" --input "$(codegen::join , "${EXT_FQ_APIS[@]}")" --output-package "${OUTPUT_PKG}/${CLIENTSET_PKG_NAME:-clientset}" "$@" +fi + +if [ "${GENS}" = "all" ] || grep -qw "lister" <<<"${GENS}"; then + echo "Generating listers for ${GROUPS_WITH_VERSIONS} at ${OUTPUT_PKG}/listers" + "${GOPATH}/bin/lister-gen" --input-dirs "$(codegen::join , "${ALL_FQ_APIS[@]}")" --output-package "${OUTPUT_PKG}/listers" "$@" +fi + +if [ "${GENS}" = "all" ] || grep -qw "informer" <<<"${GENS}"; then + echo "Generating informers for ${GROUPS_WITH_VERSIONS} at ${OUTPUT_PKG}/informers" + "${GOPATH}/bin/informer-gen" \ + --input-dirs "$(codegen::join , "${ALL_FQ_APIS[@]}")" \ + --versioned-clientset-package "${OUTPUT_PKG}/${CLIENTSET_PKG_NAME:-clientset}/${CLIENTSET_NAME_VERSIONED:-versioned}" \ + --internal-clientset-package "${OUTPUT_PKG}/${CLIENTSET_PKG_NAME:-clientset}/${CLIENTSET_NAME_INTERNAL:-internalversion}" \ + --listers-package "${OUTPUT_PKG}/listers" \ + --output-package "${OUTPUT_PKG}/informers" \ + "$@" +fi diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/generate_mocks.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/generate_mocks.sh new file mode 100755 index 000000000..89e626373 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/generate_mocks.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# install dependencies +go install -mod=vendor ./vendor/github.com/golang/mock/mockgen +go install -mod=vendor ./vendor/github.com/maxbrunsfeld/counterfeiter/v6 + +# generate fakes and mocks +go generate -mod=vendor ./pkg/... +counterfeiter -o ./pkg/fakes/client-go/listers/fake_v1_service_account_lister.go ./vendor/k8s.io/client-go/listers/core/v1 ServiceAccountLister +counterfeiter -o ./pkg/fakes/client-go/listers/fake_v1_service_account_namespace_lister.go ./vendor/k8s.io/client-go/listers/core/v1 ServiceAccountNamespaceLister diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install.sh new file mode 100755 index 000000000..9f7083f24 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash + + +# This script is for installing OLM from a GitHub release + +set -e + +if [[ ${#@} -ne 1 ]]; then + echo "Usage: $0 version" + echo "* version: the github release version" + exit 1 +fi + +release=$1 +url=https://github.com/operator-framework/operator-lifecycle-manager/releases/download/${release} +namespace=olm + +kubectl apply -f ${url}/crds.yaml +kubectl apply -f ${url}/olm.yaml + +# wait for deployments to be ready +kubectl rollout status -w deployment/olm-operator --namespace="${namespace}" +kubectl rollout status -w deployment/catalog-operator --namespace="${namespace}" + +retries=50 +until [[ $retries == 0 || $new_csv_phase == "Succeeded" ]]; do + new_csv_phase=$(kubectl get csv -n "${namespace}" packageserver.v${release} -o jsonpath='{.status.phase}' 2>/dev/null || echo "Waiting for CSV to appear") + if [[ $new_csv_phase != "$csv_phase" ]]; then + csv_phase=$new_csv_phase + echo "Package server phase: $csv_phase" + fi + sleep 1 + retries=$((retries - 1)) +done + +if [ $retries == 0 ]; then + echo "CSV \"packageserver\" failed to reach phase succeeded" + exit 1 +fi + +kubectl rollout status -w deployment/packageserver --namespace="${namespace}" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install_bare.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install_bare.sh new file mode 100755 index 000000000..d1849d034 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install_bare.sh @@ -0,0 +1,30 @@ +#!/usr/bin/env bash + +# Note: run from root dir + +set -e + +if [[ ${#@} < 2 ]]; then + echo "Usage: $0 namespace chart" + echo "* namespace: namespace to install into" + echo "* chart: directory of chart manifests to install" + exit 1 +fi + +namespace=$1 +chart=$2 + +# create OLM resources, minus the running components (they will run locally) +for f in ${chart}/*.yaml +do + if [[ $f == *.configmap.yaml ]] + then + kubectl replace --force -f ${f}; + elif [[ $f == *.deployment.yaml ]] + then + # skip olm and catalog operator deployment + continue + else + kubectl apply -f ${f}; + fi +done diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install_local.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install_local.sh new file mode 100755 index 000000000..013494fc0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/install_local.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env bash + +# Note: run from root dir + +set -e + +if [[ ${#@} -ne 2 ]]; then + echo "Usage: $0 namespace chart" + echo "* namespace: namespace to install into" + echo "* chart: directory of chart manifests to install" + exit 1 +fi + +namespace=$1 +chart=$2 + +# create OLM +for f in "${chart}"/*.yaml +do + if [[ $f == *.configmap.yaml ]] + then + kubectl replace --force -f "${f}" + else + kubectl apply -f "${f}" + fi +done + +# wait for deployments to be ready +kubectl rollout status -w deployment/olm-operator --namespace="${namespace}" +kubectl rollout status -w deployment/catalog-operator --namespace="${namespace}" + +retries=50 +until [[ $retries == 0 || $new_csv_phase == "Succeeded" ]]; do + new_csv_phase=$(kubectl get csv -n "${namespace}" packageserver.v1.0.0 -o jsonpath='{.status.phase}' 2>/dev/null || echo "Waiting for CSV to appear") + if [[ $new_csv_phase != "$csv_phase" ]]; then + csv_phase=$new_csv_phase + echo "Package server phase: $csv_phase" + fi + sleep 1 + retries=$((retries - 1)) +done + +if [ $retries == 0 ]; then + echo "CSV \"packageserver.v1.0.0\" failed to reach phase succeeded" + exit 1 +fi + +kubectl rollout status -w deployment/packageserver --namespace="${namespace}" diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/k8s_yaml_to_ansible_install.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/k8s_yaml_to_ansible_install.sh new file mode 100755 index 000000000..f1b166997 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/k8s_yaml_to_ansible_install.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env bash + +# requires yq to be installed https://github.com/mikefarah/yq + +if [[ ${#@} < 2 ]]; then + echo "Usage: $0 manifests outfile" + echo "* manifests: directory of k8s manifests" + echo "* outfile: the ansible file to append" + exit 1 +fi + +manifests=$1 +outfile=$2 + +for filename in $manifests/*.yaml; do + kind=$(yq r "$filename" kind) + name=$(yq r "$filename" metadata.name) + cat <> $outfile + +- name: Apply $name $kind manifest + oc_obj: + state: present + kind: $kind + name: $name + namespace: operator-lifecycle-manager + files: + - "{{ mktemp.stdout }}/$(basename $filename)" +EOF +done diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/k8s_yaml_to_ansible_remove.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/k8s_yaml_to_ansible_remove.sh new file mode 100755 index 000000000..7e9278972 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/k8s_yaml_to_ansible_remove.sh @@ -0,0 +1,27 @@ +#!/usr/bin/env bash + +# requires yq to be installed https://github.com/mikefarah/yq + +if [[ ${#@} < 2 ]]; then + echo "Usage: $0 manifests outfile" + echo "* manifests: directory of k8s manifests" + echo "* outfile: the ansible file to append" + exit 1 +fi + +manifests=$1 +outfile=$2 + +for filename in $manifests/*.yaml; do + kind=$(yq r "$filename" kind) + name=$(yq r "$filename" metadata.name) + cat <> $outfile + +- name: Remove $name $kind manifest + oc_obj: + state: absent + kind: $kind + name: $name + namespace: operator-lifecycle-manager +EOF +done diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/package_quickstart.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/package_quickstart.sh new file mode 100755 index 000000000..79efef6e5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/package_quickstart.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash + +if [[ ${#@} < 3 ]]; then + echo "Usage: $0 concatenate OLM's Kubernetes manifests into a single YAML stream and writes the result to a file" + echo "* dir: the input directory that contains OLM's Kubernetes manifests" + echo "* out: the output file for the combined OLM Kubernetes manifest" + echo "* outcrds: the output file for the combined OLM CRD manifest" + echo "* outscript: the output install script" + exit 1 +fi + +dir=$1 +out=$2 +outcrds=$3 +outscript=$4 + +rm -f ${out} +rm -f ${outcrds} +touch ${out} +touch ${outcrds} + +for f in ${dir}/*.yaml +do + if [[ $f == *.crd.yaml ]] + then + awk 'NR==1 && !/^---*/ {print "---"} !/^[[:space:]]*#/ {print}' $f >> ${outcrds} + else + awk 'NR==1 && !/^---*/ {print "---"} !/^[[:space:]]*#/ {print}' $f >> ${out} + fi +done + +echo "Wrote manifests to ${out} and ${outcrds}" + +cp scripts/install.sh ${outscript} + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/package_release.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/package_release.sh new file mode 100755 index 000000000..a927d8dc4 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/package_release.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +# requires helm to be installed + +if [[ ${#@} < 3 ]]; then + echo "Usage: $0 semver chart values" + echo "* semver: semver-formatted version for this package" + echo "* chart: the directory to output the chart" + echo "* values: the values file" + exit 1 +fi + +version=$1 +chartdir=$2 +values=$3 + +charttmpdir=`mktemp -d 2>/dev/null || mktemp -d -t 'charttmpdir'` + +charttmpdir=${charttmpdir}/chart + +cp -R deploy/chart/ ${charttmpdir} +echo "Version: $1" >> ${charttmpdir}/Chart.yaml + +mkdir -p ${chartdir} + +helm template -n olm -f ${values} ${charttmpdir} --output-dir ${charttmpdir} + +cp -R ${charttmpdir}/olm/templates/. ${chartdir} \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/pull_or_build_rh.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/pull_or_build_rh.sh new file mode 100755 index 000000000..dc8697bd6 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/pull_or_build_rh.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +if ! docker pull "quay.io/coreos/olm:$1-rhel" || ! docker pull "quay.io/coreos/catalog:$1-rhel"; then + docker build -t "quay.io/coreos/olm:$1-rhel" -t "quay.io/coreos/catalog:$1-rhel" . + docker push "quay.io/coreos/olm:$1-rhel" + docker push "quay.io/coreos/catalog:$1-rhel" +fi diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_console_local.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_console_local.sh new file mode 100755 index 000000000..157be96b0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_console_local.sh @@ -0,0 +1,64 @@ +#!/bin/bash + +# Colors definition +readonly RED=$(tput setaf 1) +readonly RESET=$(tput sgr0) +readonly GREEN=$(tput setaf 2) + +# Check if Podman binary exists +verify_podman_binary() { + if hash podman 2>/dev/null; then + POD_MANAGER="podman" + else + POD_MANAGER="docker" + fi +} + +# Add port as 9000:9000 as arg when the SO is MacOS or Win +add_host_port_arg (){ + args="--net=host" + if [[ "$OSTYPE" == "darwin"* ]] || [[ "$(< /proc/version)" == *"@(Microsoft|WSL)"* ]]; then + args="-p 9000:9000" + fi +} + +pull_ocp_console_image (){ + $POD_MANAGER pull quay.io/openshift/origin-console:latest +} + +run_ocp_console_image (){ + secretname=$(kubectl get serviceaccount default --namespace=kube-system -o jsonpath='{.secrets[0].name}') + endpoint=$(kubectl config view -o json | jq '{myctx: .["current-context"], ctxs: .contexts[], clusters: .clusters[]}' | jq 'select(.myctx == .ctxs.name)' | jq 'select(.ctxs.context.cluster == .clusters.name)' | jq '.clusters.cluster.server' -r) + + echo -e "Using $endpoint" + $POD_MANAGER run -dit --rm $args \ + -e BRIDGE_USER_AUTH="disabled" \ + -e BRIDGE_K8S_MODE="off-cluster" \ + -e BRIDGE_K8S_MODE_OFF_CLUSTER_ENDPOINT=$endpoint \ + -e BRIDGE_K8S_MODE_OFF_CLUSTER_SKIP_VERIFY_TLS=true \ + -e BRIDGE_K8S_AUTH="bearer-token" \ + -e BRIDGE_K8S_AUTH_BEARER_TOKEN=$(kubectl get secret "$secretname" --namespace=kube-system -o template --template='{{.data.token}}' | base64 --decode) \ + quay.io/openshift/origin-console:latest &> /dev/null +} + +verify_ocp_console_image (){ + if [ "$($POD_MANAGER ps -q -f label=io.openshift.build.source-location=https://github.com/openshift/console)" ]; + then + container_id="$($POD_MANAGER ps -q -l -f label=io.openshift.build.source-location=https://github.com/openshift/console)" + echo -e "${GREEN}The OLM is accessible via web console at:${RESET}" + echo -e "${GREEN}http://localhost:9000/${RESET}" + echo -e "${GREEN}Press Ctrl-C to quit${RESET}"; + $POD_MANAGER attach $container_id + else + echo -e "${RED}Unable to run the console locally. May this port is in usage already.${RESET}" + echo -e "${RED}Check if the OLM is not accessible via web console at: http://localhost:9000/${RESET}" + exit 1 + fi +} + +# Calling the functions +verify_podman_binary +add_host_port_arg +pull_ocp_console_image +run_ocp_console_image +verify_ocp_console_image diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_bare.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_bare.sh new file mode 100755 index 000000000..1e71dca7e --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_bare.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +# Note: run from root +# Individual tests can be run by calling ./test/e2e/run_e2e_bare.sh TestName + +set -e + +# run tests +if [ -z "$1" ]; then + test_flags=""; +else + test_flags="-test.run ${1}" +fi + +echo "${test_flags}" +go test -c -tags=bare -mod=vendor -v -o e2e-bare github.com/operator-framework/operator-lifecycle-manager/test/e2e +./e2e-bare -test.v -test.timeout 20m ${test_flags} -kubeconfig=${KUBECONFIG:-minikube.kubeconfig} -namespace=$(cat e2e.namespace) -olmNamespace=operator-lifecycle-manager diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_docker.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_docker.sh new file mode 100755 index 000000000..58753ce4c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_docker.sh @@ -0,0 +1,56 @@ +#!/usr/bin/env bash + +# Note: run from root + +set -e + +timestamp=$(date +%s) +namespace="e2e-tests-${timestamp}-$RANDOM" +operator_namespace="$namespace-operator" + +tmpdir=$(mktemp -d 2>/dev/null || mktemp -d -t 'valuetmpdir') +test_e2e_config=${tmpdir}/e2e-values.yaml +cp test/e2e/e2e-values.yaml "$test_e2e_config" + +{ echo "namespace: ${namespace}"; + echo "watchedNamespaces: \"\""; + echo "catalog_namespace: ${namespace}"; + echo "operator_namespace: ${operator_namespace}"; } >> "$test_e2e_config" + +./scripts/package_release.sh 1.0.0 test/e2e/resources "$test_e2e_config" + +function cleanup { + for resource in test/e2e/test-resources/*.yaml; do + [ -e "$resource" ] || continue + echo "Running kubectl delete -f $resource..." + kubectl delete -f "$resource" &> /dev/null || continue + done + rm -rf test/e2e/resources + rm -rf test/e2e/test-resources +} + +function cleanupAndExit { + exitCode=$? + if [ "$exitCode" -ne "0" ]; then + echo "error running tests. logs written to olm.log and catalog.log"; + kubectl -n "${namespace}" logs -l app=alm-operator > olm.log; + kubectl -n "${namespace}" logs -l app=catalog-operator > catalog.log; + kubectl -n "${namespace}" logs -l app=package-server > package.log + fi + cleanup + exit $exitCode +} + +trap cleanupAndExit SIGINT SIGTERM EXIT + +./scripts/install_local.sh "${namespace}" test/e2e/resources + +mkdir -p test/e2e/test-resources +helm template --set namespace="${namespace}" -f test/e2e/e2e-values.yaml test/e2e/chart --output-dir test/e2e/test-resources + +eval "$(minikube docker-env)" || { echo 'Cannot switch to minikube docker'; exit 1; } +kubectl apply -f test/e2e/test-resources/olm-e2e/templates +until kubectl -n "${namespace}" logs job/e2e | grep -v "ContainerCreating"; do echo "waiting for job to run" && sleep 1; done +kubectl -n "${namespace}" logs job/e2e -f + + diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_local.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_local.sh new file mode 100755 index 000000000..25311bfbb --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/scripts/run_e2e_local.sh @@ -0,0 +1,61 @@ +#!/usr/bin/env bash + +# Note: run from root +# Individual tests can be run by calling ./test/e2e/run_e2e_local.sh TestName + +set -e + +timestamp=$(date +%s) +namespace="e2e-tests-${timestamp}-$RANDOM" +operator_namespace="$namespace-operator" + +tmpdir=$(mktemp -d 2>/dev/null || mktemp -d -t 'valuetmpdir') +test_e2e_config=${tmpdir}/e2e-values.yaml +cp test/e2e/e2e-values.yaml "$test_e2e_config" + +{ echo "namespace: ${namespace}"; + echo "watchedNamespaces: \"\""; + echo "catalog_namespace: ${namespace}"; + echo "operator_namespace: ${operator_namespace}"; } >> "$test_e2e_config" + +./scripts/package_release.sh 1.0.0 test/e2e/resources "$test_e2e_config" + +function cleanup { + for resource in test/e2e/resources/*.yaml; do + [ -e "$resource" ] || continue + echo "Running kubectl delete -f $resource..." + kubectl delete -f "$resource" &> /dev/null || continue + done + rm -rf test/e2e/resources +} + +function cleanupAndExit { + exitCode=$? + if [ "$exitCode" -ne "0" ]; then + echo "error running tests. logs written to olm.log, catalog.log, and package.log"; + kubectl -n "${namespace}" logs -l app=olm-operator > olm.log; + kubectl -n "${namespace}" logs -l app=catalog-operator > catalog.log; + kubectl -n "${namespace}" logs -l app=packageserver > package.log + + # make it obvious if a pod is crashing or has restarted + kubectl get po --all-namespaces + else + cleanup + fi + + exit $exitCode +} + +trap cleanupAndExit SIGINT SIGTERM EXIT + +./scripts/install_local.sh "${namespace}" test/e2e/resources + +# run tests +if [ -z "$1" ]; then + test_flags=""; +else + test_flags="-test.run ${1}" +fi + +echo "${test_flags}" +go test -mod=vendor -count=1 -failfast -tags=local -covermode=count -coverpkg ./pkg/controller/... -test.v -test.timeout 30m ${test_flags} ./test/e2e/... -kubeconfig=${KUBECONFIG:-~/.kube/config} -namespace=${namespace}-operator -olmNamespace=${namespace} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/README.md b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/README.md new file mode 100644 index 000000000..f4abae4f5 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/README.md @@ -0,0 +1,14 @@ +# Backend end to end tests + +This runs a series of tests against the Kubernetes API to verify that OLM is functioning properly. + +## Requirements + +* Minikube > 0.25.0 +* Helm > 2.7.0 + +## How to use + +`make e2e-local` in the root of the repository will fetch golang dependencies, start Minikube, build the appropriate images and run the tests in a fresh namespace each time. + +Subsequent runs of the test suite do not need to go through the full setup process. Running individual tests (or the whole suite) can be accomplished by running `./test/e2e/run_e2e_local.sh [TestName]` with an optional test name. diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/catalog_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/catalog_e2e_test.go new file mode 100644 index 000000000..3bc028ec2 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/catalog_e2e_test.go @@ -0,0 +1,670 @@ +// +build !bare + +package e2e + +import ( + "fmt" + "testing" + + "github.com/blang/semver" + "github.com/stretchr/testify/require" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/selection" + "k8s.io/apimachinery/pkg/util/wait" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +func TestCatalogLoadingBetweenRestarts(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + // create a simple catalogsource + packageName := genName("nginx") + stableChannel := "stable" + packageStable := packageName + "-stable" + manifests := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: packageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + crdPlural := genName("ins") + crd := newCRD(crdPlural) + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + csv := newCSV(packageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + + catalogSourceName := genName("mock-ocs-") + _, cleanupSource := createInternalCatalogSource(t, c, crc, catalogSourceName, operatorNamespace, manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csv}) + defer cleanupSource() + + // ensure the mock catalog exists and has been synced by the catalog operator + catalogSource, err := fetchCatalogSource(t, crc, catalogSourceName, operatorNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // get catalog operator deployment + deployment, err := getOperatorDeployment(c, operatorNamespace, labels.Set{"app": "catalog-operator"}) + require.NoError(t, err) + require.NotNil(t, deployment, "Could not find catalog operator deployment") + + // rescale catalog operator + t.Log("Rescaling catalog operator...") + err = rescaleDeployment(c, deployment) + require.NoError(t, err, "Could not rescale catalog operator") + t.Log("Catalog operator rescaled") + + // check for last synced update to catalogsource + t.Log("Checking for catalogsource lastSync updates") + _, err = fetchCatalogSource(t, crc, catalogSourceName, operatorNamespace, func(cs *v1alpha1.CatalogSource) bool { + if cs.Status.LastSync.After(catalogSource.Status.LastSync.Time) { + t.Logf("lastSync updated: %s -> %s", catalogSource.Status.LastSync, cs.Status.LastSync) + return true + } + return false + }) + require.NoError(t, err, "Catalog source changed after rescale") + t.Logf("Catalog source sucessfully loaded after rescale") +} + +func TestDefaultCatalogLoading(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + c := newKubeClient(t) + crc := newCRClient(t) + + catalogSource, err := fetchCatalogSource(t, crc, "olm-operators", operatorNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + requirement, err := labels.NewRequirement("olm.catalogSource", selection.Equals, []string{catalogSource.GetName()}) + require.NoError(t, err) + selector := labels.NewSelector().Add(*requirement).String() + pods, err := c.KubernetesInterface().CoreV1().Pods(operatorNamespace).List(metav1.ListOptions{LabelSelector: selector}) + require.NoError(t, err) + for _, p := range pods.Items { + for _, s := range p.Status.ContainerStatuses { + require.True(t, s.Ready) + require.Zero(t, s.RestartCount) + } + } +} + +func TestConfigMapUpdateTriggersRegistryPodRollout(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + mainPackageName := genName("nginx-") + dependentPackageName := genName("nginxdep-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + dependentPackageStable := fmt.Sprintf("%s-stable", dependentPackageName) + + stableChannel := "stable" + + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + dependentNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + crdPlural := genName("ins-") + + dependentCRD := newCRD(crdPlural) + mainCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), nil, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + dependentCSV := newCSV(dependentPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + + mainCatalogName := genName("mock-ocs-main-") + + // Create separate manifests for each CatalogSource + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + dependentManifests := []registry.PackageManifest{ + { + PackageName: dependentPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: dependentPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the initial catalogsource + createInternalCatalogSource(t, c, crc, mainCatalogName, testNamespace, mainManifests, nil, []v1alpha1.ClusterServiceVersion{mainCSV}) + + // Attempt to get the catalog source before creating install plan + fetchedInitialCatalog, err := fetchCatalogSource(t, crc, mainCatalogName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Get initial configmap + configMap, err := c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Get(fetchedInitialCatalog.Spec.ConfigMap, metav1.GetOptions{}) + require.NoError(t, err) + + // Check pod created + initialPods, err := c.KubernetesInterface().CoreV1().Pods(testNamespace).List(metav1.ListOptions{LabelSelector: "olm.configMapResourceVersion=" + configMap.ResourceVersion}) + require.NoError(t, err) + require.Equal(t, 1, len(initialPods.Items)) + + // Update catalog configmap + updateInternalCatalog(t, c, crc, mainCatalogName, testNamespace, []apiextensions.CustomResourceDefinition{dependentCRD}, []v1alpha1.ClusterServiceVersion{mainCSV, dependentCSV}, append(mainManifests, dependentManifests...)) + + // Get updated configmap + updatedConfigMap, err := c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Get(fetchedInitialCatalog.Spec.ConfigMap, metav1.GetOptions{}) + require.NoError(t, err) + + fetchedUpdatedCatalog, err := fetchCatalogSource(t, crc, mainCatalogName, testNamespace, func(catalog *v1alpha1.CatalogSource) bool { + if catalog.Status.LastSync != fetchedInitialCatalog.Status.LastSync && catalog.Status.ConfigMapResource.ResourceVersion != fetchedInitialCatalog.Status.ConfigMapResource.ResourceVersion { + fmt.Println("catalog updated") + return true + } + fmt.Println("waiting for catalog pod to be available") + return false + }) + require.NoError(t, err) + + require.NotEqual(t, updatedConfigMap.ResourceVersion, configMap.ResourceVersion) + require.NotEqual(t, fetchedUpdatedCatalog.Status.ConfigMapResource.ResourceVersion, fetchedInitialCatalog.Status.ConfigMapResource.ResourceVersion) + require.Equal(t, updatedConfigMap.GetResourceVersion(), fetchedUpdatedCatalog.Status.ConfigMapResource.ResourceVersion) + + // Await 1 CatalogSource registry pod matching the updated labels + singlePod := podCount(1) + selector := labels.SelectorFromSet(map[string]string{"olm.catalogSource": mainCatalogName, "olm.configMapResourceVersion": updatedConfigMap.GetResourceVersion()}) + podList, err := awaitPods(t, c, testNamespace, selector.String(), singlePod) + require.NoError(t, err) + require.Equal(t, 1, len(podList.Items), "expected pod list not of length 1") + + // Await 1 CatalogSource registry pod matching the updated labels + selector = labels.SelectorFromSet(map[string]string{"olm.catalogSource": mainCatalogName}) + podList, err = awaitPods(t, c, testNamespace, selector.String(), singlePod) + require.NoError(t, err) + require.Equal(t, 1, len(podList.Items), "expected pod list not of length 1") + + // Create Subscription + subscriptionName := genName("sub-") + createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, fetchedUpdatedCatalog.GetName(), mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, testNamespace, buildCSVConditionChecker(v1alpha1.CSVPhaseSucceeded)) + require.NoError(t, err) + + ipList, err := crc.OperatorsV1alpha1().InstallPlans(testNamespace).List(metav1.ListOptions{}) + ipCount := 0 + for _, ip := range ipList.Items { + if ownerutil.IsOwnedBy(&ip, subscription) { + ipCount += 1 + } + } + require.NoError(t, err) +} + +func TestConfigMapReplaceTriggersRegistryPodRollout(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + mainPackageName := genName("nginx-") + dependentPackageName := genName("nginxdep-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + + dependentPackageStable := fmt.Sprintf("%s-stable", dependentPackageName) + + stableChannel := "stable" + + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + dependentNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + crdPlural := genName("ins-") + + dependentCRD := newCRD(crdPlural) + mainCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), nil, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + dependentCSV := newCSV(dependentPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + + mainCatalogName := genName("mock-ocs-main-") + + // Create separate manifests for each CatalogSource + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + dependentManifests := []registry.PackageManifest{ + { + PackageName: dependentPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: dependentPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the initial catalogsource + _, cleanupSource := createInternalCatalogSource(t, c, crc, mainCatalogName, testNamespace, mainManifests, nil, []v1alpha1.ClusterServiceVersion{mainCSV}) + + // Attempt to get the catalog source before creating install plan + fetchedInitialCatalog, err := fetchCatalogSource(t, crc, mainCatalogName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + // Get initial configmap + configMap, err := c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Get(fetchedInitialCatalog.Spec.ConfigMap, metav1.GetOptions{}) + require.NoError(t, err) + + // Check pod created + initialPods, err := c.KubernetesInterface().CoreV1().Pods(testNamespace).List(metav1.ListOptions{LabelSelector: "olm.configMapResourceVersion=" + configMap.ResourceVersion}) + require.NoError(t, err) + require.Equal(t, 1, len(initialPods.Items)) + + // delete the first catalog + cleanupSource() + + // create a catalog with the same name + createInternalCatalogSource(t, c, crc, mainCatalogName, testNamespace, append(mainManifests, dependentManifests...), []apiextensions.CustomResourceDefinition{dependentCRD}, []v1alpha1.ClusterServiceVersion{mainCSV, dependentCSV}) + + // Create Subscription + subscriptionName := genName("sub-") + createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, testNamespace, buildCSVConditionChecker(v1alpha1.CSVPhaseSucceeded)) + require.NoError(t, err) + +} + +func TestGrpcAddressCatalogSource(t *testing.T) { + // Create an internal (configmap) CatalogSource with stable and dependency csv + // Create an internal (configmap) replacement CatalogSource with a stable, stable-replacement, and dependency csv + // Copy both configmap-server pods to the test namespace + // Delete both CatalogSources + // Create an "address" CatalogSource with a Spec.Address field set to the stable copied pod's PodIP + // Create a Subscription to the stable package + // Wait for the stable Subscription to be Successful + // Wait for the stable CSV to be Successful + // Update the "address" CatalogSources's Spec.Address field with the PodIP of the replacement copied pod's PodIP + // Wait for the replacement CSV to be Successful + + defer cleaner.NotifyTestComplete(t, true) + + mainPackageName := genName("nginx-") + dependentPackageName := genName("nginxdep-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + mainPackageReplacement := fmt.Sprintf("%s-replacement", mainPackageStable) + dependentPackageStable := fmt.Sprintf("%s-stable", dependentPackageName) + + stableChannel := "stable" + + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + dependentNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + crdPlural := genName("ins-") + + dependentCRD := newCRD(crdPlural) + mainCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), nil, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + replacementCSV := newCSV(mainPackageReplacement, testNamespace, mainPackageStable, semver.MustParse("0.2.0"), nil, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + dependentCSV := newCSV(dependentPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + + mainSourceName := genName("mock-ocs-main-") + replacementSourceName := genName("mock-ocs-main-with-replacement-") + + // Create separate manifests for each CatalogSource + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + replacementManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageReplacement}, + }, + DefaultChannelName: stableChannel, + }, + } + + dependentManifests := []registry.PackageManifest{ + { + PackageName: dependentPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: dependentPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create ConfigMap CatalogSources + createInternalCatalogSource(t, c, crc, mainSourceName, testNamespace, append(mainManifests, dependentManifests...), []apiextensions.CustomResourceDefinition{dependentCRD}, []v1alpha1.ClusterServiceVersion{mainCSV, dependentCSV}) + createInternalCatalogSource(t, c, crc, replacementSourceName, testNamespace, append(replacementManifests, dependentManifests...), []apiextensions.CustomResourceDefinition{dependentCRD}, []v1alpha1.ClusterServiceVersion{replacementCSV, mainCSV, dependentCSV}) + + // Wait for ConfigMap CatalogSources to be ready + mainSource, err := fetchCatalogSource(t, crc, mainSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + replacementSource, err := fetchCatalogSource(t, crc, replacementSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Replicate catalog pods with no OwnerReferences + mainCopy := replicateCatalogPod(t, c, crc, mainSource) + mainCopy = awaitPod(t, c, mainCopy.GetNamespace(), mainCopy.GetName(), hasPodIP) + replacementCopy := replicateCatalogPod(t, c, crc, replacementSource) + replacementCopy = awaitPod(t, c, replacementCopy.GetNamespace(), replacementCopy.GetName(), hasPodIP) + + addressSourceName := genName("address-catalog-") + + // Create a CatalogSource pointing to the grpc pod + addressSource := &v1alpha1.CatalogSource{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.CatalogSourceKind, + APIVersion: v1alpha1.CatalogSourceCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: addressSourceName, + Namespace: testNamespace, + }, + Spec: v1alpha1.CatalogSourceSpec{ + SourceType: v1alpha1.SourceTypeGrpc, + Address: fmt.Sprintf("%s:%s", mainCopy.Status.PodIP, "50051"), + }, + } + + addressSource, err = crc.OperatorsV1alpha1().CatalogSources(testNamespace).Create(addressSource) + require.NoError(t, err) + defer func() { + err := crc.OperatorsV1alpha1().CatalogSources(testNamespace).Delete(addressSourceName, &metav1.DeleteOptions{}) + require.NoError(t, err) + }() + + // Delete CatalogSources + err = crc.OperatorsV1alpha1().CatalogSources(testNamespace).Delete(mainSourceName, &metav1.DeleteOptions{}) + require.NoError(t, err) + err = crc.OperatorsV1alpha1().CatalogSources(testNamespace).Delete(replacementSourceName, &metav1.DeleteOptions{}) + require.NoError(t, err) + + // Create Subscription + subscriptionName := genName("sub-") + cleanupSubscription := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, addressSourceName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer cleanupSubscription() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Update the catalog's address to point at the other registry pod's cluster ip + addressSource, err = crc.OperatorsV1alpha1().CatalogSources(testNamespace).Get(addressSourceName, metav1.GetOptions{}) + require.NoError(t, err) + addressSource.Spec.Address = fmt.Sprintf("%s:%s", replacementCopy.Status.PodIP, "50051") + _, err = crc.OperatorsV1alpha1().CatalogSources(testNamespace).Update(addressSource) + require.NoError(t, err) + + // Wait for the replacement CSV to be installed + _, err = awaitCSV(t, crc, testNamespace, replacementCSV.GetName(), csvSucceededChecker) + require.NoError(t, err) +} + +func TestDeleteInternalRegistryPodTriggersRecreation(t *testing.T) { + // Create internal CatalogSource containing csv in package + // Wait for a registry pod to be created + // Create a Subscription for package + // Wait for the Subscription to succeed + // Wait for csv to succeed + // Delete the registry pod + // Wait for a new registry pod to be created + + defer cleaner.NotifyTestComplete(t, true) + + // Create internal CatalogSource containing csv in package + packageName := genName("nginx-") + packageStable := fmt.Sprintf("%s-stable", packageName) + stableChannel := "stable" + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + sourceName := genName("catalog-") + crd := newCRD(genName("ins-")) + csv := newCSV(packageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + manifests := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: packageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + c := newKubeClient(t) + crc := newCRClient(t) + _, cleanupSource := createInternalCatalogSource(t, c, crc, sourceName, testNamespace, manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csv}) + defer cleanupSource() + + // Wait for a new registry pod to be created + selector := labels.SelectorFromSet(map[string]string{"olm.catalogSource": sourceName}) + singlePod := podCount(1) + registryPods, err := awaitPods(t, c, testNamespace, selector.String(), singlePod) + require.NoError(t, err, "error awaiting registry pod") + require.NotNil(t, registryPods, "nil registry pods") + require.Equal(t, 1, len(registryPods.Items), "unexpected number of registry pods found") + + // Store the UID for later comparison + uid := registryPods.Items[0].GetUID() + name := registryPods.Items[0].GetName() + + // Create a Subscription for package + subscriptionName := genName("sub-") + cleanupSubscription := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, sourceName, packageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer cleanupSubscription() + + // Wait for the Subscription to succeed + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + // Wait for csv to succeed + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Delete the registry pod + err = c.KubernetesInterface().CoreV1().Pods(testNamespace).Delete(name, &metav1.DeleteOptions{}) + require.NoError(t, err) + + // Wait for a new registry pod to be created + notUID := func(pods *corev1.PodList) bool { + for _, pod := range pods.Items { + if pod.GetUID() == uid { + return false + } + } + + return true + } + registryPods, err = awaitPods(t, c, testNamespace, selector.String(), unionPodsCheck(singlePod, notUID)) + require.NoError(t, err, "error waiting for replacement registry pod") + require.NotNil(t, registryPods, "nil replacement registry pods") + require.Equal(t, 1, len(registryPods.Items), "unexpected number of replacement registry pods found") +} + +func TestDeleteGRPCRegistryPodTriggersRecreation(t *testing.T) { + // Create gRPC CatalogSource using an external registry image (community-operators) + // Wait for a registry pod to be created + // Create a Subscription for package + // Wait for the Subscription to succeed + // Wait for csv to succeed + // Delete the registry pod + // Wait for a new registry pod to be created + + defer cleaner.NotifyTestComplete(t, true) + + sourceName := genName("catalog-") + packageName := "etcd" + channelName := "clusterwide-alpha" + + // Create gRPC CatalogSource using an external registry image (community-operators) + source := &v1alpha1.CatalogSource{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.CatalogSourceKind, + APIVersion: v1alpha1.CatalogSourceCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: sourceName, + Namespace: testNamespace, + }, + Spec: v1alpha1.CatalogSourceSpec{ + SourceType: v1alpha1.SourceTypeGrpc, + Image: communityOperatorsImage, + }, + } + + crc := newCRClient(t) + source, err := crc.OperatorsV1alpha1().CatalogSources(source.GetNamespace()).Create(source) + require.NoError(t, err) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().CatalogSources(source.GetNamespace()).Delete(source.GetName(), &metav1.DeleteOptions{})) + }() + + // Wait for a new registry pod to be created + c := newKubeClient(t) + selector := labels.SelectorFromSet(map[string]string{"olm.catalogSource": source.GetName()}) + singlePod := podCount(1) + registryPods, err := awaitPods(t, c, source.GetNamespace(), selector.String(), singlePod) + require.NoError(t, err, "error awaiting registry pod") + require.NotNil(t, registryPods, "nil registry pods") + require.Equal(t, 1, len(registryPods.Items), "unexpected number of registry pods found") + + // Store the UID for later comparison + uid := registryPods.Items[0].GetUID() + name := registryPods.Items[0].GetName() + + // Create a Subscription for package + subscriptionName := genName("sub-") + cleanupSubscription := createSubscriptionForCatalog(t, crc, source.GetNamespace(), subscriptionName, source.GetName(), packageName, channelName, "", v1alpha1.ApprovalAutomatic) + defer cleanupSubscription() + + // Wait for the Subscription to succeed + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + // Wait for csv to succeed + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, subscription.GetNamespace(), csvSucceededChecker) + require.NoError(t, err) + + // Delete the registry pod + require.NoError(t, c.KubernetesInterface().CoreV1().Pods(testNamespace).Delete(name, &metav1.DeleteOptions{})) + + // Wait for a new registry pod to be created + notUID := func(pods *corev1.PodList) bool { + for _, pod := range pods.Items { + if pod.GetUID() == uid { + return false + } + } + + return true + } + registryPods, err = awaitPods(t, c, testNamespace, selector.String(), unionPodsCheck(singlePod, notUID)) + require.NoError(t, err, "error waiting for replacement registry pod") + require.NotNil(t, registryPods, "nil replacement registry pods") + require.Equal(t, 1, len(registryPods.Items), "unexpected number of replacement registry pods found") +} + +func getOperatorDeployment(c operatorclient.ClientInterface, namespace string, operatorLabels labels.Set) (*appsv1.Deployment, error) { + deployments, err := c.ListDeploymentsWithLabels(namespace, operatorLabels) + if err != nil || deployments == nil || len(deployments.Items) != 1 { + return nil, fmt.Errorf("Error getting single operator deployment for label: %v", operatorLabels) + } + return &deployments.Items[0], nil +} + +func rescaleDeployment(c operatorclient.ClientInterface, deployment *appsv1.Deployment) error { + // scale down + var replicas int32 = 0 + deployment.Spec.Replicas = &replicas + deployment, updated, err := c.UpdateDeployment(deployment) + if err != nil || updated == false || deployment == nil { + return fmt.Errorf("Failed to scale down deployment") + } + + waitForScaleup := func() (bool, error) { + fetchedDeployment, err := c.GetDeployment(deployment.GetNamespace(), deployment.GetName()) + if err != nil { + return true, err + } + if fetchedDeployment.Status.Replicas == replicas { + return true, nil + } + + return false, nil + } + + // wait for deployment to scale down + err = wait.Poll(pollInterval, pollDuration, waitForScaleup) + if err != nil { + return err + } + + // scale up + replicas = 1 + deployment.Spec.Replicas = &replicas + deployment, updated, err = c.UpdateDeployment(deployment) + if err != nil || updated == false || deployment == nil { + return fmt.Errorf("Failed to scale up deployment") + } + + // wait for deployment to scale up + err = wait.Poll(pollInterval, pollDuration, waitForScaleup) + + return err +} + +func replicateCatalogPod(t *testing.T, c operatorclient.ClientInterface, crc versioned.Interface, catalog *v1alpha1.CatalogSource) *corev1.Pod { + initialPods, err := c.KubernetesInterface().CoreV1().Pods(catalog.GetNamespace()).List(metav1.ListOptions{LabelSelector: "olm.catalogSource=" + catalog.GetName()}) + require.NoError(t, err) + require.Equal(t, 1, len(initialPods.Items)) + + pod := initialPods.Items[0] + copied := &corev1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: catalog.GetNamespace(), + Name: catalog.GetName() + "-copy", + }, + Spec: pod.Spec, + } + + copied, err = c.KubernetesInterface().CoreV1().Pods(catalog.GetNamespace()).Create(copied) + require.NoError(t, err) + + return copied +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/Chart.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/Chart.yaml new file mode 100644 index 000000000..e5032d269 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: A Helm chart for Kubernetes +name: olm-e2e +version: 1.0.0 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/templates/e2e-rolebinding.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/templates/e2e-rolebinding.yaml new file mode 100644 index 000000000..587aac2fc --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/templates/e2e-rolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: e2e-role-binding-{{ .Values.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: default + namespace: {{ .Values.namespace }} \ No newline at end of file diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/templates/job.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/templates/job.yaml new file mode 100644 index 000000000..205566996 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/chart/templates/job.yaml @@ -0,0 +1,19 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Values.job_name }} + namespace: {{ .Values.namespace }} +spec: + template: + spec: + containers: + - name: e2e + image: {{ .Values.e2e.image.ref }} + command: ["go", "test", "-v", "-failfast", "-timeout", "50m", "./test/e2e/...", "-namespace=$(NAMESPACE)-operator", "-olmNamespace=$(NAMESPACE)"] + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + restartPolicy: Never + backoffLimit: 1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/csv_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/csv_e2e_test.go new file mode 100644 index 000000000..b0113647d --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/csv_e2e_test.go @@ -0,0 +1,3048 @@ +package e2e + +import ( + "encoding/json" + "fmt" + "strings" + "testing" + "time" + + "github.com/stretchr/testify/require" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/apimachinery/pkg/watch" + apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" +) + +var singleInstance = int32(1) + +type cleanupFunc func() + +var immediateDeleteGracePeriod int64 = 0 + +func findLastEvent(events *corev1.EventList) (event corev1.Event) { + var latestTime metav1.Time + var latestInd int + for i, item := range events.Items { + if i != 0 { + if latestTime.Before(&item.LastTimestamp) { + latestTime = item.LastTimestamp + latestInd = i + } + } else { + latestTime = item.LastTimestamp + } + } + return events.Items[latestInd] +} + +func buildCSVCleanupFunc(t *testing.T, c operatorclient.ClientInterface, crc versioned.Interface, csv v1alpha1.ClusterServiceVersion, namespace string, deleteCRDs, deleteAPIServices bool) cleanupFunc { + return func() { + require.NoError(t, crc.OperatorsV1alpha1().ClusterServiceVersions(namespace).Delete(csv.GetName(), &metav1.DeleteOptions{})) + if deleteCRDs { + for _, crd := range csv.Spec.CustomResourceDefinitions.Owned { + buildCRDCleanupFunc(c, crd.Name)() + } + } + + if deleteAPIServices { + for _, desc := range csv.GetOwnedAPIServiceDescriptions() { + buildAPIServiceCleanupFunc(c, desc.Name)() + } + } + + require.NoError(t, waitForDelete(func() error { + _, err := crc.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(csv.GetName(), metav1.GetOptions{}) + return err + })) + } +} + +func createCSV(t *testing.T, c operatorclient.ClientInterface, crc versioned.Interface, csv v1alpha1.ClusterServiceVersion, namespace string, cleanupCRDs, cleanupAPIServices bool) (cleanupFunc, error) { + csv.Kind = v1alpha1.ClusterServiceVersionKind + csv.APIVersion = v1alpha1.SchemeGroupVersion.String() + _, err := crc.OperatorsV1alpha1().ClusterServiceVersions(namespace).Create(&csv) + require.NoError(t, err) + return buildCSVCleanupFunc(t, c, crc, csv, namespace, cleanupCRDs, cleanupAPIServices), nil + +} + +func buildCRDCleanupFunc(c operatorclient.ClientInterface, crdName string) cleanupFunc { + return func() { + err := c.ApiextensionsV1beta1Interface().ApiextensionsV1beta1().CustomResourceDefinitions().Delete(crdName, &metav1.DeleteOptions{GracePeriodSeconds: &immediateDeleteGracePeriod}) + if err != nil { + fmt.Println(err) + } + + waitForDelete(func() error { + _, err := c.ApiextensionsV1beta1Interface().ApiextensionsV1beta1().CustomResourceDefinitions().Get(crdName, metav1.GetOptions{}) + return err + }) + } +} + +func buildAPIServiceCleanupFunc(c operatorclient.ClientInterface, apiServiceName string) cleanupFunc { + return func() { + err := c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Delete(apiServiceName, &metav1.DeleteOptions{GracePeriodSeconds: &immediateDeleteGracePeriod}) + if err != nil { + fmt.Println(err) + } + + waitForDelete(func() error { + _, err := c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Get(apiServiceName, metav1.GetOptions{}) + return err + }) + } +} + +func createCRD(c operatorclient.ClientInterface, crd apiextensions.CustomResourceDefinition) (cleanupFunc, error) { + out := &v1beta1.CustomResourceDefinition{} + scheme := runtime.NewScheme() + if err := apiextensions.AddToScheme(scheme); err != nil { + return nil, err + } + if err := v1beta1.AddToScheme(scheme); err != nil { + return nil, err + } + if err := scheme.Convert(&crd, out, nil); err != nil { + return nil, err + } + _, err := c.ApiextensionsV1beta1Interface().ApiextensionsV1beta1().CustomResourceDefinitions().Create(out) + if err != nil { + return nil, err + } + + return buildCRDCleanupFunc(c, crd.GetName()), nil +} + +func newNginxDeployment(name string) appsv1.DeploymentSpec { + return appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + "app": name, + }, + }, + Replicas: &singleInstance, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app": name, + }, + }, + Spec: corev1.PodSpec{ + Containers: []corev1.Container{ + { + Name: genName("nginx"), + Image: "bitnami/nginx:latest", + Ports: []corev1.ContainerPort{ + { + ContainerPort: 80, + }, + }, + ImagePullPolicy: corev1.PullIfNotPresent, + }, + }, + }, + }, + } +} + +func newMockExtServerDeployment(name, mockGroupVersion string, mockKinds []string) appsv1.DeploymentSpec { + return appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + "app": name, + }, + }, + Replicas: &singleInstance, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app": name, + }, + }, + Spec: corev1.PodSpec{ + Containers: []corev1.Container{ + { + Name: genName(name), + Image: "quay.io/coreos/mock-extension-apiserver:master", + Command: []string{"/bin/mock-extension-apiserver"}, + Args: []string{ + "-v=4", + "--mock-kinds", + strings.Join(mockKinds, ","), + "--mock-group-version", + mockGroupVersion, + "--secure-port", + "5443", + "--debug", + }, + Ports: []corev1.ContainerPort{ + { + ContainerPort: 5443, + }, + }, + ImagePullPolicy: corev1.PullIfNotPresent, + }, + }, + }, + }, + } +} + +type csvConditionChecker func(csv *v1alpha1.ClusterServiceVersion) bool + +func buildCSVConditionChecker(phases ...v1alpha1.ClusterServiceVersionPhase) csvConditionChecker { + return func(csv *v1alpha1.ClusterServiceVersion) bool { + conditionMet := false + for _, phase := range phases { + conditionMet = conditionMet || csv.Status.Phase == phase + } + return conditionMet + } +} + +func buildCSVReasonChecker(reasons ...v1alpha1.ConditionReason) csvConditionChecker { + return func(csv *v1alpha1.ClusterServiceVersion) bool { + conditionMet := false + for _, reason := range reasons { + conditionMet = conditionMet || csv.Status.Reason == reason + } + return conditionMet + } +} + +var csvPendingChecker = buildCSVConditionChecker(v1alpha1.CSVPhasePending) +var csvSucceededChecker = buildCSVConditionChecker(v1alpha1.CSVPhaseSucceeded) +var csvReplacingChecker = buildCSVConditionChecker(v1alpha1.CSVPhaseReplacing, v1alpha1.CSVPhaseDeleting) +var csvFailedChecker = buildCSVConditionChecker(v1alpha1.CSVPhaseFailed) +var csvAnyChecker = buildCSVConditionChecker(v1alpha1.CSVPhasePending, v1alpha1.CSVPhaseSucceeded, v1alpha1.CSVPhaseReplacing, v1alpha1.CSVPhaseDeleting, v1alpha1.CSVPhaseFailed) +var csvCopiedChecker = buildCSVReasonChecker(v1alpha1.CSVReasonCopied) + +func fetchCSV(t *testing.T, c versioned.Interface, name, namespace string, checker csvConditionChecker) (*v1alpha1.ClusterServiceVersion, error) { + var fetched *v1alpha1.ClusterServiceVersion + var err error + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, err = c.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(name, metav1.GetOptions{}) + if err != nil { + return false, err + } + t.Logf("%s (%s): %s", fetched.Status.Phase, fetched.Status.Reason, fetched.Status.Message) + return checker(fetched), nil + }) + + if err != nil { + t.Logf("never got correct status: %#v", fetched.Status) + } + return fetched, err +} + +func awaitCSV(t *testing.T, c versioned.Interface, namespace, name string, checker csvConditionChecker) (*v1alpha1.ClusterServiceVersion, error) { + var fetched *v1alpha1.ClusterServiceVersion + var err error + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, err = c.OperatorsV1alpha1().ClusterServiceVersions(namespace).Get(name, metav1.GetOptions{}) + if err != nil { + if k8serrors.IsNotFound(err) { + return false, nil + } + return false, err + } + t.Logf("%s - %s (%s): %s", name, fetched.Status.Phase, fetched.Status.Reason, fetched.Status.Message) + return checker(fetched), nil + }) + + if err != nil { + t.Logf("never got correct status: %#v", fetched.Status) + } + return fetched, err +} + +func waitForDeployment(t *testing.T, c operatorclient.ClientInterface, name string) error { + return wait.Poll(pollInterval, pollDuration, func() (bool, error) { + _, err := c.GetDeployment(testNamespace, name) + if err != nil { + if k8serrors.IsNotFound(err) { + return false, nil + } + return false, err + } + return true, nil + }) +} + +func waitForDeploymentToDelete(t *testing.T, c operatorclient.ClientInterface, name string) error { + return wait.Poll(pollInterval, pollDuration, func() (bool, error) { + t.Logf("waiting for deployment %s to delete", name) + _, err := c.GetDeployment(testNamespace, name) + if errors.IsNotFound(err) { + t.Logf("deleted %s", name) + return true, nil + } + if err != nil { + t.Logf("err trying to delete %s: %s", name, err) + return false, err + } + return false, nil + }) +} + +func waitForCSVToDelete(t *testing.T, c versioned.Interface, name string) error { + var err error + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, err := c.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Get(name, metav1.GetOptions{}) + if errors.IsNotFound(err) { + return true, nil + } + t.Logf("%s (%s): %s", fetched.Status.Phase, fetched.Status.Reason, fetched.Status.Message) + if err != nil { + return false, err + } + return false, nil + }) + + return err +} + +func TestCreateCSVWithUnmetRequirementsMinKubeVersion(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "999.999.999", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, nil, nil), + }, + } + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Shouldn't create deployment + _, err = c.GetDeployment(testNamespace, depName) + require.Error(t, err) +} + +// TODO: same test but missing serviceaccount instead +func TestCreateCSVWithUnmetRequirementsCRD(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, nil, nil), + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + DisplayName: "Not In Cluster", + Description: "A CRD that is not currently in the cluster", + Name: "not.in.cluster.com", + Version: "v1alpha1", + Kind: "NotInCluster", + }, + }, + }, + }, + } + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Shouldn't create deployment + _, err = c.GetDeployment(testNamespace, depName) + require.Error(t, err) +} + +func TestCreateCSVWithUnmetPermissionsCRD(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + saName := genName("dep-") + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: saName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + clusterPermissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: saName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + crdPlural := genName("ins") + crdName := crdPlural + ".cluster.com" + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, permissions, clusterPermissions), + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: crdName, + }, + }, + }, + }, + } + + // Create dependency first (CRD) + cleanupCRD, err := createCRD(c, apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + }) + require.NoError(t, err) + defer cleanupCRD() + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, true, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Shouldn't create deployment + _, err = c.GetDeployment(testNamespace, depName) + require.Error(t, err) +} + +func TestCreateCSVWithUnmetRequirementsAPIService(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, nil, nil), + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Required: []v1alpha1.APIServiceDescription{ + { + DisplayName: "Not In Cluster", + Description: "An apiservice that is not currently in the cluster", + Group: "not.in.cluster.com", + Version: "v1alpha1", + Kind: "NotInCluster", + }, + }, + }, + }, + } + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Shouldn't create deployment + _, err = c.GetDeployment(testNamespace, depName) + require.Error(t, err) +} + +func TestCreateCSVWithUnmetPermissionsAPIService(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + saName := genName("dep-") + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: saName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + clusterPermissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: saName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, permissions, clusterPermissions), + // Cheating a little; this is an APIservice that will exist for the e2e tests + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Required: []v1alpha1.APIServiceDescription{ + { + Group: "packages.operators.coreos.com", + Version: "v1", + Kind: "PackageManifest", + DisplayName: "Package Manifest", + Description: "An apiservice that exists", + }, + }, + }, + }, + } + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Shouldn't create deployment + _, err = c.GetDeployment(testNamespace, depName) + require.Error(t, err) +} + +func TestCreateCSVWithUnmetRequirementsNativeAPI(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, nil, nil), + NativeAPIs: []metav1.GroupVersionKind{{Group: "kubenative.io", Version: "v1", Kind: "Native"}}, + }, + } + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Shouldn't create deployment + _, err = c.GetDeployment(testNamespace, depName) + require.Error(t, err) +} + +// TODO: same test but create serviceaccount instead +func TestCreateCSVRequirementsMetCRD(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + sa := corev1.ServiceAccount{} + sa.SetName(genName("sa-")) + sa.SetNamespace(testNamespace) + _, err := c.CreateServiceAccount(&sa) + require.NoError(t, err, "could not create ServiceAccount %#v", sa) + + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: sa.GetName(), + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + clusterPermissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: sa.GetName(), + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + { + Verbs: []string{"put", "post", "get"}, + NonResourceURLs: []string{"/osb", "/osb/*"}, + }, + }, + }, + } + + crdPlural := genName("ins") + crdName := crdPlural + ".cluster.com" + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, permissions, clusterPermissions), + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: crdName, + }, + }, + }, + }, + } + + // Create CSV first, knowing it will fail + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, true, false) + require.NoError(t, err) + defer cleanupCSV() + + fetchedCSV, err := fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + crd := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + crd.SetOwnerReferences([]metav1.OwnerReference{{ + Name: fetchedCSV.GetName(), + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + Kind: v1alpha1.ClusterServiceVersionKind, + UID: fetchedCSV.GetUID(), + }}) + cleanupCRD, err := createCRD(c, crd) + defer cleanupCRD() + require.NoError(t, err) + + // Create Role/Cluster Roles and RoleBindings + role := rbacv1.Role{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + } + role.SetName(genName("dep-")) + role.SetNamespace(testNamespace) + _, err = c.CreateRole(&role) + require.NoError(t, err, "could not create Role") + + roleBinding := rbacv1.RoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: role.GetName(), + }, + } + roleBinding.SetName(genName("dep-")) + roleBinding.SetNamespace(testNamespace) + _, err = c.CreateRoleBinding(&roleBinding) + require.NoError(t, err, "could not create RoleBinding") + + clusterRole := rbacv1.ClusterRole{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + } + clusterRole.SetName(genName("dep-")) + _, err = c.CreateClusterRole(&clusterRole) + require.NoError(t, err, "could not create ClusterRole") + + nonResourceClusterRole := rbacv1.ClusterRole{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"put", "post", "get"}, + NonResourceURLs: []string{"/osb", "/osb/*"}, + }, + }, + } + nonResourceClusterRole.SetName(genName("dep-")) + _, err = c.CreateClusterRole(&nonResourceClusterRole) + require.NoError(t, err, "could not create ClusterRole") + + clusterRoleBinding := rbacv1.ClusterRoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: clusterRole.GetName(), + }, + } + clusterRoleBinding.SetName(genName("dep-")) + _, err = c.CreateClusterRoleBinding(&clusterRoleBinding) + require.NoError(t, err, "could not create ClusterRoleBinding") + + nonResourceClusterRoleBinding := rbacv1.ClusterRoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: nonResourceClusterRole.GetName(), + }, + } + nonResourceClusterRoleBinding.SetName(genName("dep-")) + _, err = c.CreateClusterRoleBinding(&nonResourceClusterRoleBinding) + require.NoError(t, err, "could not create ClusterRoleBinding") + + fmt.Println("checking for deployment") + // Poll for deployment to be ready + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + dep, err := c.GetDeployment(testNamespace, depName) + if k8serrors.IsNotFound(err) { + fmt.Printf("deployment %s not found\n", depName) + return false, nil + } else if err != nil { + fmt.Printf("unexpected error fetching deployment %s\n", depName) + return false, err + } + if dep.Status.UpdatedReplicas == *(dep.Spec.Replicas) && + dep.Status.Replicas == *(dep.Spec.Replicas) && + dep.Status.AvailableReplicas == *(dep.Spec.Replicas) { + fmt.Println("deployment ready") + return true, nil + } + fmt.Println("deployment not ready") + return false, nil + }) + require.NoError(t, err) + + fetchedCSV, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Delete CRD + cleanupCRD() + + // Wait for CSV failure + fetchedCSV, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Recreate the CRD + cleanupCRD, err = createCRD(c, crd) + require.NoError(t, err) + defer cleanupCRD() + + // Wait for CSV success again + fetchedCSV, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) +} + +func TestCreateCSVRequirementsMetAPIService(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + sa := corev1.ServiceAccount{} + sa.SetName(genName("sa-")) + sa.SetNamespace(testNamespace) + _, err := c.CreateServiceAccount(&sa) + require.NoError(t, err, "could not create ServiceAccount") + + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: sa.GetName(), + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + clusterPermissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: sa.GetName(), + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, permissions, clusterPermissions), + // Cheating a little; this is an APIservice that will exist for the e2e tests + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Required: []v1alpha1.APIServiceDescription{ + { + Group: "packages.operators.coreos.com", + Version: "v1", + Kind: "PackageManifest", + DisplayName: "Package Manifest", + Description: "An apiservice that exists", + }, + }, + }, + }, + } + + // Create Role/Cluster Roles and RoleBindings + role := rbacv1.Role{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + } + role.SetName(genName("dep-")) + role.SetNamespace(testNamespace) + _, err = c.CreateRole(&role) + require.NoError(t, err, "could not create Role") + + roleBinding := rbacv1.RoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: role.GetName(), + }, + } + roleBinding.SetName(genName("dep-")) + roleBinding.SetNamespace(testNamespace) + _, err = c.CreateRoleBinding(&roleBinding) + require.NoError(t, err, "could not create RoleBinding") + + clusterRole := rbacv1.ClusterRole{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + } + clusterRole.SetName(genName("dep-")) + _, err = c.CreateClusterRole(&clusterRole) + require.NoError(t, err, "could not create ClusterRole") + + clusterRoleBinding := rbacv1.ClusterRoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: clusterRole.GetName(), + }, + } + clusterRoleBinding.SetName(genName("dep-")) + _, err = c.CreateClusterRoleBinding(&clusterRoleBinding) + require.NoError(t, err, "could not create ClusterRoleBinding") + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + fetchedCSV, err := fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Fetch cluster service version again to check for unnecessary control loops + sameCSV, err := fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + compareResources(t, fetchedCSV, sameCSV) +} + +func TestCreateCSVWithOwnedAPIService(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + depName := genName("hat-server") + mockGroup := fmt.Sprintf("hats.%s.redhat.com", genName("")) + version := "v1alpha1" + mockGroupVersion := strings.Join([]string{mockGroup, version}, "/") + mockKinds := []string{"fez", "fedora"} + depSpec := newMockExtServerDeployment(depName, mockGroupVersion, mockKinds) + apiServiceName := strings.Join([]string{version, mockGroup}, ".") + + // Create CSV for the package-server + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: depName, + Spec: depSpec, + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + + owned := make([]v1alpha1.APIServiceDescription, len(mockKinds)) + for i, kind := range mockKinds { + owned[i] = v1alpha1.APIServiceDescription{ + Name: apiServiceName, + Group: mockGroup, + Version: version, + Kind: kind, + DeploymentName: depName, + ContainerPort: int32(5443), + DisplayName: kind, + Description: fmt.Sprintf("A %s", kind), + } + } + + csv := v1alpha1.ClusterServiceVersion{ + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: owned, + }, + }, + } + csv.SetName(depName) + + // Create the APIService CSV + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer func() { + watcher, err := c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Watch(metav1.ListOptions{FieldSelector: "metadata.name=" + apiServiceName}) + require.NoError(t, err) + + deleted := make(chan struct{}) + go func() { + events := watcher.ResultChan() + for { + select { + case evt := <-events: + if evt.Type == watch.Deleted { + deleted <- struct{}{} + return + } + case <-time.After(pollDuration): + require.FailNow(t, "apiservice not cleaned up after CSV deleted") + } + } + }() + + cleanupCSV() + <-deleted + }() + + fetchedCSV, err := fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should create Deployment + dep, err := c.GetDeployment(testNamespace, depName) + require.NoError(t, err, "error getting expected Deployment") + + // Should create APIService + apiService, err := c.GetAPIService(apiServiceName) + require.NoError(t, err, "error getting expected APIService") + + // Should create Service + _, err = c.GetService(testNamespace, olm.APIServiceNameToServiceName(apiServiceName)) + require.NoError(t, err, "error getting expected Service") + + // Should create certificate Secret + secretName := fmt.Sprintf("%s-cert", apiServiceName) + _, err = c.GetSecret(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret") + + // Should create a Role for the Secret + _, err = c.GetRole(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret Role") + + // Should create a RoleBinding for the Secret + _, err = c.GetRoleBinding(testNamespace, secretName) + require.NoError(t, err, "error getting exptected Secret RoleBinding") + + // Should create a system:auth-delegator Cluster RoleBinding + _, err = c.GetClusterRoleBinding(fmt.Sprintf("%s-system:auth-delegator", apiServiceName)) + require.NoError(t, err, "error getting expected system:auth-delegator ClusterRoleBinding") + + // Should create an extension-apiserver-authentication-reader RoleBinding in kube-system + _, err = c.GetRoleBinding("kube-system", fmt.Sprintf("%s-auth-reader", apiServiceName)) + require.NoError(t, err, "error getting expected extension-apiserver-authentication-reader RoleBinding") + + // Store the ca sha annotation + oldCAAnnotation, ok := dep.Spec.Template.GetAnnotations()[olm.OLMCAHashAnnotationKey] + require.True(t, ok, "expected olm sha annotation not present on existing pod template") + + // Induce a cert rotation + fetchedCSV.Status.CertsLastUpdated = metav1.Now() + fetchedCSV.Status.CertsRotateAt = metav1.Now() + fetchedCSV, err = crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).UpdateStatus(fetchedCSV) + require.NoError(t, err) + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, func(csv *v1alpha1.ClusterServiceVersion) bool { + // Should create deployment + dep, err = c.GetDeployment(testNamespace, depName) + require.NoError(t, err) + + // Should have a new ca hash annotation + newCAAnnotation, ok := dep.Spec.Template.GetAnnotations()[olm.OLMCAHashAnnotationKey] + require.True(t, ok, "expected olm sha annotation not present in new pod template") + + if newCAAnnotation != oldCAAnnotation { + // Check for success + return csvSucceededChecker(csv) + } + + return false + }) + require.NoError(t, err, "failed to rotate cert") + + // Get the APIService UID + oldAPIServiceUID := apiService.GetUID() + + // Delete the APIService + err = c.DeleteAPIService(apiServiceName, &metav1.DeleteOptions{}) + require.NoError(t, err) + + // Wait for CSV success + fetchedCSV, err = fetchCSV(t, crc, csv.GetName(), testNamespace, func(csv *v1alpha1.ClusterServiceVersion) bool { + // Should create an APIService + apiService, err := c.GetAPIService(apiServiceName) + if err != nil { + require.True(t, k8serrors.IsNotFound(err)) + return false + } + + if csvSucceededChecker(csv) { + require.NotEqual(t, oldAPIServiceUID, apiService.GetUID()) + return true + } + + return false + }) + require.NoError(t, err) +} + +func TestUpdateCSVWithOwnedAPIService(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + depName := genName("hat-server") + mockGroup := fmt.Sprintf("hats.%s.redhat.com", genName("")) + version := "v1alpha1" + mockGroupVersion := strings.Join([]string{mockGroup, version}, "/") + mockKinds := []string{"fedora"} + depSpec := newMockExtServerDeployment(depName, mockGroupVersion, mockKinds) + apiServiceName := strings.Join([]string{version, mockGroup}, ".") + + // Create CSVs for the hat-server + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: depName, + Spec: depSpec, + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + + owned := make([]v1alpha1.APIServiceDescription, len(mockKinds)) + for i, kind := range mockKinds { + owned[i] = v1alpha1.APIServiceDescription{ + Name: apiServiceName, + Group: mockGroup, + Version: version, + Kind: kind, + DeploymentName: depName, + ContainerPort: int32(5443), + DisplayName: kind, + Description: fmt.Sprintf("A %s", kind), + } + } + + csv := v1alpha1.ClusterServiceVersion{ + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: owned, + }, + }, + } + csv.SetName("csv-hat-1") + + // Create the APIService CSV + _, err = createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should create Deployment + _, err = c.GetDeployment(testNamespace, depName) + require.NoError(t, err, "error getting expected Deployment") + + // Should create APIService + _, err = c.GetAPIService(apiServiceName) + require.NoError(t, err, "error getting expected APIService") + + // Should create Service + _, err = c.GetService(testNamespace, olm.APIServiceNameToServiceName(apiServiceName)) + require.NoError(t, err, "error getting expected Service") + + // Should create certificate Secret + secretName := fmt.Sprintf("%s-cert", apiServiceName) + _, err = c.GetSecret(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret") + + // Should create a Role for the Secret + _, err = c.GetRole(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret Role") + + // Should create a RoleBinding for the Secret + _, err = c.GetRoleBinding(testNamespace, secretName) + require.NoError(t, err, "error getting exptected Secret RoleBinding") + + // Should create a system:auth-delegator Cluster RoleBinding + _, err = c.GetClusterRoleBinding(fmt.Sprintf("%s-system:auth-delegator", apiServiceName)) + require.NoError(t, err, "error getting expected system:auth-delegator ClusterRoleBinding") + + // Should create an extension-apiserver-authentication-reader RoleBinding in kube-system + _, err = c.GetRoleBinding("kube-system", fmt.Sprintf("%s-auth-reader", apiServiceName)) + require.NoError(t, err, "error getting expected extension-apiserver-authentication-reader RoleBinding") + + // Create a new CSV that owns the same API Service and replace the old CSV + csv2 := v1alpha1.ClusterServiceVersion{ + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: csv.Name, + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: owned, + }, + }, + } + csv2.SetName("csv-hat-2") + + // Create CSV2 to replace CSV + cleanupCSV2, err := createCSV(t, c, crc, csv2, testNamespace, false, true) + require.NoError(t, err) + defer cleanupCSV2() + + _, err = fetchCSV(t, crc, csv2.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should create Deployment + _, err = c.GetDeployment(testNamespace, depName) + require.NoError(t, err, "error getting expected Deployment") + + // Should create APIService + _, err = c.GetAPIService(apiServiceName) + require.NoError(t, err, "error getting expected APIService") + + // Should create Service + _, err = c.GetService(testNamespace, olm.APIServiceNameToServiceName(apiServiceName)) + require.NoError(t, err, "error getting expected Service") + + // Should create certificate Secret + secretName = fmt.Sprintf("%s-cert", apiServiceName) + _, err = c.GetSecret(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret") + + // Should create a Role for the Secret + _, err = c.GetRole(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret Role") + + // Should create a RoleBinding for the Secret + _, err = c.GetRoleBinding(testNamespace, secretName) + require.NoError(t, err, "error getting exptected Secret RoleBinding") + + // Should create a system:auth-delegator Cluster RoleBinding + _, err = c.GetClusterRoleBinding(fmt.Sprintf("%s-system:auth-delegator", apiServiceName)) + require.NoError(t, err, "error getting expected system:auth-delegator ClusterRoleBinding") + + // Should create an extension-apiserver-authentication-reader RoleBinding in kube-system + _, err = c.GetRoleBinding("kube-system", fmt.Sprintf("%s-auth-reader", apiServiceName)) + require.NoError(t, err, "error getting expected extension-apiserver-authentication-reader RoleBinding") + + // Should eventually GC the CSV + err = waitForCSVToDelete(t, crc, csv.Name) + require.NoError(t, err) + + // Rename the initial CSV + csv.SetName("csv-hat-3") + + // Recreate the old CSV + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, true) + require.NoError(t, err) + defer cleanupCSV() + + fetched, err := fetchCSV(t, crc, csv.Name, testNamespace, buildCSVReasonChecker(v1alpha1.CSVReasonOwnerConflict)) + require.NoError(t, err) + require.Equal(t, string(v1alpha1.CSVPhaseFailed), string(fetched.Status.Phase)) +} + +func TestCreateSameCSVWithOwnedAPIServiceMultiNamespace(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + // Create new namespace in a new operator group + secondNamespaceName := genName(testNamespace + "-") + matchingLabel := map[string]string{"inGroup": secondNamespaceName} + + _, err := c.KubernetesInterface().CoreV1().Namespaces().Create(&corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: secondNamespaceName, + Labels: matchingLabel, + }, + }) + require.NoError(t, err) + defer func() { + err = c.KubernetesInterface().CoreV1().Namespaces().Delete(secondNamespaceName, &metav1.DeleteOptions{}) + require.NoError(t, err) + }() + + // Create a new operator group for the new namespace + operatorGroup := v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: genName("e2e-operator-group-"), + Namespace: secondNamespaceName, + }, + Spec: v1.OperatorGroupSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: matchingLabel, + }, + }, + } + _, err = crc.OperatorsV1().OperatorGroups(secondNamespaceName).Create(&operatorGroup) + require.NoError(t, err) + defer func() { + err = crc.OperatorsV1().OperatorGroups(secondNamespaceName).Delete(operatorGroup.Name, &metav1.DeleteOptions{}) + require.NoError(t, err) + }() + + expectedOperatorGroupStatus := v1.OperatorGroupStatus{ + Namespaces: []string{secondNamespaceName}, + } + + t.Log("Waiting on new operator group to have correct status") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, fetchErr := crc.OperatorsV1().OperatorGroups(secondNamespaceName).Get(operatorGroup.Name, metav1.GetOptions{}) + if fetchErr != nil { + return false, fetchErr + } + if len(fetched.Status.Namespaces) > 0 { + require.ElementsMatch(t, expectedOperatorGroupStatus.Namespaces, fetched.Status.Namespaces) + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + depName := genName("hat-server") + mockGroup := fmt.Sprintf("hats.%s.redhat.com", genName("")) + version := "v1alpha1" + mockGroupVersion := strings.Join([]string{mockGroup, version}, "/") + mockKinds := []string{"fedora"} + depSpec := newMockExtServerDeployment(depName, mockGroupVersion, mockKinds) + apiServiceName := strings.Join([]string{version, mockGroup}, ".") + + // Create CSVs for the hat-server + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: depName, + Spec: depSpec, + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + + owned := make([]v1alpha1.APIServiceDescription, len(mockKinds)) + for i, kind := range mockKinds { + owned[i] = v1alpha1.APIServiceDescription{ + Name: apiServiceName, + Group: mockGroup, + Version: version, + Kind: kind, + DeploymentName: depName, + ContainerPort: int32(5443), + DisplayName: kind, + Description: fmt.Sprintf("A %s", kind), + } + } + + csv := v1alpha1.ClusterServiceVersion{ + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: owned, + }, + }, + } + csv.SetName("csv-hat-1") + + // Create the initial CSV + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should create Deployment + _, err = c.GetDeployment(testNamespace, depName) + require.NoError(t, err, "error getting expected Deployment") + + // Should create APIService + _, err = c.GetAPIService(apiServiceName) + require.NoError(t, err, "error getting expected APIService") + + // Should create Service + _, err = c.GetService(testNamespace, olm.APIServiceNameToServiceName(apiServiceName)) + require.NoError(t, err, "error getting expected Service") + + // Should create certificate Secret + secretName := fmt.Sprintf("%s-cert", apiServiceName) + _, err = c.GetSecret(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret") + + // Should create a Role for the Secret + _, err = c.GetRole(testNamespace, secretName) + require.NoError(t, err, "error getting expected Secret Role") + + // Should create a RoleBinding for the Secret + _, err = c.GetRoleBinding(testNamespace, secretName) + require.NoError(t, err, "error getting exptected Secret RoleBinding") + + // Should create a system:auth-delegator Cluster RoleBinding + _, err = c.GetClusterRoleBinding(fmt.Sprintf("%s-system:auth-delegator", apiServiceName)) + require.NoError(t, err, "error getting expected system:auth-delegator ClusterRoleBinding") + + // Should create an extension-apiserver-authentication-reader RoleBinding in kube-system + _, err = c.GetRoleBinding("kube-system", fmt.Sprintf("%s-auth-reader", apiServiceName)) + require.NoError(t, err, "error getting expected extension-apiserver-authentication-reader RoleBinding") + + // Create a new CSV that owns the same API Service but in a different namespace + csv2 := v1alpha1.ClusterServiceVersion{ + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: owned, + }, + }, + } + csv2.SetName("csv-hat-2") + + // Create CSV2 to replace CSV + _, err = createCSV(t, c, crc, csv2, secondNamespaceName, false, true) + require.NoError(t, err) + + _, err = fetchCSV(t, crc, csv2.Name, secondNamespaceName, csvFailedChecker) + require.NoError(t, err) +} + +func TestOrphanedAPIServiceCleanUp(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + + mockGroup := fmt.Sprintf("hats.%s.redhat.com", genName("")) + version := "v1alpha1" + apiServiceName := strings.Join([]string{version, mockGroup}, ".") + + apiService := &apiregistrationv1.APIService{ + ObjectMeta: metav1.ObjectMeta{ + Name: apiServiceName, + }, + Spec: apiregistrationv1.APIServiceSpec{ + Group: mockGroup, + Version: version, + GroupPriorityMinimum: 100, + VersionPriority: 100, + }, + } + + watcher, err := c.ApiregistrationV1Interface().ApiregistrationV1().APIServices().Watch(metav1.ListOptions{FieldSelector: "metadata.name=" + apiServiceName}) + require.NoError(t, err) + + deleted := make(chan struct{}) + quit := make(chan struct{}) + defer close(quit) + go func() { + events := watcher.ResultChan() + for { + select { + case <-quit: + return + case evt := <-events: + if evt.Type == watch.Deleted { + deleted <- struct{}{} + } + case <-time.After(pollDuration): + require.FailNow(t, "orphaned apiservice not cleaned up as expected") + } + } + }() + + _, err = c.CreateAPIService(apiService) + require.NoError(t, err, "error creating expected APIService") + orphanedAPISvc, err := c.GetAPIService(apiServiceName) + require.NoError(t, err, "error getting expected APIService") + + newLabels := map[string]string{"olm.owner": "hat-serverfd4r5", "olm.owner.kind": "ClusterServiceVersion", "olm.owner.namespace": "nonexistent-namespace"} + orphanedAPISvc.SetLabels(newLabels) + _, err = c.UpdateAPIService(orphanedAPISvc) + require.NoError(t, err, "error updating APIService") + <-deleted + + _, err = c.CreateAPIService(apiService) + require.NoError(t, err, "error creating expected APIService") + orphanedAPISvc, err = c.GetAPIService(apiServiceName) + require.NoError(t, err, "error getting expected APIService") + + newLabels = map[string]string{"olm.owner": "hat-serverfd4r5", "olm.owner.kind": "ClusterServiceVersion", "olm.owner.namespace": testNamespace} + orphanedAPISvc.SetLabels(newLabels) + _, err = c.UpdateAPIService(orphanedAPISvc) + require.NoError(t, err, "error updating APIService") + <-deleted +} + +func TestUpdateCSVSameDeploymentName(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + // Create dependency first (CRD) + crdPlural := genName("ins") + crdName := crdPlural + ".cluster.com" + cleanupCRD, err := createCRD(c, apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + }) + + // Create "current" CSV + nginxName := genName("nginx-") + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep-"), + Spec: newNginxDeployment(nginxName), + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + require.NoError(t, err) + + require.NoError(t, err) + defer cleanupCRD() + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster", + }, + }, + }, + }, + } + + // Don't need to cleanup this CSV, it will be deleted by the upgrade process + _, err = createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + + // Wait for current CSV to succeed + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should have created deployment + dep, err := c.GetDeployment(testNamespace, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, dep) + + // Create "updated" CSV + strategyNew := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + // Same name + Name: strategy.DeploymentSpecs[0].Name, + // Different spec + Spec: newNginxDeployment(nginxName), + }, + }, + } + strategyNewRaw, err := json.Marshal(strategyNew) + require.NoError(t, err) + + csvNew := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: csv.Name, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyNewRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster", + }, + }, + }, + }, + } + + cleanupNewCSV, err := createCSV(t, c, crc, csvNew, testNamespace, true, false) + require.NoError(t, err) + defer cleanupNewCSV() + + // Wait for updated CSV to succeed + fetchedCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should have updated existing deployment + depUpdated, err := c.GetDeployment(testNamespace, strategyNew.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, depUpdated) + require.Equal(t, depUpdated.Spec.Template.Spec.Containers[0].Name, strategyNew.DeploymentSpecs[0].Spec.Template.Spec.Containers[0].Name) + + // Should eventually GC the CSV + err = waitForCSVToDelete(t, crc, csv.Name) + require.NoError(t, err) + + // Fetch cluster service version again to check for unnecessary control loops + sameCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + compareResources(t, fetchedCSV, sameCSV) +} + +func TestUpdateCSVDifferentDeploymentName(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + // Create dependency first (CRD) + crdPlural := genName("ins2") + crdName := crdPlural + ".cluster.com" + cleanupCRD, err := createCRD(c, apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + }) + require.NoError(t, err) + defer cleanupCRD() + + // create "current" CSV + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep-"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + require.NoError(t, err) + + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster2", + }, + }, + }, + }, + } + + // don't need to clean up this CSV, it will be deleted by the upgrade process + _, err = createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + + // Wait for current CSV to succeed + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should have created deployment + dep, err := c.GetDeployment(testNamespace, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, dep) + + // Create "updated" CSV + strategyNew := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep2"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyNewRaw, err := json.Marshal(strategyNew) + require.NoError(t, err) + + csvNew := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv2"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: csv.Name, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyNewRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster2", + }, + }, + }, + }, + } + + cleanupNewCSV, err := createCSV(t, c, crc, csvNew, testNamespace, true, false) + require.NoError(t, err) + defer cleanupNewCSV() + + // Wait for updated CSV to succeed + fetchedCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Fetch cluster service version again to check for unnecessary control loops + sameCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + compareResources(t, fetchedCSV, sameCSV) + + // Should have created new deployment and deleted old + depNew, err := c.GetDeployment(testNamespace, strategyNew.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, depNew) + err = waitForDeploymentToDelete(t, c, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + + // Should eventually GC the CSV + err = waitForCSVToDelete(t, crc, csv.Name) + require.NoError(t, err) +} + +func TestUpdateCSVMultipleIntermediates(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + // Create dependency first (CRD) + crdPlural := genName("ins3") + crdName := crdPlural + ".cluster.com" + cleanupCRD, err := createCRD(c, apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Versions: []apiextensions.CustomResourceDefinitionVersion{ + { + Name: "v1alpha1", + Served: true, + Storage: true, + }, + }, + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + }) + require.NoError(t, err) + defer cleanupCRD() + + // create "current" CSV + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep-"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + require.NoError(t, err) + + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster3", + }, + }, + }, + }, + } + + // don't need to clean up this CSV, it will be deleted by the upgrade process + _, err = createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + + // Wait for current CSV to succeed + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should have created deployment + dep, err := c.GetDeployment(testNamespace, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, dep) + + // Create "updated" CSV + strategyNew := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep2"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyNewRaw, err := json.Marshal(strategyNew) + require.NoError(t, err) + + csvNew := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv2"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: csv.Name, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyNewRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster3", + }, + }, + }, + }, + } + + cleanupNewCSV, err := createCSV(t, c, crc, csvNew, testNamespace, true, false) + require.NoError(t, err) + defer cleanupNewCSV() + + // Wait for updated CSV to succeed + fetchedCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Fetch cluster service version again to check for unnecessary control loops + sameCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + compareResources(t, fetchedCSV, sameCSV) + + // Should have created new deployment and deleted old + depNew, err := c.GetDeployment(testNamespace, strategyNew.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, depNew) + err = waitForDeploymentToDelete(t, c, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + + // Should eventually GC the CSV + err = waitForCSVToDelete(t, crc, csv.Name) + require.NoError(t, err) +} + +func TestUpdateCSVMultipleVersionCRD(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + // Create initial CRD which has 2 versions: v1alpha1 & v1alpha2 + crdPlural := genName("ins4") + crdName := crdPlural + ".cluster.com" + cleanupCRD, err := createCRD(c, apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Versions: []apiextensions.CustomResourceDefinitionVersion{ + { + Name: "v1alpha1", + Served: true, + Storage: true, + }, + { + Name: "v1alpha2", + Served: true, + Storage: false, + }, + }, + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + }) + require.NoError(t, err) + defer cleanupCRD() + + // create initial deployment strategy + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep1-"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + require.NoError(t, err) + + // First CSV with owning CRD v1alpha1 + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster4", + }, + }, + }, + }, + } + + // CSV will be deleted by the upgrade process later + _, err = createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + + // Wait for current CSV to succeed + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should have created deployment + dep, err := c.GetDeployment(testNamespace, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, dep) + + // Create updated deployment strategy + strategyNew := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep2-"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyNewRaw, err := json.Marshal(strategyNew) + require.NoError(t, err) + + // Second CSV with owning CRD v1alpha1 and v1alpha2 + csvNew := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv2"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: csv.Name, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyNewRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster4", + }, + { + Name: crdName, + Version: "v1alpha2", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster4", + }, + }, + }, + }, + } + + // Create newly updated CSV + _, err = createCSV(t, c, crc, csvNew, testNamespace, false, false) + require.NoError(t, err) + + // Wait for updated CSV to succeed + fetchedCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Fetch cluster service version again to check for unnecessary control loops + sameCSV, err := fetchCSV(t, crc, csvNew.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + compareResources(t, fetchedCSV, sameCSV) + + // Should have created new deployment and deleted old one + depNew, err := c.GetDeployment(testNamespace, strategyNew.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, depNew) + err = waitForDeploymentToDelete(t, c, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + + // Create updated deployment strategy + strategyNew2 := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep3-"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyNewRaw2, err := json.Marshal(strategyNew2) + require.NoError(t, err) + + // Third CSV with owning CRD v1alpha2 + csvNew2 := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv3"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: csvNew.Name, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyNewRaw2, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha2", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster4", + }, + }, + }, + }, + } + + // Create newly updated CSV + cleanupNewCSV, err := createCSV(t, c, crc, csvNew2, testNamespace, true, false) + require.NoError(t, err) + defer cleanupNewCSV() + + // Wait for updated CSV to succeed + fetchedCSV, err = fetchCSV(t, crc, csvNew2.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Fetch cluster service version again to check for unnecessary control loops + sameCSV, err = fetchCSV(t, crc, csvNew2.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + compareResources(t, fetchedCSV, sameCSV) + + // Should have created new deployment and deleted old one + depNew, err = c.GetDeployment(testNamespace, strategyNew2.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, depNew) + err = waitForDeploymentToDelete(t, c, strategyNew.DeploymentSpecs[0].Name) + require.NoError(t, err) + + // Should clean up the CSV + err = waitForCSVToDelete(t, crc, csvNew.Name) + require.NoError(t, err) +} + +func TestUpdateCSVModifyDeploymentName(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + // Create dependency first (CRD) + crdPlural := genName("ins2") + crdName := crdPlural + ".cluster.com" + cleanupCRD, err := createCRD(c, apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + }) + require.NoError(t, err) + defer cleanupCRD() + + // create "current" CSV + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep-"), + Spec: newNginxDeployment(genName("nginx-")), + }, + { + Name: "dep2-test", + Spec: newNginxDeployment("nginx2"), + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + require.NoError(t, err) + + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: []v1alpha1.CRDDescription{ + { + Name: crdName, + Version: "v1alpha1", + Kind: crdPlural, + DisplayName: crdName, + Description: "In the cluster2", + }, + }, + }, + }, + } + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, true, false) + require.NoError(t, err) + defer cleanupCSV() + + // Wait for current CSV to succeed + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should have created deployments + dep, err := c.GetDeployment(testNamespace, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, dep) + dep2, err := c.GetDeployment(testNamespace, strategy.DeploymentSpecs[1].Name) + require.NoError(t, err) + require.NotNil(t, dep2) + + // Create "updated" CSV + strategyNew := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep3-"), + Spec: newNginxDeployment(genName("nginx3-")), + }, + { + Name: "dep2-test", + Spec: newNginxDeployment("nginx2"), + }, + }, + } + strategyNewRaw, err := json.Marshal(strategyNew) + require.NoError(t, err) + + // Fetch the current csv + fetchedCSV, err := fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Update csv with same strategy with different deployment's name + fetchedCSV.Spec.InstallStrategy.StrategySpecRaw = strategyNewRaw + + // Update the current csv with the new csv + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Update(fetchedCSV) + require.NoError(t, err) + + // Wait for new deployment to exist + err = waitForDeployment(t, c, strategyNew.DeploymentSpecs[0].Name) + require.NoError(t, err) + + // Wait for updated CSV to succeed + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Should have created new deployment and deleted old + depNew, err := c.GetDeployment(testNamespace, strategyNew.DeploymentSpecs[0].Name) + require.NoError(t, err) + require.NotNil(t, depNew) + // Make sure the unchanged deployment still exists + depNew2, err := c.GetDeployment(testNamespace, strategyNew.DeploymentSpecs[1].Name) + require.NoError(t, err) + require.NotNil(t, depNew2) + err = waitForDeploymentToDelete(t, c, strategy.DeploymentSpecs[0].Name) + require.NoError(t, err) +} + +func TestCreateCSVRequirementsEvents(t *testing.T) { + t.Skip() + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + sa := corev1.ServiceAccount{} + sa.SetName(genName("sa-")) + sa.SetNamespace(testNamespace) + _, err := c.CreateServiceAccount(&sa) + require.NoError(t, err, "could not create ServiceAccount") + + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: sa.GetName(), + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + { + Verbs: []string{"delete"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + clusterPermissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: sa.GetName(), + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + }, + } + + depName := genName("dep-") + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.ClusterServiceVersionAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: genName("csv"), + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: newNginxInstallStrategy(depName, permissions, clusterPermissions), + // Cheating a little; this is an APIservice that will exist for the e2e tests + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Required: []v1alpha1.APIServiceDescription{ + { + Group: "packages.operators.coreos.com", + Version: "v1", + Kind: "PackageManifest", + DisplayName: "Package Manifest", + Description: "An apiservice that exists", + }, + }, + }, + }, + } + + // Create Role/Cluster Roles and RoleBindings + role := rbacv1.Role{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + { + Verbs: []string{"delete"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + } + role.SetName("test-role") + role.SetNamespace(testNamespace) + _, err = c.CreateRole(&role) + require.NoError(t, err, "could not create Role") + + roleBinding := rbacv1.RoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "Role", + Name: role.GetName(), + }, + } + roleBinding.SetName(genName("dep-")) + roleBinding.SetNamespace(testNamespace) + _, err = c.CreateRoleBinding(&roleBinding) + require.NoError(t, err, "could not create RoleBinding") + + clusterRole := rbacv1.ClusterRole{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"get"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + } + clusterRole.SetName(genName("dep-")) + _, err = c.CreateClusterRole(&clusterRole) + require.NoError(t, err, "could not create ClusterRole") + + clusterRoleBinding := rbacv1.ClusterRoleBinding{ + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + APIGroup: "", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: clusterRole.GetName(), + }, + } + clusterRoleBinding.SetName(genName("dep-")) + _, err = c.CreateClusterRoleBinding(&clusterRoleBinding) + require.NoError(t, err, "could not create ClusterRoleBinding") + + cleanupCSV, err := createCSV(t, c, crc, csv, testNamespace, false, false) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + listOptions := metav1.ListOptions{ + FieldSelector: "involvedObject.kind=ClusterServiceVersion", + } + + // Get events from test namespace for CSV + eventsList, err := c.KubernetesInterface().CoreV1().Events(testNamespace).List(listOptions) + require.NoError(t, err) + latestEvent := findLastEvent(eventsList) + require.Equal(t, string(latestEvent.Reason), "InstallSucceeded") + + // Edit role + updatedRole := rbacv1.Role{ + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{"create"}, + APIGroups: []string{""}, + Resources: []string{"deployment"}, + }, + }, + } + updatedRole.SetName("test-role") + updatedRole.SetNamespace(testNamespace) + _, err = c.UpdateRole(&updatedRole) + require.NoError(t, err) + + // Check CSV status + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvPendingChecker) + require.NoError(t, err) + + // Check event + eventsList, err = c.KubernetesInterface().CoreV1().Events(testNamespace).List(listOptions) + require.NoError(t, err) + latestEvent = findLastEvent(eventsList) + require.Equal(t, string(latestEvent.Reason), "RequirementsNotMet") + + // Reverse the updated role + _, err = c.UpdateRole(&role) + require.NoError(t, err) + + // Check CSV status + _, err = fetchCSV(t, crc, csv.Name, testNamespace, csvSucceededChecker) + require.NoError(t, err) + + // Check event + eventsList, err = c.KubernetesInterface().CoreV1().Events(testNamespace).List(listOptions) + require.NoError(t, err) + latestEvent = findLastEvent(eventsList) + require.Equal(t, string(latestEvent.Reason), "InstallSucceeded") +} + +// TODO: test behavior when replaces field doesn't point to existing CSV diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/data/catalog.new.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/data/catalog.new.yaml new file mode 100644 index 000000000..e816a28ea --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/data/catalog.new.yaml @@ -0,0 +1,105 @@ +# Contains PackageB (Updated), PackageC (new) +kind: ConfigMap +apiVersion: v1 +metadata: + name: new-test-catalog + namespace: tectonic-system +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: testcs.example.com + spec: + group: example.com + version: v1alpha1 + scope: Namespaced + names: + plural: testcs + singular: testc + kind: TestC + listKind: TestCList + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: testbs.example.com + spec: + group: example.com + version: v1alpha1 + scope: Namespaced + names: + plural: testbs + singular: testb + kind: TestB + listKind: TestBList + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: service-c.1.0.0 + namespace: placeholder + labels: + alm-catalog: rh-operators + spec: + displayName: TestServiceC + description: Test Service C + keywords: [test] + version: 1.0.0 + maturity: alpha + customresourcedefinitions: + owned: + - description: Test C + displayName: TestC + kind: TestC + name: testcs.example.com + version: v1alpha1 + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: service-b.1.0.0 + namespace: placeholder + labels: + alm-catalog: rh-operators + spec: + displayName: TestServiceB + description: Test Service B + keywords: [test] + version: 1.0.0 + maturity: alpha + customresourcedefinitions: + owned: + - description: Test B + displayName: TestB + kind: TestB + name: testbs.example.com + version: v1alpha1 + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: service-b.1.0.1 + namespace: placeholder + labels: + alm-catalog: rh-operators + spec: + displayName: TestServiceB + description: Test Service B + keywords: [test] + version: 1.0.1 + replaces: service-b.1.0.0 + maturity: alpha + customresourcedefinitions: + owned: + - description: Test B + displayName: TestB + kind: TestB + name: testbs.example.com + version: v1alpha1 + packages: |- + - packageName: package-c + channels: + - name: alpha + currentCSV: service-c.1.0.0 + - packageName: package-b + channels: + - name: alpha + currentCSV: service-b.1.0.1 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/data/catalog.old.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/data/catalog.old.yaml new file mode 100644 index 000000000..4d08d7826 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/data/catalog.old.yaml @@ -0,0 +1,84 @@ +# Contains PackageA, PackageB +kind: ConfigMap +apiVersion: v1 +metadata: + name: old-test-catalog + namespace: tectonic-system +data: + customResourceDefinitions: |- + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: testas.example.com + spec: + group: example.com + version: v1alpha1 + scope: Namespaced + names: + plural: testas + singular: testa + kind: TestA + listKind: TestAList + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: testbs.example.com + spec: + group: example.com + version: v1alpha1 + scope: Namespaced + names: + plural: testbs + singular: testb + kind: TestB + listKind: TestBList + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: service-a.1.0.0 + namespace: placeholder + labels: + alm-catalog: rh-operators + spec: + displayName: TestServiceA + description: Test Service A + keywords: [test] + version: 1.0.0 + maturity: alpha + customresourcedefinitions: + owned: + - description: Test A + displayName: TestA + kind: TestA + name: testas.example.com + version: v1alpha1 + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: service-b.1.0.0 + namespace: placeholder + labels: + alm-catalog: rh-operators + spec: + displayName: TestServiceB + description: Test Service B + keywords: [test] + version: 1.0.0 + maturity: alpha + customresourcedefinitions: + owned: + - description: Test B + displayName: TestB + kind: TestB + name: testbs.example.com + version: v1alpha1 + packages: |- + - packageName: package-a + channels: + - name: alpha + currentCSV: service-a.1.0.0 + - packageName: package-b + channels: + - name: alpha + currentCSV: service-b.1.0.0 diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e-bare-values.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e-bare-values.yaml new file mode 100644 index 000000000..a639c777b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e-bare-values.yaml @@ -0,0 +1,39 @@ +rbacApiVersion: rbac.authorization.k8s.io +namespace: operator-lifecycle-manager +catalog_namespace: operator-lifecycle-manager +writeStatusName: '""' +olm: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 8080 + commandArgs: -test.coverprofile=/tmp/coverage/alm-coverage.cov + +catalog: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 8080 + commandArgs: -test.coverprofile=/tmp/catalog-coverage.cov + +package: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 5443 + commandArgs: -test.coverprofile=/tmp/catalog-coverage.cov + +e2e: + image: + ref: quay.io/operator-framework/olm-e2e:local + +job_name: e2e + +catalog_sources: + - rh-operators diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e-values.yaml b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e-values.yaml new file mode 100644 index 000000000..e8b4187b7 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e-values.yaml @@ -0,0 +1,35 @@ +writeStatusName: '""' +debug: true + +olm: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 8080 + +catalog: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 8080 + +package: + replicaCount: 1 + image: + ref: quay.io/operator-framework/olm:local + pullPolicy: IfNotPresent + service: + internalPort: 5443 + +e2e: + image: + ref: quay.io/operator-framework/olm-e2e:local + +job_name: e2e + +catalog_sources: + - rh-operators diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e.sh b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e.sh new file mode 100755 index 000000000..b6990b80a --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/e2e.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +# this script is run inside the container +echo "$KUBECONFIG" +echo "$NAMESPACE" + +mkdir /out +touch /out/test.log + +# fail with the last non-zero exit code (preserves test fail exit code) +set -o pipefail + +/bin/e2e -test.v 2>&1 | tee /out/test.log | go tool test2json | tee /out/test.json | jq -r -f /var/e2e/tap.jq + +if cat /out/test.log | grep -q '^not'; then + exit 1 +else + exit 0 +fi diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/gc_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/gc_e2e_test.go new file mode 100644 index 000000000..afd0fe893 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/gc_e2e_test.go @@ -0,0 +1,84 @@ +package e2e + +import ( + "testing" + + "github.com/blang/semver" + "github.com/stretchr/testify/require" + corev1 "k8s.io/api/core/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +// TestOwnerReferenceGCBehavior runs a simple check on OwnerReference behavior to ensure +// a resource with multiple OwnerReferences will not be garbage collected when one of its +// owners has been deleted. +// Test Case: +// CSV-A CSV-B CSV-B +// \ / --Delete CSV-A--> | +// ConfigMap ConfigMap +func TestOwnerReferenceGCBehavior(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + ownerA := newCSV("ownera", testNamespace, "", semver.MustParse("0.0.0"), nil, nil, newNginxInstallStrategy("dep-", nil, nil)) + ownerB := newCSV("ownerb", testNamespace, "", semver.MustParse("0.0.0"), nil, nil, newNginxInstallStrategy("dep-", nil, nil)) + + // create all owners + c := newKubeClient(t) + crc := newCRClient(t) + + fetchedA, err := crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Create(&ownerA) + require.NoError(t, err) + fetchedB, err := crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Create(&ownerB) + require.NoError(t, err) + + dependent := &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "dependent", + }, + Data: map[string]string{}, + } + + // add owners + ownerutil.AddOwner(dependent, fetchedA, true, false) + ownerutil.AddOwner(dependent, fetchedB, true, false) + + // create dependent + _, err = c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Create(dependent) + require.NoError(t, err, "dependent could not be created") + + // delete ownerA in the foreground (to ensure any "blocking" dependents are deleted before ownerA) + propagation := metav1.DeletionPropagation("Foreground") + options := metav1.DeleteOptions{PropagationPolicy: &propagation} + err = crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Delete(fetchedA.GetName(), &options) + require.NoError(t, err) + + // wait for deletion of ownerA + waitForDelete(func() error { + _, err := crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Get(ownerA.GetName(), metav1.GetOptions{}) + return err + }) + + // check for dependent (should still exist since it still has one owner present) + _, err = c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Get(dependent.GetName(), metav1.GetOptions{}) + require.NoError(t, err, "dependent deleted after one owner was deleted") + t.Log("dependent still exists after one owner was deleted") + + // delete ownerB in the foreground (to ensure any "blocking" dependents are deleted before ownerB) + err = crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Delete(fetchedB.GetName(), &options) + require.NoError(t, err) + + // wait for deletion of ownerB + waitForDelete(func() error { + _, err := crc.OperatorsV1alpha1().ClusterServiceVersions(testNamespace).Get(ownerB.GetName(), metav1.GetOptions{}) + return err + }) + + // check for dependent (should be deleted since last blocking owner was deleted) + _, err = c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Get(dependent.GetName(), metav1.GetOptions{}) + require.Error(t, err) + require.True(t, k8serrors.IsNotFound(err)) + t.Log("dependent successfully garbage collected after both owners were deleted") +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/installplan_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/installplan_e2e_test.go new file mode 100644 index 000000000..016860b3f --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/installplan_e2e_test.go @@ -0,0 +1,1219 @@ +package e2e + +import ( + "encoding/json" + "fmt" + "strings" + "testing" + "time" + + "github.com/blang/semver" + "github.com/stretchr/testify/require" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/kubernetes/pkg/apis/rbac" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry" + opver "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" +) + +type checkInstallPlanFunc func(fip *v1alpha1.InstallPlan) bool + +func buildInstallPlanPhaseCheckFunc(phases ...v1alpha1.InstallPlanPhase) checkInstallPlanFunc { + return func(fip *v1alpha1.InstallPlan) bool { + satisfiesAny := false + for _, phase := range phases { + satisfiesAny = satisfiesAny || fip.Status.Phase == phase + } + return satisfiesAny + } +} + +func buildInstallPlanCleanupFunc(crc versioned.Interface, namespace string, installPlan *v1alpha1.InstallPlan) cleanupFunc { + return func() { + deleteOptions := &metav1.DeleteOptions{} + for _, step := range installPlan.Status.Plan { + if step.Resource.Kind == v1alpha1.ClusterServiceVersionKind { + if err := crc.OperatorsV1alpha1().ClusterServiceVersions(namespace).Delete(step.Resource.Name, deleteOptions); err != nil { + fmt.Println(err) + } + } + } + + if err := crc.OperatorsV1alpha1().InstallPlans(namespace).Delete(installPlan.GetName(), deleteOptions); err != nil { + fmt.Println(err) + } + + err := waitForDelete(func() error { + _, err := crc.OperatorsV1alpha1().InstallPlans(namespace).Get(installPlan.GetName(), metav1.GetOptions{}) + return err + }) + + if err != nil { + fmt.Println(err) + } + } +} + +func fetchInstallPlan(t *testing.T, c versioned.Interface, name string, checkPhase checkInstallPlanFunc) (*v1alpha1.InstallPlan, error) { + var fetchedInstallPlan *v1alpha1.InstallPlan + var err error + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedInstallPlan, err = c.OperatorsV1alpha1().InstallPlans(testNamespace).Get(name, metav1.GetOptions{}) + if err != nil || fetchedInstallPlan == nil { + return false, err + } + + return checkPhase(fetchedInstallPlan), nil + }) + return fetchedInstallPlan, err +} + +func newNginxInstallStrategy(name string, permissions []install.StrategyDeploymentPermissions, clusterPermissions []install.StrategyDeploymentPermissions) v1alpha1.NamedInstallStrategy { + // Create an nginx details deployment + details := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: name, + Spec: appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{"app": "nginx"}, + }, + Replicas: &singleInstance, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{"app": "nginx"}, + }, + Spec: corev1.PodSpec{Containers: []corev1.Container{ + { + Name: genName("nginx"), + Image: "bitnami/nginx:latest", + Ports: []corev1.ContainerPort{{ContainerPort: 80}}, + ImagePullPolicy: corev1.PullIfNotPresent, + }, + }}, + }, + }, + }, + }, + Permissions: permissions, + ClusterPermissions: clusterPermissions, + } + detailsRaw, _ := json.Marshal(details) + namedStrategy := v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: detailsRaw, + } + + return namedStrategy +} + +func newCRD(plural string) apiextensions.CustomResourceDefinition { + crd := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: plural + ".cluster.com", + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: plural, + Singular: plural, + Kind: plural, + ListKind: "list" + plural, + }, + Scope: "Namespaced", + }, + } + + return crd +} + +func newCSV(name, namespace, replaces string, version semver.Version, owned []apiextensions.CustomResourceDefinition, required []apiextensions.CustomResourceDefinition, namedStrategy v1alpha1.NamedInstallStrategy) v1alpha1.ClusterServiceVersion { + csvType = metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.GroupVersion, + } + + csv := v1alpha1.ClusterServiceVersion{ + TypeMeta: csvType, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: replaces, + Version: opver.OperatorVersion{version}, + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: namedStrategy, + CustomResourceDefinitions: v1alpha1.CustomResourceDefinitions{ + Owned: nil, + Required: nil, + }, + }, + } + + // Populate owned and required + for _, crd := range owned { + desc := v1alpha1.CRDDescription{ + Name: crd.GetName(), + Version: "v1alpha1", + Kind: crd.Spec.Names.Plural, + DisplayName: crd.GetName(), + Description: crd.GetName(), + } + csv.Spec.CustomResourceDefinitions.Owned = append(csv.Spec.CustomResourceDefinitions.Owned, desc) + } + + for _, crd := range required { + desc := v1alpha1.CRDDescription{ + Name: crd.GetName(), + Version: "v1alpha1", + Kind: crd.Spec.Names.Plural, + DisplayName: crd.GetName(), + Description: crd.GetName(), + } + csv.Spec.CustomResourceDefinitions.Required = append(csv.Spec.CustomResourceDefinitions.Required, desc) + } + + return csv +} + +func TestInstallPlanWithCSVsAcrossMultipleCatalogSources(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + log := func(s string) { + t.Logf("%s: %s", time.Now().Format("15:04:05.9999"), s) + } + + mainPackageName := genName("nginx-") + dependentPackageName := genName("nginxdep-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + dependentPackageStable := fmt.Sprintf("%s-stable", dependentPackageName) + + stableChannel := "stable" + + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + dependentNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + crdPlural := genName("ins-") + + dependentCRD := newCRD(crdPlural) + mainCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), nil, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + dependentCSV := newCSV(dependentPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + + dependentCatalogName := genName("mock-ocs-dependent-") + mainCatalogName := genName("mock-ocs-main-") + + // Create separate manifests for each CatalogSource + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + dependentManifests := []registry.PackageManifest{ + { + PackageName: dependentPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: dependentPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the catalog sources + require.NotEqual(t, "", testNamespace) + _, cleanupDependentCatalogSource := createInternalCatalogSource(t, c, crc, dependentCatalogName, testNamespace, dependentManifests, []apiextensions.CustomResourceDefinition{dependentCRD}, []v1alpha1.ClusterServiceVersion{dependentCSV}) + defer cleanupDependentCatalogSource() + // Attempt to get the catalog source before creating install plan + _, err := fetchCatalogSource(t, crc, dependentCatalogName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + _, cleanupMainCatalogSource := createInternalCatalogSource(t, c, crc, mainCatalogName, testNamespace, mainManifests, nil, []v1alpha1.ClusterServiceVersion{mainCSV}) + defer cleanupMainCatalogSource() + // Attempt to get the catalog source before creating install plan + _, err = fetchCatalogSource(t, crc, mainCatalogName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Create expected install plan step sources + expectedStepSources := map[registry.ResourceKey]registry.ResourceKey{ + registry.ResourceKey{Name: dependentCRD.Name, Kind: "CustomResourceDefinition"}: {Name: dependentCatalogName, Namespace: testNamespace}, + registry.ResourceKey{Name: dependentPackageStable, Kind: v1alpha1.ClusterServiceVersionKind}: {Name: dependentCatalogName, Namespace: testNamespace}, + registry.ResourceKey{Name: mainPackageStable, Kind: v1alpha1.ClusterServiceVersionKind}: {Name: mainCatalogName, Namespace: testNamespace}, + registry.ResourceKey{Name: strings.Join([]string{dependentPackageStable, dependentCatalogName, testNamespace}, "-"), Kind: v1alpha1.SubscriptionKind}: {Name: dependentCatalogName, Namespace: testNamespace}, + } + + subscriptionName := genName("sub-nginx-") + subscriptionCleanup := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlanName := subscription.Status.InstallPlanRef.Name + + // Wait for InstallPlan to be status: Complete before checking resource presence + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete)) + require.NoError(t, err) + log(fmt.Sprintf("Install plan %s fetched with status %s", fetchedInstallPlan.GetName(), fetchedInstallPlan.Status.Phase)) + + require.Equal(t, v1alpha1.InstallPlanPhaseComplete, fetchedInstallPlan.Status.Phase) + + // Fetch installplan again to check for unnecessary control loops + fetchedInstallPlan, err = fetchInstallPlan(t, crc, fetchedInstallPlan.GetName(), func(fip *v1alpha1.InstallPlan) bool { + compareResources(t, fetchedInstallPlan, fip) + return true + }) + require.NoError(t, err) + + require.Equal(t, len(expectedStepSources), len(fetchedInstallPlan.Status.Plan), "Number of resolved steps matches the number of expected steps") + + // Ensure resolved step resources originate from the correct catalog sources + log(fmt.Sprintf("%#v", expectedStepSources)) + for _, step := range fetchedInstallPlan.Status.Plan { + log(fmt.Sprintf("checking %s", step.Resource)) + key := registry.ResourceKey{Name: step.Resource.Name, Kind: step.Resource.Kind} + expectedSource, ok := expectedStepSources[key] + require.True(t, ok, "didn't find %v", key) + require.Equal(t, expectedSource.Name, step.Resource.CatalogSource) + require.Equal(t, expectedSource.Namespace, step.Resource.CatalogSourceNamespace) + + // delete + } +EXPECTED: + for key := range expectedStepSources { + for _, step := range fetchedInstallPlan.Status.Plan { + if step.Resource.Name == key.Name && step.Resource.Kind == key.Kind { + continue EXPECTED + } + } + t.Fatalf("expected step %s not found in %#v", key, fetchedInstallPlan.Status.Plan) + } + + log("All expected resources resolved") + + // Verify that the dependent subscription is in a good state + dependentSubscription, err := fetchSubscription(t, crc, testNamespace, strings.Join([]string{dependentPackageStable, dependentCatalogName, testNamespace}, "-"), subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, dependentSubscription) + require.NotNil(t, dependentSubscription.Status.InstallPlanRef) + require.Equal(t, dependentCSV.GetName(), dependentSubscription.Status.CurrentCSV) + + // Verify CSV is created + _, err = awaitCSV(t, crc, testNamespace, dependentCSV.GetName(), csvAnyChecker) + require.NoError(t, err) + + // Update dependent subscription in catalog and wait for csv to update + updatedDependentCSV := newCSV(dependentPackageStable+"-v2", testNamespace, dependentPackageStable, semver.MustParse("0.1.1"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + dependentManifests = []registry.PackageManifest{ + { + PackageName: dependentPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: updatedDependentCSV.GetName()}, + }, + DefaultChannelName: stableChannel, + }, + } + + updateInternalCatalog(t, c, crc, dependentCatalogName, testNamespace, []apiextensions.CustomResourceDefinition{dependentCRD}, []v1alpha1.ClusterServiceVersion{dependentCSV, updatedDependentCSV}, dependentManifests) + + // Wait for subscription to update + updatedDepSubscription, err := fetchSubscription(t, crc, testNamespace, strings.Join([]string{dependentPackageStable, dependentCatalogName, testNamespace}, "-"), subscriptionHasCurrentCSV(updatedDependentCSV.GetName())) + require.NoError(t, err) + + // Verify installplan created and installed + fetchedUpdatedDepInstallPlan, err := fetchInstallPlan(t, crc, updatedDepSubscription.Status.InstallPlanRef.Name, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete)) + require.NoError(t, err) + log(fmt.Sprintf("Install plan %s fetched with status %s", fetchedUpdatedDepInstallPlan.GetName(), fetchedUpdatedDepInstallPlan.Status.Phase)) + require.NotEqual(t, fetchedInstallPlan.GetName(), fetchedUpdatedDepInstallPlan.GetName()) + + // Wait for csv to update + _, err = awaitCSV(t, crc, testNamespace, updatedDependentCSV.GetName(), csvAnyChecker) + require.NoError(t, err) +} + +func TestCreateInstallPlanWithPreExistingCRDOwners(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + t.Run("OnePreExistingCRDOwner", func(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + mainPackageName := genName("nginx-") + dependentPackageName := genName("nginx-dep-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + mainPackageBeta := fmt.Sprintf("%s-beta", mainPackageName) + dependentPackageStable := fmt.Sprintf("%s-stable", dependentPackageName) + dependentPackageBeta := fmt.Sprintf("%s-beta", dependentPackageName) + + stableChannel := "stable" + betaChannel := "beta" + + // Create manifests + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + { + PackageName: dependentPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: dependentPackageStable}, + {Name: betaChannel, CurrentCSVName: dependentPackageBeta}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create new CRDs + mainCRDPlural := genName("ins-") + mainCRD := newCRD(mainCRDPlural) + + // Create a new named install strategy + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + dependentNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + dependentCRDPlural := genName("ins-") + dependentCRD := newCRD(dependentCRDPlural) + + // Create new CSVs + mainStableCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{mainCRD}, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + mainBetaCSV := newCSV(mainPackageBeta, testNamespace, mainPackageStable, semver.MustParse("0.2.0"), []apiextensions.CustomResourceDefinition{mainCRD}, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + dependentStableCSV := newCSV(dependentPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + dependentBetaCSV := newCSV(dependentPackageBeta, testNamespace, dependentPackageStable, semver.MustParse("0.2.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + + // Create the catalog source + mainCatalogSourceName := genName("mock-ocs-main-" + strings.ToLower(t.Name()) + "-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, mainCatalogSourceName, testNamespace, mainManifests, []apiextensions.CustomResourceDefinition{dependentCRD, mainCRD}, []v1alpha1.ClusterServiceVersion{dependentBetaCSV, dependentStableCSV, mainStableCSV, mainBetaCSV}) + defer cleanupCatalogSource() + // Attempt to get the catalog source before creating install plan(s) + _, err := fetchCatalogSource(t, crc, mainCatalogSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + expectedSteps := map[registry.ResourceKey]struct{}{ + registry.ResourceKey{Name: mainCRD.Name, Kind: "CustomResourceDefinition"}: {}, + registry.ResourceKey{Name: mainPackageStable, Kind: v1alpha1.ClusterServiceVersionKind}: {}, + } + + // Create the preexisting CRD and CSV + cleanupCRD, err := createCRD(c, dependentCRD) + require.NoError(t, err) + defer cleanupCRD() + cleanupCSV, err := createCSV(t, c, crc, dependentBetaCSV, testNamespace, true, false) + require.NoError(t, err) + defer cleanupCSV() + t.Log("Dependent CRD and preexisting CSV created") + + subscriptionName := genName("sub-nginx-") + subscriptionCleanup := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogSourceName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlanName := subscription.Status.Install.Name + + // Wait for InstallPlan to be status: Complete or Failed before checking resource presence + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete, v1alpha1.InstallPlanPhaseFailed)) + require.NoError(t, err) + t.Logf("Install plan %s fetched with status %s", fetchedInstallPlan.GetName(), fetchedInstallPlan.Status.Phase) + + require.Equal(t, v1alpha1.InstallPlanPhaseComplete, fetchedInstallPlan.Status.Phase) + + // Fetch installplan again to check for unnecessary control loops + fetchedInstallPlan, err = fetchInstallPlan(t, crc, fetchedInstallPlan.GetName(), func(fip *v1alpha1.InstallPlan) bool { + compareResources(t, fetchedInstallPlan, fip) + return true + }) + require.NoError(t, err) + + for _, step := range fetchedInstallPlan.Status.Plan { + t.Logf("%#v", step) + } + require.Equal(t, len(fetchedInstallPlan.Status.Plan), len(expectedSteps), "number of expected steps does not match installed") + t.Logf("Number of resolved steps matches the number of expected steps") + + for _, step := range fetchedInstallPlan.Status.Plan { + key := registry.ResourceKey{ + Name: step.Resource.Name, + Kind: step.Resource.Kind, + } + _, ok := expectedSteps[key] + require.True(t, ok) + + // Remove the entry from the expected steps set (to ensure no duplicates in resolved plan) + delete(expectedSteps, key) + } + + // Should have removed every matching step + require.Equal(t, 0, len(expectedSteps), "Actual resource steps do not match expected") + }) + + t.Run("PreExistingCRDOwnerIsReplaced", func(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + mainPackageName := genName("nginx-") + dependentPackageName := genName("nginx-dep-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + mainPackageBeta := fmt.Sprintf("%s-beta", mainPackageName) + dependentPackageStable := fmt.Sprintf("%s-stable", dependentPackageName) + dependentPackageBeta := fmt.Sprintf("%s-beta", dependentPackageName) + + stableChannel := "stable" + betaChannel := "beta" + + // Create manifests + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + {Name: betaChannel, CurrentCSVName: mainPackageBeta}, + }, + DefaultChannelName: stableChannel, + }, + { + PackageName: dependentPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: dependentPackageStable}, + {Name: betaChannel, CurrentCSVName: dependentPackageBeta}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create new CRDs + mainCRDPlural := genName("ins-") + mainCRD := newCRD(mainCRDPlural) + + // Create a new named install strategy + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + dependentNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + dependentCRDPlural := genName("ins-") + dependentCRD := newCRD(dependentCRDPlural) + + // Create new CSVs + mainStableCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{mainCRD}, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + mainBetaCSV := newCSV(mainPackageBeta, testNamespace, mainPackageStable, semver.MustParse("0.2.0"), []apiextensions.CustomResourceDefinition{mainCRD}, []apiextensions.CustomResourceDefinition{dependentCRD}, mainNamedStrategy) + dependentStableCSV := newCSV(dependentPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + dependentBetaCSV := newCSV(dependentPackageBeta, testNamespace, dependentPackageStable, semver.MustParse("0.2.0"), []apiextensions.CustomResourceDefinition{dependentCRD}, nil, dependentNamedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + + // Create the catalog source + mainCatalogSourceName := genName("mock-ocs-main-" + strings.ToLower(t.Name()) + "-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, mainCatalogSourceName, testNamespace, mainManifests, []apiextensions.CustomResourceDefinition{dependentCRD, mainCRD}, []v1alpha1.ClusterServiceVersion{dependentBetaCSV, dependentStableCSV, mainStableCSV, mainBetaCSV}) + defer cleanupCatalogSource() + // Attempt to get the catalog source before creating install plan(s) + _, err := fetchCatalogSource(t, crc, mainCatalogSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + subscriptionName := genName("sub-nginx-") + subscriptionCleanup := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogSourceName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlanName := subscription.Status.Install.Name + + // Wait for InstallPlan to be status: Complete or failed before checking resource presence + completeOrFailedFunc := buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete, v1alpha1.InstallPlanPhaseFailed) + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, completeOrFailedFunc) + require.NoError(t, err) + t.Logf("Install plan %s fetched with status %s", fetchedInstallPlan.GetName(), fetchedInstallPlan.Status.Phase) + require.Equal(t, v1alpha1.InstallPlanPhaseComplete, fetchedInstallPlan.Status.Phase) + + // Ensure that the desired resources have been created + expectedSteps := map[registry.ResourceKey]struct{}{ + registry.ResourceKey{Name: mainCRD.Name, Kind: "CustomResourceDefinition"}: {}, + registry.ResourceKey{Name: dependentCRD.Name, Kind: "CustomResourceDefinition"}: {}, + registry.ResourceKey{Name: dependentPackageStable, Kind: v1alpha1.ClusterServiceVersionKind}: {}, + registry.ResourceKey{Name: mainPackageStable, Kind: v1alpha1.ClusterServiceVersionKind}: {}, + registry.ResourceKey{Name: strings.Join([]string{dependentPackageStable, mainCatalogSourceName, testNamespace}, "-"), Kind: v1alpha1.SubscriptionKind}: {}, + } + + require.Equal(t, len(expectedSteps), len(fetchedInstallPlan.Status.Plan), "number of expected steps does not match installed") + + for _, step := range fetchedInstallPlan.Status.Plan { + key := registry.ResourceKey{ + Name: step.Resource.Name, + Kind: step.Resource.Kind, + } + _, ok := expectedSteps[key] + require.True(t, ok, "couldn't find %v in expected steps: %#v", key, expectedSteps) + + // Remove the entry from the expected steps set (to ensure no duplicates in resolved plan) + delete(expectedSteps, key) + } + + // Should have removed every matching step + require.Equal(t, 0, len(expectedSteps), "Actual resource steps do not match expected") + + // Update the subscription resource to point to the beta CSV + err = crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(metav1.NewDeleteOptions(0), metav1.ListOptions{}) + require.NoError(t, err) + + // existing cleanup should remove this + createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogSourceName, mainPackageName, betaChannel, "", v1alpha1.ApprovalAutomatic) + + subscription, err = fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlanName = subscription.Status.Install.Name + + // Wait for InstallPlan to be status: Complete or Failed before checking resource presence + fetchedInstallPlan, err = fetchInstallPlan(t, crc, installPlanName, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete, v1alpha1.InstallPlanPhaseFailed)) + require.NoError(t, err) + t.Logf("Install plan %s fetched with status %s", fetchedInstallPlan.GetName(), fetchedInstallPlan.Status.Phase) + + require.Equal(t, v1alpha1.InstallPlanPhaseComplete, fetchedInstallPlan.Status.Phase) + + // Fetch installplan again to check for unnecessary control loops + fetchedInstallPlan, err = fetchInstallPlan(t, crc, fetchedInstallPlan.GetName(), func(fip *v1alpha1.InstallPlan) bool { + compareResources(t, fetchedInstallPlan, fip) + return true + }) + require.NoError(t, err) + + // Ensure correct in-cluster resource(s) + fetchedCSV, err := fetchCSV(t, crc, mainBetaCSV.GetName(), testNamespace, csvSucceededChecker) + require.NoError(t, err) + + t.Logf("All expected resources resolved %s", fetchedCSV.Status.Phase) + }) +} + +func TestUpdateInstallPlan(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + t.Run("UpdateSingleExistingCRDOwner", func(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + mainPackageName := genName("nginx-update-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + + stableChannel := "stable" + + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + crdPlural := genName("ins-update-") + crdName := crdPlural + ".cluster.com" + mainCRD := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Versions: []apiextensions.CustomResourceDefinitionVersion{ + { + Name: "v1alpha1", + Served: true, + Storage: true, + }, + }, + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + + updatedCRD := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Versions: []apiextensions.CustomResourceDefinitionVersion{ + { + Name: "v1alpha1", + Served: true, + Storage: true, + }, + { + Name: "v1alpha2", + Served: true, + Storage: false, + }, + }, + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + + mainCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{mainCRD}, nil, mainNamedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + + mainCatalogName := genName("mock-ocs-main-update-") + + // Create separate manifests for each CatalogSource + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the catalog sources + _, cleanupMainCatalogSource := createInternalCatalogSource(t, c, crc, mainCatalogName, testNamespace, mainManifests, []apiextensions.CustomResourceDefinition{mainCRD}, []v1alpha1.ClusterServiceVersion{mainCSV}) + defer cleanupMainCatalogSource() + // Attempt to get the catalog source before creating install plan + _, err := fetchCatalogSource(t, crc, mainCatalogName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + subscriptionName := genName("sub-nginx-update-") + subscriptionCleanup := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + require.NotNil(t, subscription.Status.InstallPlanRef) + require.Equal(t, mainCSV.GetName(), subscription.Status.CurrentCSV) + + installPlanName := subscription.Status.InstallPlanRef.Name + + // Wait for InstallPlan to be status: Complete before checking resource presence + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete)) + require.NoError(t, err) + + require.Equal(t, v1alpha1.InstallPlanPhaseComplete, fetchedInstallPlan.Status.Phase) + + // Fetch installplan again to check for unnecessary control loops + fetchedInstallPlan, err = fetchInstallPlan(t, crc, fetchedInstallPlan.GetName(), func(fip *v1alpha1.InstallPlan) bool { + compareResources(t, fetchedInstallPlan, fip) + return true + }) + require.NoError(t, err) + + // Verify CSV is created + _, err = awaitCSV(t, crc, testNamespace, mainCSV.GetName(), csvAnyChecker) + require.NoError(t, err) + + updateInternalCatalog(t, c, crc, mainCatalogName, testNamespace, []apiextensions.CustomResourceDefinition{updatedCRD}, []v1alpha1.ClusterServiceVersion{mainCSV}, mainManifests) + + // Update the subscription resource + err = crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(metav1.NewDeleteOptions(0), metav1.ListOptions{}) + require.NoError(t, err) + + // existing cleanup should remove this + createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + + // Wait for subscription to update + updatedSubscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + + // Verify installplan created and installed + fetchedUpdatedInstallPlan, err := fetchInstallPlan(t, crc, updatedSubscription.Status.InstallPlanRef.Name, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete)) + require.NoError(t, err) + require.NotEqual(t, fetchedInstallPlan.GetName(), fetchedUpdatedInstallPlan.GetName()) + + // Wait for csv to update + _, err = awaitCSV(t, crc, testNamespace, mainCSV.GetName(), csvAnyChecker) + require.NoError(t, err) + + // Get the CRD to see if it is updated + fetchedCRD, err := c.ApiextensionsV1beta1Interface().ApiextensionsV1beta1().CustomResourceDefinitions().Get(crdName, metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, len(fetchedCRD.Spec.Versions), len(updatedCRD.Spec.Versions), "The CRD versions counts don't match") + + fetchedCRDVersions := map[v1beta1.CustomResourceDefinitionVersion]struct{}{} + for _, version := range fetchedCRD.Spec.Versions { + key := v1beta1.CustomResourceDefinitionVersion{ + Name: version.Name, + Served: version.Served, + Storage: version.Storage, + } + fetchedCRDVersions[key] = struct{}{} + } + + for _, version := range updatedCRD.Spec.Versions { + key := v1beta1.CustomResourceDefinitionVersion{ + Name: version.Name, + Served: version.Served, + Storage: version.Storage, + } + _, ok := fetchedCRDVersions[key] + require.True(t, ok, "couldn't find %v in fetched CRD versions: %#v", key, fetchedCRDVersions) + } + }) + + t.Run("UpdatePreexistingCRDFailed", func(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + + mainPackageName := genName("nginx-update2-") + + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + + stableChannel := "stable" + + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + + crdPlural := genName("ins-update2-") + crdName := crdPlural + ".cluster.com" + mainCRD := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Versions: []apiextensions.CustomResourceDefinitionVersion{ + { + Name: "v1alpha1", + Served: true, + Storage: true, + }, + }, + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + + updatedCRD := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Versions: []apiextensions.CustomResourceDefinitionVersion{ + { + Name: "v1alpha1", + Served: true, + Storage: true, + }, + { + Name: "v1alpha2", + Served: true, + Storage: false, + }, + }, + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + + expectedCRDVersions := map[v1beta1.CustomResourceDefinitionVersion]struct{}{} + for _, version := range mainCRD.Spec.Versions { + key := v1beta1.CustomResourceDefinitionVersion{ + Name: version.Name, + Served: version.Served, + Storage: version.Storage, + } + expectedCRDVersions[key] = struct{}{} + } + + // Create the initial CSV + cleanupCRD, err := createCRD(c, mainCRD) + require.NoError(t, err) + defer cleanupCRD() + + mainCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0"), nil, nil, mainNamedStrategy) + + mainCatalogName := genName("mock-ocs-main-update2-") + + // Create separate manifests for each CatalogSource + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the catalog sources + _, cleanupMainCatalogSource := createInternalCatalogSource(t, c, crc, mainCatalogName, testNamespace, mainManifests, []apiextensions.CustomResourceDefinition{updatedCRD}, []v1alpha1.ClusterServiceVersion{mainCSV}) + defer cleanupMainCatalogSource() + // Attempt to get the catalog source before creating install plan + _, err = fetchCatalogSource(t, crc, mainCatalogName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + subscriptionName := genName("sub-nginx-update2-") + subscriptionCleanup := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + require.NotNil(t, subscription.Status.InstallPlanRef) + require.Equal(t, mainCSV.GetName(), subscription.Status.CurrentCSV) + + installPlanName := subscription.Status.InstallPlanRef.Name + + // Wait for InstallPlan to be status: Complete before checking resource presence + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete)) + require.NoError(t, err) + + require.Equal(t, v1alpha1.InstallPlanPhaseComplete, fetchedInstallPlan.Status.Phase) + + // Fetch installplan again to check for unnecessary control loops + fetchedInstallPlan, err = fetchInstallPlan(t, crc, fetchedInstallPlan.GetName(), func(fip *v1alpha1.InstallPlan) bool { + compareResources(t, fetchedInstallPlan, fip) + return true + }) + require.NoError(t, err) + + // Verify CSV is created + _, err = awaitCSV(t, crc, testNamespace, mainCSV.GetName(), csvAnyChecker) + require.NoError(t, err) + + // Get the CRD to see if it is updated + fetchedCRD, err := c.ApiextensionsV1beta1Interface().ApiextensionsV1beta1().CustomResourceDefinitions().Get(crdName, metav1.GetOptions{}) + require.NoError(t, err) + require.Equal(t, len(fetchedCRD.Spec.Versions), len(mainCRD.Spec.Versions), "The CRD versions counts don't match") + + fetchedCRDVersions := map[v1beta1.CustomResourceDefinitionVersion]struct{}{} + for _, version := range fetchedCRD.Spec.Versions { + key := v1beta1.CustomResourceDefinitionVersion{ + Name: version.Name, + Served: version.Served, + Storage: version.Storage, + } + fetchedCRDVersions[key] = struct{}{} + } + + for _, version := range mainCRD.Spec.Versions { + key := v1beta1.CustomResourceDefinitionVersion{ + Name: version.Name, + Served: version.Served, + Storage: version.Storage, + } + _, ok := fetchedCRDVersions[key] + require.True(t, ok, "couldn't find %v in fetched CRD versions: %#v", key, fetchedCRDVersions) + } + }) +} + +// TestCreateInstallPlanWithPermissions creates an InstallPlan with a CSV containing a set of permissions to be resolved. +func TestCreateInstallPlanWithPermissions(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + packageName := genName("nginx") + stableChannel := "stable" + stableCSVName := packageName + "-stable" + + // Create manifests + manifests := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + { + Name: stableChannel, + CurrentCSVName: stableCSVName, + }, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create new CRDs + crdPlural := genName("ins") + crd := newCRD(crdPlural) + + // Generate permissions + serviceAccountName := genName("nginx-sa") + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: serviceAccountName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{rbac.VerbAll}, + APIGroups: []string{"cluster.com"}, + Resources: []string{crdPlural}, + }, + }, + }, + } + // Generate permissions + clusterPermissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: serviceAccountName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{rbac.VerbAll}, + APIGroups: []string{"cluster.com"}, + Resources: []string{crdPlural}, + }, + }, + }, + } + + // Create a new NamedInstallStrategy + namedStrategy := newNginxInstallStrategy(genName("dep-"), permissions, clusterPermissions) + + // Create new CSVs + stableCSV := newCSV(stableCSVName, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + + // Create CatalogSource + mainCatalogSourceName := genName("nginx-catalog") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, mainCatalogSourceName, testNamespace, manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{stableCSV}) + defer cleanupCatalogSource() + + // Attempt to get CatalogSource + _, err := fetchCatalogSource(t, crc, mainCatalogSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + subscriptionName := genName("sub-nginx-") + subscriptionCleanup := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogSourceName, packageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlanName := subscription.Status.Install.Name + + // Attempt to get InstallPlan + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseFailed, v1alpha1.InstallPlanPhaseComplete)) + require.NoError(t, err) + require.NotEqual(t, v1alpha1.InstallPlanPhaseFailed, fetchedInstallPlan.Status.Phase, "InstallPlan failed") + + // Expect correct RBAC resources to be resolved and created + expectedSteps := map[registry.ResourceKey]struct{}{ + registry.ResourceKey{Name: crd.Name, Kind: "CustomResourceDefinition"}: {}, + registry.ResourceKey{Name: stableCSVName, Kind: "ClusterServiceVersion"}: {}, + registry.ResourceKey{Name: serviceAccountName, Kind: "ServiceAccount"}: {}, + registry.ResourceKey{Name: stableCSVName, Kind: "Role"}: {}, + registry.ResourceKey{Name: stableCSVName, Kind: "RoleBinding"}: {}, + registry.ResourceKey{Name: stableCSVName, Kind: "ClusterRole"}: {}, + registry.ResourceKey{Name: stableCSVName, Kind: "ClusterRoleBinding"}: {}, + } + + require.Equal(t, len(expectedSteps), len(fetchedInstallPlan.Status.Plan), "number of expected steps does not match installed") + + for _, step := range fetchedInstallPlan.Status.Plan { + key := registry.ResourceKey{ + Name: step.Resource.Name, + Kind: step.Resource.Kind, + } + for expected := range expectedSteps { + if expected == key { + delete(expectedSteps, expected) + } else if strings.HasPrefix(key.Name, expected.Name) && key.Kind == expected.Kind { + delete(expectedSteps, expected) + } else { + t.Logf("%v, %v: %v && %v", key, expected, strings.HasPrefix(key.Name, expected.Name), key.Kind == expected.Kind) + } + } + + // This operator was installed into a global operator group, so the roles should have been lifted to clusterroles + if step.Resource.Kind == "Role" { + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + _, err = c.GetClusterRole(step.Resource.Name) + if err != nil { + if k8serrors.IsNotFound(err) { + return false, nil + } + return false, err + } + return true, nil + }) + } + if step.Resource.Kind == "RoleBinding" { + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + _, err = c.GetClusterRoleBinding(step.Resource.Name) + if err != nil { + if k8serrors.IsNotFound(err) { + return false, nil + } + return false, err + } + return true, nil + }) + } + } + + // Should have removed every matching step + require.Equal(t, 0, len(expectedSteps), "Actual resource steps do not match expected: %#v", expectedSteps) +} + +func TestInstallPlanCRDValidation(t *testing.T) { + // Tests if CRD validation works with the "minimum" property after being + // pulled from a CatalogSource's operator-registry. + defer cleaner.NotifyTestComplete(t, true) + + crdPlural := genName("ins") + crdName := crdPlural + ".cluster.com" + var min float64 = 2 + var max float64 = 256 + + // Create CRD with offending property + crd := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + Validation: &apiextensions.CustomResourceValidation{ + OpenAPIV3Schema: &apiextensions.JSONSchemaProps{ + Properties: map[string]apiextensions.JSONSchemaProps{ + "spec": { + Type: "object", + Description: "Spec of a test object.", + Properties: map[string]apiextensions.JSONSchemaProps{ + "scalar": { + Type: "number", + Description: "Scalar value that should have a min and max.", + Minimum: &min, + Maximum: &max, + }, + }, + }, + }, + }, + }, + }, + } + + // Create CSV + packageName := genName("nginx-") + stableChannel := "stable" + packageNameStable := packageName + "-" + stableChannel + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + csv := newCSV(packageNameStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + + // Create PackageManifests + manifests := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: packageNameStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the CatalogSource + c := newKubeClient(t) + crc := newCRClient(t) + catalogSourceName := genName("mock-nginx-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, catalogSourceName, testNamespace, manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csv}) + defer cleanupCatalogSource() + + // Attempt to get the catalog source before creating install plan + _, err := fetchCatalogSource(t, crc, catalogSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + subscriptionName := genName("sub-nginx-") + cleanupSubscription := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, catalogSourceName, packageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer cleanupSubscription() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlanName := subscription.Status.InstallPlanRef.Name + + // Wait for InstallPlan to be status: Complete before checking resource presence + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseComplete, v1alpha1.InstallPlanPhaseFailed)) + require.NoError(t, err) + t.Logf("Install plan %s fetched with status %s", fetchedInstallPlan.GetName(), fetchedInstallPlan.Status.Phase) + + require.Equal(t, v1alpha1.InstallPlanPhaseComplete, fetchedInstallPlan.Status.Phase) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/metrics_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/metrics_e2e_test.go new file mode 100644 index 000000000..6abe87a41 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/metrics_e2e_test.go @@ -0,0 +1,78 @@ +// +build !bare + +package e2e + +import ( + "testing" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + log "github.com/sirupsen/logrus" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/net" +) + +// TestMetrics tests the metrics endpoint of the OLM pod. +func TestMetricsEndpoint(t *testing.T) { + c := newKubeClient(t) + + listOptions := metav1.ListOptions{LabelSelector: "app=olm-operator"} + podList, err := c.KubernetesInterface().CoreV1().Pods(operatorNamespace).List(listOptions) + if err != nil { + log.Infof("Error %v\n", err) + t.Fatalf("Listing pods failed: %v\n", err) + } + if len(podList.Items) > 1 { + t.Fatalf("Expected only 1 olm-operator pod, got %v", len(podList.Items)) + } + + podName := podList.Items[0].GetName() + log.Infof("Looking at pod %v in namespace %v", podName, operatorNamespace) + + rawOutput, err := getMetricsFromPod(t, c, podName, operatorNamespace, "8081") + if err != nil { + t.Fatalf("Metrics test failed: %v\n", err) + } + + log.Debugf("Metrics:\n%v", rawOutput) +} + +func getMetricsFromPod(t *testing.T, client operatorclient.ClientInterface, podName string, namespace string, port string) (string, error) { + olmPod, err := client.KubernetesInterface().CoreV1().Pods(namespace).Get(podName, metav1.GetOptions{}) + if err != nil { + return "", err + } + if len(olmPod.Spec.Containers) != 1 { + t.Fatalf("Expected only 1 container in olm-operator pod, got %v", len(olmPod.Spec.Containers)) + } + + var foundCert bool + var foundKey bool + // assuming -tls-cert and -tls-key aren't used anywhere else as a parameter value + for _, param := range olmPod.Spec.Containers[0].Args { + if param == "-tls-cert" { + foundCert = true + } else if param == "-tls-key" { + foundKey = true + } + } + + var scheme string + if foundCert && foundKey { + scheme = "https" + } else { + scheme = "http" + } + log.Infof("Retrieving metrics using scheme %v\n", scheme) + + rawOutput, err := client.KubernetesInterface().CoreV1().RESTClient().Get(). + Namespace(namespace). + Resource("pods"). + SubResource("proxy"). + Name(net.JoinSchemeNamePort(scheme, podName, port)). + Suffix("metrics"). + Do().Raw() + if err != nil { + return "", err + } + return string(rawOutput), nil +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/operator_groups_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/operator_groups_e2e_test.go new file mode 100644 index 000000000..25f050b2b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/operator_groups_e2e_test.go @@ -0,0 +1,1615 @@ +package e2e + +import ( + "encoding/json" + "fmt" + "strings" + "testing" + "time" + + "github.com/blang/semver" + "github.com/stretchr/testify/require" + authorizationv1 "k8s.io/api/authorization/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" + "k8s.io/apimachinery/pkg/api/errors" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/informers" + "k8s.io/client-go/tools/cache" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/ownerutil" +) + +func checkOperatorGroupAnnotations(obj metav1.Object, op *v1.OperatorGroup, checkTargetNamespaces bool, targetNamespaces string) error { + if checkTargetNamespaces { + if annotation, ok := obj.GetAnnotations()[v1.OperatorGroupTargetsAnnotationKey]; !ok || annotation != targetNamespaces { + return fmt.Errorf("missing targetNamespaces annotation on %v", obj.GetName()) + } + } else { + if _, found := obj.GetAnnotations()[v1.OperatorGroupTargetsAnnotationKey]; found { + return fmt.Errorf("targetNamespaces annotation unexpectedly found on %v", obj.GetName()) + } + } + + if annotation, ok := obj.GetAnnotations()[v1.OperatorGroupNamespaceAnnotationKey]; !ok || annotation != op.GetNamespace() { + return fmt.Errorf("missing operatorNamespace on %v", obj.GetName()) + } + if annotation, ok := obj.GetAnnotations()[v1.OperatorGroupAnnotationKey]; !ok || annotation != op.GetName() { + return fmt.Errorf("missing operatorGroup annotation on %v", obj.GetName()) + } + + return nil +} + +func newOperatorGroup(namespace, name string, annotations map[string]string, selector *metav1.LabelSelector, targetNamespaces []string, static bool) *v1.OperatorGroup { + return &v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + Annotations: annotations, + }, + Spec: v1.OperatorGroupSpec{ + TargetNamespaces: targetNamespaces, + Selector: selector, + StaticProvidedAPIs: static, + }, + } +} + +func TestOperatorGroup(t *testing.T) { + // Create namespace with specific label + // Create CRD + // Create CSV in operator namespace + // Create operator group that watches namespace and uses specific label + // Verify operator group status contains correct status + // Verify csv in target namespace exists, has copied status, has annotations + // Verify deployments have correct namespace annotation + // (Verify that the operator can operate in the target namespace) + // Update CSV to support no InstallModes + // Verify the CSV transitions to FAILED + // Verify the copied CSV transitions to FAILED + // Delete CSV + // Verify copied CVS is deleted + defer cleaner.NotifyTestComplete(t, true) + + log := func(s string) { + t.Logf("%s: %s", time.Now().Format("15:04:05.9999"), s) + } + + c := newKubeClient(t) + crc := newCRClient(t) + csvName := genName("another-csv-") // must be lowercase for DNS-1123 validation + + opGroupNamespace := genName(testNamespace + "-") + matchingLabel := map[string]string{"inGroup": opGroupNamespace} + otherNamespaceName := genName(opGroupNamespace + "-") + bothNamespaceNames := opGroupNamespace + "," + otherNamespaceName + + _, err := c.KubernetesInterface().CoreV1().Namespaces().Create(&corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: opGroupNamespace, + Labels: matchingLabel, + }, + }) + require.NoError(t, err) + defer func() { + err = c.KubernetesInterface().CoreV1().Namespaces().Delete(opGroupNamespace, &metav1.DeleteOptions{}) + require.NoError(t, err) + }() + + otherNamespace := corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: otherNamespaceName, + Labels: matchingLabel, + }, + } + createdOtherNamespace, err := c.KubernetesInterface().CoreV1().Namespaces().Create(&otherNamespace) + require.NoError(t, err) + defer func() { + err = c.KubernetesInterface().CoreV1().Namespaces().Delete(otherNamespaceName, &metav1.DeleteOptions{}) + require.NoError(t, err) + }() + + log("Creating CRD") + mainCRDPlural := genName("opgroup") + mainCRD := newCRD(mainCRDPlural) + cleanupCRD, err := createCRD(c, mainCRD) + require.NoError(t, err) + defer cleanupCRD() + + log("Creating operator group") + operatorGroup := v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: genName("e2e-operator-group-"), + Namespace: opGroupNamespace, + }, + Spec: v1.OperatorGroupSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: matchingLabel, + }, + }, + } + _, err = crc.OperatorsV1().OperatorGroups(opGroupNamespace).Create(&operatorGroup) + require.NoError(t, err) + expectedOperatorGroupStatus := v1.OperatorGroupStatus{ + Namespaces: []string{opGroupNamespace, createdOtherNamespace.GetName()}, + } + + log("Waiting on operator group to have correct status") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, fetchErr := crc.OperatorsV1().OperatorGroups(opGroupNamespace).Get(operatorGroup.Name, metav1.GetOptions{}) + if fetchErr != nil { + return false, fetchErr + } + if len(fetched.Status.Namespaces) > 0 { + require.ElementsMatch(t, expectedOperatorGroupStatus.Namespaces, fetched.Status.Namespaces, "have %#v", fetched.Status.Namespaces) + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + log("Creating CSV") + + // Generate permissions + serviceAccountName := genName("nginx-sa") + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: serviceAccountName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{rbacv1.VerbAll}, + APIGroups: []string{mainCRD.Spec.Group}, + Resources: []string{mainCRDPlural}, + }, + }, + }, + } + + // Create a new NamedInstallStrategy + deploymentName := genName("operator-deployment") + namedStrategy := newNginxInstallStrategy(deploymentName, permissions, nil) + + aCSV := newCSV(csvName, opGroupNamespace, "", semver.MustParse("0.0.0"), []apiextensions.CustomResourceDefinition{mainCRD}, nil, namedStrategy) + createdCSV, err := crc.OperatorsV1alpha1().ClusterServiceVersions(opGroupNamespace).Create(&aCSV) + require.NoError(t, err) + + serviceAccount := &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: opGroupNamespace, + Name: serviceAccountName, + }, + } + ownerutil.AddNonBlockingOwner(serviceAccount, createdCSV) + err = ownerutil.AddOwnerLabels(serviceAccount, createdCSV) + require.NoError(t, err) + + role := &rbacv1.Role{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: opGroupNamespace, + Name: serviceAccountName + "-role", + }, + Rules: permissions[0].Rules, + } + ownerutil.AddNonBlockingOwner(role, createdCSV) + err = ownerutil.AddOwnerLabels(role, createdCSV) + require.NoError(t, err) + + roleBinding := &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: opGroupNamespace, + Name: serviceAccountName + "-rb", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + Name: serviceAccountName, + Namespace: opGroupNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + Kind: "Role", + Name: role.GetName(), + }, + } + ownerutil.AddNonBlockingOwner(roleBinding, createdCSV) + err = ownerutil.AddOwnerLabels(roleBinding, createdCSV) + require.NoError(t, err) + + _, err = c.CreateServiceAccount(serviceAccount) + require.NoError(t, err) + _, err = c.CreateRole(role) + require.NoError(t, err) + _, err = c.CreateRoleBinding(roleBinding) + require.NoError(t, err) + + log("wait for CSV to succeed") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, err := crc.OperatorsV1alpha1().ClusterServiceVersions(opGroupNamespace).Get(createdCSV.GetName(), metav1.GetOptions{}) + if err != nil { + return false, err + } + log(fmt.Sprintf("%s (%s): %s", fetched.Status.Phase, fetched.Status.Reason, fetched.Status.Message)) + return csvSucceededChecker(fetched), nil + }) + require.NoError(t, err) + + log("Waiting for operator namespace csv to have annotations") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedCSV, fetchErr := crc.OperatorsV1alpha1().ClusterServiceVersions(opGroupNamespace).Get(csvName, metav1.GetOptions{}) + if fetchErr != nil { + if errors.IsNotFound(fetchErr) { + return false, nil + } + log(fmt.Sprintf("Error (in %v): %v", testNamespace, fetchErr.Error())) + return false, fetchErr + } + if checkOperatorGroupAnnotations(fetchedCSV, &operatorGroup, true, bothNamespaceNames) == nil { + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + log("Waiting for target namespace csv to have annotations (but not target namespaces)") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedCSV, fetchErr := crc.OperatorsV1alpha1().ClusterServiceVersions(otherNamespaceName).Get(csvName, metav1.GetOptions{}) + if fetchErr != nil { + if errors.IsNotFound(fetchErr) { + return false, nil + } + log(fmt.Sprintf("Error (in %v): %v", otherNamespaceName, fetchErr.Error())) + return false, fetchErr + } + if checkOperatorGroupAnnotations(fetchedCSV, &operatorGroup, false, "") == nil { + return true, nil + } + + return false, nil + }) + + log("Checking status on csv in target namespace") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedCSV, fetchErr := crc.OperatorsV1alpha1().ClusterServiceVersions(otherNamespaceName).Get(csvName, metav1.GetOptions{}) + if fetchErr != nil { + if errors.IsNotFound(fetchErr) { + return false, nil + } + t.Logf("Error (in %v): %v", otherNamespaceName, fetchErr.Error()) + return false, fetchErr + } + if fetchedCSV.Status.Reason == v1alpha1.CSVReasonCopied { + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + log("Waiting on deployment to have correct annotations") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + createdDeployment, err := c.GetDeployment(opGroupNamespace, deploymentName) + if err != nil { + if errors.IsNotFound(err) { + return false, nil + } + return false, err + } + if checkOperatorGroupAnnotations(&createdDeployment.Spec.Template, &operatorGroup, true, bothNamespaceNames) == nil { + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + // check rbac in target namespace + informerFactory := informers.NewSharedInformerFactory(c.KubernetesInterface(), 1*time.Second) + roleInformer := informerFactory.Rbac().V1().Roles() + roleBindingInformer := informerFactory.Rbac().V1().RoleBindings() + clusterRoleInformer := informerFactory.Rbac().V1().ClusterRoles() + clusterRoleBindingInformer := informerFactory.Rbac().V1().ClusterRoleBindings() + + // kick off informers + stopCh := make(chan struct{}) + defer func() { + stopCh <- struct{}{} + return + }() + + for _, informer := range []cache.SharedIndexInformer{roleInformer.Informer(), roleBindingInformer.Informer(), clusterRoleInformer.Informer(), clusterRoleBindingInformer.Informer()} { + go informer.Run(stopCh) + + synced := func() (bool, error) { + return informer.HasSynced(), nil + } + + // wait until the informer has synced to continue + err := wait.PollUntil(500*time.Millisecond, synced, stopCh) + require.NoError(t, err) + } + + ruleChecker := install.NewCSVRuleChecker(roleInformer.Lister(), roleBindingInformer.Lister(), clusterRoleInformer.Lister(), clusterRoleBindingInformer.Lister(), &aCSV) + + log("Waiting for operator to have rbac in target namespace") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + for _, perm := range permissions { + sa, err := c.GetServiceAccount(opGroupNamespace, perm.ServiceAccountName) + require.NoError(t, err) + for _, rule := range perm.Rules { + satisfied, err := ruleChecker.RuleSatisfied(sa, otherNamespaceName, rule) + if err != nil { + t.Log(err.Error()) + return false, nil + } + if !satisfied { + return false, nil + } + } + } + return true, nil + }) + + // validate provided API clusterroles for the operatorgroup + adminRole, err := c.KubernetesInterface().RbacV1().ClusterRoles().Get(operatorGroup.Name+"-admin", metav1.GetOptions{}) + require.NoError(t, err) + adminPolicyRules := []rbacv1.PolicyRule{ + {Verbs: []string{"*"}, APIGroups: []string{mainCRD.Spec.Group}, Resources: []string{mainCRDPlural}}, + } + require.Equal(t, adminPolicyRules, adminRole.Rules) + + editRole, err := c.KubernetesInterface().RbacV1().ClusterRoles().Get(operatorGroup.Name+"-edit", metav1.GetOptions{}) + require.NoError(t, err) + editPolicyRules := []rbacv1.PolicyRule{ + {Verbs: []string{"create", "update", "patch", "delete"}, APIGroups: []string{mainCRD.Spec.Group}, Resources: []string{mainCRDPlural}}, + } + require.Equal(t, editPolicyRules, editRole.Rules) + + viewRole, err := c.KubernetesInterface().RbacV1().ClusterRoles().Get(operatorGroup.Name+"-view", metav1.GetOptions{}) + require.NoError(t, err) + viewPolicyRules := []rbacv1.PolicyRule{ + {Verbs: []string{"get"}, APIGroups: []string{"apiextensions.k8s.io"}, Resources: []string{"customresourcedefinitions"}, ResourceNames: []string{mainCRD.Name}}, + {Verbs: []string{"get", "list", "watch"}, APIGroups: []string{mainCRD.Spec.Group}, Resources: []string{mainCRDPlural}}, + } + require.Equal(t, viewPolicyRules, viewRole.Rules) + + // Unsupport all InstallModes + log("unsupporting all csv installmodes") + fetchedCSV, err := crc.OperatorsV1alpha1().ClusterServiceVersions(opGroupNamespace).Get(csvName, metav1.GetOptions{}) + require.NoError(t, err, "could not fetch csv") + fetchedCSV.Spec.InstallModes = []v1alpha1.InstallMode{} + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(fetchedCSV.GetNamespace()).Update(fetchedCSV) + require.NoError(t, err, "could not update csv installmodes") + + // Ensure CSV fails + _, err = fetchCSV(t, crc, csvName, opGroupNamespace, csvFailedChecker) + require.NoError(t, err, "csv did not transition to failed as expected") + + // ensure deletion cleans up copied CSV + log("deleting parent csv") + err = crc.OperatorsV1alpha1().ClusterServiceVersions(opGroupNamespace).Delete(csvName, &metav1.DeleteOptions{}) + require.NoError(t, err) + + log("waiting for orphaned csv to be deleted") + err = waitForDelete(func() error { + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(otherNamespaceName).Get(csvName, metav1.GetOptions{}) + return err + }) + require.NoError(t, err) + + err = crc.OperatorsV1().OperatorGroups(opGroupNamespace).Delete(operatorGroup.Name, &metav1.DeleteOptions{}) + require.NoError(t, err) + t.Log("Waiting for OperatorGroup RBAC to be garbage collected") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + _, err := c.KubernetesInterface().RbacV1().ClusterRoles().Get(operatorGroup.Name+"-admin", metav1.GetOptions{}) + if err == nil { + return false, nil + } + return true, err + }) + require.True(t, errors.IsNotFound(err)) + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + _, err := c.KubernetesInterface().RbacV1().ClusterRoles().Get(operatorGroup.Name+"-edit", metav1.GetOptions{}) + if err == nil { + return false, nil + } + return true, err + }) + require.True(t, errors.IsNotFound(err)) + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + _, err := c.KubernetesInterface().RbacV1().ClusterRoles().Get(operatorGroup.Name+"-view", metav1.GetOptions{}) + if err == nil { + return false, nil + } + return true, err + }) + require.True(t, errors.IsNotFound(err)) +} + +func createProjectAdmin(t *testing.T, c operatorclient.ClientInterface, namespace string) (string, cleanupFunc) { + sa, err := c.CreateServiceAccount(&corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: genName("padmin-"), + }, + }) + require.NoError(t, err) + + rb, err := c.CreateRoleBinding(&rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: genName("padmin-"), + Namespace: namespace, + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + Name: sa.GetName(), + Namespace: sa.GetNamespace(), + }, + }, + RoleRef: rbacv1.RoleRef{ + APIGroup: "rbac.authorization.k8s.io", + Kind: "ClusterRole", + Name: "admin", + }, + }) + require.NoError(t, err) + // kubectl -n a8v4sw auth can-i create alp999.cluster.com --as system:serviceaccount:a8v4sw:padmin-xqdfz + return "system:serviceaccount:" + namespace + ":" + sa.GetName(), func() { + _ = c.DeleteServiceAccount(sa.GetNamespace(), sa.GetName(), metav1.NewDeleteOptions(0)) + _ = c.DeleteRoleBinding(rb.GetNamespace(), rb.GetName(), metav1.NewDeleteOptions(0)) + } +} + +func TestOperatorGroupRoleAggregation(t *testing.T) { + // Generate namespaceA + // Generate operatorGroupA - OwnNamespace + // Generate csvA in namespaceA with all installmodes supported + // Create crd so csv succeeds + // Ensure clusterroles created and aggregated for access provided APIs + + defer cleaner.NotifyTestComplete(t, true) + + // Generate namespaceA + nsA := genName("a") + c := newKubeClient(t) + for _, ns := range []string{nsA} { + namespace := &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: ns, + }, + } + _, err := c.KubernetesInterface().CoreV1().Namespaces().Create(namespace) + require.NoError(t, err) + defer func(name string) { + require.NoError(t, c.KubernetesInterface().CoreV1().Namespaces().Delete(name, &metav1.DeleteOptions{})) + }(ns) + } + + // Generate operatorGroupA - OwnNamespace + crc := newCRClient(t) + groupA := newOperatorGroup(nsA, genName("a"), nil, nil, []string{nsA}, false) + _, err := crc.OperatorsV1().OperatorGroups(nsA).Create(groupA) + require.NoError(t, err) + defer func() { + require.NoError(t, crc.OperatorsV1().OperatorGroups(nsA).Delete(groupA.GetName(), &metav1.DeleteOptions{})) + }() + + // Generate csvA in namespaceA with all installmodes supported + crd := newCRD(genName("a")) + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + csvA := newCSV("nginx-a", nsA, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Create(&csvA) + require.NoError(t, err) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Delete(csvA.GetName(), &metav1.DeleteOptions{})) + }() + + // Create crd so csv succeeds + cleanupCRD, err := createCRD(c, crd) + require.NoError(t, err) + defer cleanupCRD() + + _, err = fetchCSV(t, crc, csvA.GetName(), nsA, csvSucceededChecker) + require.NoError(t, err) + + // Create a csv for an apiserver + depName := genName("hat-server") + mockGroup := fmt.Sprintf("hats.%s.redhat.com", genName("")) + version := "v1alpha1" + mockGroupVersion := strings.Join([]string{mockGroup, version}, "/") + mockKinds := []string{"fez", "fedora"} + mockNames := []string{"fezs", "fedoras"} + depSpec := newMockExtServerDeployment(depName, mockGroupVersion, mockKinds) + strategy := install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: depName, + Spec: depSpec, + }, + }, + } + strategyRaw, err := json.Marshal(strategy) + owned := make([]v1alpha1.APIServiceDescription, len(mockKinds)) + for i, kind := range mockKinds { + owned[i] = v1alpha1.APIServiceDescription{ + Name: mockNames[i], + Group: mockGroup, + Version: version, + Kind: kind, + DeploymentName: depName, + ContainerPort: int32(5443), + DisplayName: kind, + Description: fmt.Sprintf("A %s", kind), + } + } + + csvB := v1alpha1.ClusterServiceVersion{ + Spec: v1alpha1.ClusterServiceVersionSpec{ + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + }, + APIServiceDefinitions: v1alpha1.APIServiceDefinitions{ + Owned: owned, + }, + }, + } + csvB.SetName(depName) + + // Create the APIService CSV + cleanupCSV, err := createCSV(t, c, crc, csvB, nsA, false, true) + require.NoError(t, err) + defer cleanupCSV() + + _, err = fetchCSV(t, crc, csvB.GetName(), nsA, csvSucceededChecker) + require.NoError(t, err) + + // Ensure clusterroles created and aggregated for access provided APIs + padmin, cleanupPadmin := createProjectAdmin(t, c, nsA) + defer cleanupPadmin() + + // Check CRD access aggregated + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + res, err := c.KubernetesInterface().AuthorizationV1().SubjectAccessReviews().Create(&authorizationv1.SubjectAccessReview{ + Spec: authorizationv1.SubjectAccessReviewSpec{ + User: padmin, + ResourceAttributes: &authorizationv1.ResourceAttributes{ + Namespace: nsA, + Group: crd.Spec.Group, + Version: crd.Spec.Version, + Resource: crd.Spec.Names.Plural, + Verb: "create", + }, + }, + }) + if err != nil { + return false, err + } + if res == nil { + return false, nil + } + t.Log("checking padmin for permission") + return res.Status.Allowed, nil + }) + require.NoError(t, err) + + // Check apiserver access aggregated + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + res, err := c.KubernetesInterface().AuthorizationV1().SubjectAccessReviews().Create(&authorizationv1.SubjectAccessReview{ + Spec: authorizationv1.SubjectAccessReviewSpec{ + User: padmin, + ResourceAttributes: &authorizationv1.ResourceAttributes{ + Namespace: nsA, + Group: mockGroup, + Version: version, + Resource: mockNames[1], + Verb: "create", + }, + }, + }) + if err != nil { + return false, err + } + if res == nil { + return false, nil + } + t.Logf("checking padmin for permission: %#v", res) + return res.Status.Allowed, nil + }) + require.NoError(t, err) +} + +func TestOperatorGroupInstallModeSupport(t *testing.T) { + // Generate namespaceA + // Generate namespaceB + // Create operatorGroupA in namespaceA that selects namespaceA + // Generate csvA with an unfulfilled required CRD and no supported InstallModes in namespaceA + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + // Update csvA to have OwnNamespace supported=true + // Ensure csvA transitions to Succeeded + // Update operatorGroupA's target namespaces to select namespaceB + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + // Update csvA to have SingleNamespace supported=true + // Ensure csvA transitions to Pending + // Update operatorGroupA's target namespaces to select namespaceA and namespaceB + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + // Update csvA to have MultiNamespace supported=true + // Ensure csvA transitions to Pending + // Update operatorGroupA to select all namespaces + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + // Update csvA to have AllNamespaces supported=true + // Ensure csvA transitions to Pending + + defer cleaner.NotifyTestComplete(t, true) + + // Generate namespaceA and namespaceB + nsA := genName("a") + nsB := genName("b") + + c := newKubeClient(t) + for _, ns := range []string{nsA, nsB} { + namespace := &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: ns, + }, + } + _, err := c.KubernetesInterface().CoreV1().Namespaces().Create(namespace) + require.NoError(t, err) + defer func(name string) { + require.NoError(t, c.KubernetesInterface().CoreV1().Namespaces().Delete(name, &metav1.DeleteOptions{})) + }(ns) + } + + // Generate operatorGroupA + crc := newCRClient(t) + groupA := newOperatorGroup(nsA, genName("a"), nil, nil, []string{nsA}, false) + _, err := crc.OperatorsV1().OperatorGroups(nsA).Create(groupA) + require.NoError(t, err) + defer func() { + require.NoError(t, crc.OperatorsV1().OperatorGroups(nsA).Delete(groupA.GetName(), &metav1.DeleteOptions{})) + }() + + // Generate csvA in namespaceA with no supported InstallModes + crd := newCRD(genName("b")) + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + csv := newCSV("nginx-a", nsA, "", semver.MustParse("0.1.0"), nil, []apiextensions.CustomResourceDefinition{crd}, namedStrategy) + csvA := &csv + csvA.Spec.InstallModes = []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: false, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: false, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: false, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: false, + }, + } + csvA, err = crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Create(csvA) + require.NoError(t, err) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Delete(csvA.GetName(), &metav1.DeleteOptions{})) + }() + + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + failedWithUnsupportedOperatorGroup := func(csv *v1alpha1.ClusterServiceVersion) bool { + return csvFailedChecker(csv) && csv.Status.Reason == v1alpha1.CSVReasonUnsupportedOperatorGroup + } + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, failedWithUnsupportedOperatorGroup) + require.NoError(t, err) + + // Update csvA to have OwnNamespace supported=true + csvA.Spec.InstallModes = []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: false, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: false, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: false, + }, + } + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Update(csvA) + require.NoError(t, err) + + // Create crd so csv succeeds + cleanupCRD, err := createCRD(c, crd) + require.NoError(t, err) + defer cleanupCRD() + + // Ensure csvA transitions to Succeeded + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, csvSucceededChecker) + require.NoError(t, err) + + // Update operatorGroupA's target namespaces to select namespaceB + groupA, err = crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + groupA.Spec.TargetNamespaces = []string{nsB} + _, err = crc.OperatorsV1().OperatorGroups(nsA).Update(groupA) + require.NoError(t, err) + + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, failedWithUnsupportedOperatorGroup) + require.NoError(t, err) + + // Update csvA to have SingleNamespace supported=true + csvA.Spec.InstallModes = []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: false, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: false, + }, + } + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Update(csvA) + require.NoError(t, err) + + // Ensure csvA transitions to Succeeded + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, csvSucceededChecker) + require.NoError(t, err) + + // Update operatorGroupA's target namespaces to select namespaceA and namespaceB + groupA, err = crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + groupA.Spec.TargetNamespaces = []string{nsA, nsB} + _, err = crc.OperatorsV1().OperatorGroups(nsA).Update(groupA) + require.NoError(t, err) + + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, failedWithUnsupportedOperatorGroup) + require.NoError(t, err) + + // Update csvA to have MultiNamespace supported=true + csvA.Spec.InstallModes = []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: false, + }, + } + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Update(csvA) + require.NoError(t, err) + + // Ensure csvA transitions to Succeeded + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, csvSucceededChecker) + require.NoError(t, err) + + // Update operatorGroupA's target namespaces to select all namespaces + groupA, err = crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + groupA.Spec.TargetNamespaces = []string{} + _, err = crc.OperatorsV1().OperatorGroups(nsA).Update(groupA) + require.NoError(t, err) + + // Ensure csvA transitions to Failed with reason "UnsupportedOperatorGroup" + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, failedWithUnsupportedOperatorGroup) + require.NoError(t, err) + + // Update csvA to have AllNamespaces supported=true + csvA.Spec.InstallModes = []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + } + _, err = crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Update(csvA) + require.NoError(t, err) + + // Ensure csvA transitions to Pending + csvA, err = fetchCSV(t, crc, csvA.GetName(), nsA, csvSucceededChecker) + require.NoError(t, err) +} + +func TestOperatorGroupIntersection(t *testing.T) { + // Generate namespaceA + // Generate namespaceB + // Generate namespaceC + // Generate namespaceD + // Generate namespaceE + // Generate operatorGroupD in namespaceD that selects namespace D and E + // Generate csvD in namespaceD + // Wait for csvD to be successful + // Wait for csvD to have a CSV with copied status in namespace D + // Wait for operatorGroupD to have providedAPI annotation with crdD's Kind.version.group + // Generate operatorGroupA in namespaceA that selects AllNamespaces + // Generate csvD in namespaceA + // Wait for csvD to fail with status "InterOperatorGroupOwnerConflict" + // Ensure operatorGroupA's providedAPIs are empty + // Ensure csvD in namespaceD is still successful + // Generate csvA in namespaceA that owns crdA + // Wait for csvA to be successful + // Ensure clusterroles created and aggregated for accessing provided APIs + // Wait for operatorGroupA to have providedAPI annotation with crdA's Kind.version.group in its providedAPIs annotation + // Wait for csvA to have a CSV with copied status in namespace C + // Generate operatorGroupB in namespaceB that selects namespace C + // Generate csvB in namespaceB that owns crdA + // Wait for csvB to fail with status "InterOperatorGroupOwnerConflict" + // Delete csvA + // Wait for crdA's Kind.version.group to be removed from operatorGroupA's providedAPIs annotation + // Ensure csvA's deployments are deleted + // Wait for csvB to be successful + // Wait for operatorGroupB to have providedAPI annotation with crdB's Kind.version.group + // Wait for csvB to have a CSV with a copied status in namespace C + + defer cleaner.NotifyTestComplete(t, true) + + // Create a catalog for csvA, csvB, and csvD + pkgA := genName("a-") + pkgB := genName("b-") + pkgD := genName("d-") + pkgAStable := pkgA + "-stable" + pkgBStable := pkgB + "-stable" + pkgDStable := pkgD + "-stable" + stableChannel := "stable" + strategyA := newNginxInstallStrategy(pkgAStable, nil, nil) + strategyB := newNginxInstallStrategy(pkgBStable, nil, nil) + strategyD := newNginxInstallStrategy(pkgDStable, nil, nil) + crdA := newCRD(genName(pkgA)) + crdB := newCRD(genName(pkgB)) + crdD := newCRD(genName(pkgD)) + kvgA := fmt.Sprintf("%s.%s.%s", crdA.Spec.Names.Kind, crdA.Spec.Version, crdA.Spec.Group) + kvgB := fmt.Sprintf("%s.%s.%s", crdB.Spec.Names.Kind, crdB.Spec.Version, crdB.Spec.Group) + kvgD := fmt.Sprintf("%s.%s.%s", crdD.Spec.Names.Kind, crdD.Spec.Version, crdD.Spec.Group) + csvA := newCSV(pkgAStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crdA}, nil, strategyA) + csvB := newCSV(pkgBStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crdA, crdB}, nil, strategyB) + csvD := newCSV(pkgDStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crdD}, nil, strategyD) + + // Create namespaces + nsA, nsB, nsC, nsD, nsE := genName("a-"), genName("b-"), genName("c-"), genName("d-"), genName("e-") + c := newKubeClient(t) + crc := newCRClient(t) + for _, ns := range []string{nsA, nsB, nsC, nsD, nsE} { + namespace := &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: ns, + }, + } + _, err := c.KubernetesInterface().CoreV1().Namespaces().Create(namespace) + require.NoError(t, err) + defer func(name string) { + require.NoError(t, c.KubernetesInterface().CoreV1().Namespaces().Delete(name, &metav1.DeleteOptions{})) + }(ns) + } + + // Create the initial catalogsources + manifests := []registry.PackageManifest{ + { + PackageName: pkgA, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: pkgAStable}, + }, + DefaultChannelName: stableChannel, + }, + { + PackageName: pkgB, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: pkgBStable}, + }, + DefaultChannelName: stableChannel, + }, + { + PackageName: pkgD, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: pkgDStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + catalog := genName("catalog-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, catalog, nsA, manifests, []apiextensions.CustomResourceDefinition{crdA, crdD, crdB}, []v1alpha1.ClusterServiceVersion{csvA, csvB, csvD}) + defer cleanupCatalogSource() + _, err := fetchCatalogSource(t, crc, catalog, nsA, catalogSourceRegistryPodSynced) + require.NoError(t, err) + _, cleanupCatalogSource = createInternalCatalogSource(t, c, crc, catalog, nsB, manifests, []apiextensions.CustomResourceDefinition{crdA, crdD, crdB}, []v1alpha1.ClusterServiceVersion{csvA, csvB, csvD}) + defer cleanupCatalogSource() + _, err = fetchCatalogSource(t, crc, catalog, nsB, catalogSourceRegistryPodSynced) + require.NoError(t, err) + _, cleanupCatalogSource = createInternalCatalogSource(t, c, crc, catalog, nsD, manifests, []apiextensions.CustomResourceDefinition{crdA, crdD, crdB}, []v1alpha1.ClusterServiceVersion{csvA, csvB, csvD}) + defer cleanupCatalogSource() + _, err = fetchCatalogSource(t, crc, catalog, nsD, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Create operatorgroups + groupA := newOperatorGroup(nsA, genName("a-"), nil, nil, nil, false) + groupB := newOperatorGroup(nsB, genName("b-"), nil, nil, []string{nsC}, false) + groupD := newOperatorGroup(nsD, genName("d-"), nil, nil, []string{nsD, nsE}, false) + for _, group := range []*v1.OperatorGroup{groupA, groupB, groupD} { + _, err := crc.OperatorsV1().OperatorGroups(group.GetNamespace()).Create(group) + require.NoError(t, err) + defer func(namespace, name string) { + require.NoError(t, crc.OperatorsV1().OperatorGroups(namespace).Delete(name, &metav1.DeleteOptions{})) + }(group.GetNamespace(), group.GetName()) + } + + // Create subscription for csvD in namespaceD + subDName := genName("d-") + cleanupSubD := createSubscriptionForCatalog(t, crc, nsD, subDName, catalog, pkgD, stableChannel, pkgDStable, v1alpha1.ApprovalAutomatic) + defer cleanupSubD() + subD, err := fetchSubscription(t, crc, nsD, subDName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subD) + + // Await csvD's success + _, err = awaitCSV(t, crc, nsD, csvD.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Await csvD's copy in namespaceE + _, err = awaitCSV(t, crc, nsE, csvD.GetName(), csvCopiedChecker) + require.NoError(t, err) + + // Await annotation on groupD + q := func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsD).Get(groupD.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgD})) + + // Create subscription for csvD2 in namespaceA + subD2Name := genName("d2-") + cleanupSubD2 := createSubscriptionForCatalog(t, crc, nsA, subD2Name, catalog, pkgD, stableChannel, pkgDStable, v1alpha1.ApprovalAutomatic) + defer cleanupSubD2() + subD2, err := fetchSubscription(t, crc, nsA, subD2Name, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subD2) + + // Await csvD2's failure + csvD2, err := awaitCSV(t, crc, nsA, csvD.GetName(), csvFailedChecker) + require.NoError(t, err) + require.Equal(t, v1alpha1.CSVReasonInterOperatorGroupOwnerConflict, csvD2.Status.Reason) + + // Ensure groupA's annotations are blank + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{})) + + // Ensure csvD is still successful + _, err = awaitCSV(t, crc, nsD, csvD.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Create subscription for csvA in namespaceA + subAName := genName("a-") + cleanupSubA := createSubscriptionForCatalog(t, crc, nsA, subAName, catalog, pkgA, stableChannel, pkgAStable, v1alpha1.ApprovalAutomatic) + defer cleanupSubA() + subA, err := fetchSubscription(t, crc, nsA, subAName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subA) + + // Await csvA's success + _, err = awaitCSV(t, crc, nsA, csvA.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Ensure clusterroles created and aggregated for access provided APIs + padmin, cleanupPadmin := createProjectAdmin(t, c, nsA) + defer cleanupPadmin() + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + res, err := c.KubernetesInterface().AuthorizationV1().SubjectAccessReviews().Create(&authorizationv1.SubjectAccessReview{ + Spec: authorizationv1.SubjectAccessReviewSpec{ + User: padmin, + ResourceAttributes: &authorizationv1.ResourceAttributes{ + Namespace: nsA, + Group: crdA.Spec.Group, + Version: crdA.Spec.Version, + Resource: crdA.Spec.Names.Plural, + Verb: "create", + }, + }, + }) + if err != nil { + return false, err + } + if res == nil { + return false, nil + } + t.Log("checking padmin for permission") + return res.Status.Allowed, nil + }) + require.NoError(t, err) + + // Await annotation on groupA + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgA})) + + // Await csvA's copy in namespaceC + _, err = awaitCSV(t, crc, nsC, csvA.GetName(), csvCopiedChecker) + require.NoError(t, err) + + // Create subscription for csvB in namespaceB + subBName := genName("b-") + cleanupSubB := createSubscriptionForCatalog(t, crc, nsB, subBName, catalog, pkgB, stableChannel, pkgBStable, v1alpha1.ApprovalAutomatic) + defer cleanupSubB() + subB, err := fetchSubscription(t, crc, nsB, subBName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subB) + + // Await csvB's failure + fetchedB, err := awaitCSV(t, crc, nsB, csvB.GetName(), csvFailedChecker) + require.NoError(t, err) + require.Equal(t, v1alpha1.CSVReasonInterOperatorGroupOwnerConflict, fetchedB.Status.Reason) + + // Ensure no annotation on groupB + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsB).Get(groupB.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{})) + + // Delete csvA + require.NoError(t, crc.OperatorsV1alpha1().ClusterServiceVersions(nsA).Delete(csvA.GetName(), &metav1.DeleteOptions{})) + + // Ensure annotations are removed from groupA + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: ""})) + + // Ensure csvA's deployment is deleted + require.NoError(t, waitForDeploymentToDelete(t, c, pkgAStable)) + + // Await csvB's success + _, err = awaitCSV(t, crc, nsB, csvB.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Await csvB's copy in namespace C + _, err = awaitCSV(t, crc, nsC, csvB.GetName(), csvCopiedChecker) + require.NoError(t, err) + + // Ensure annotations exist on group B + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsB).Get(groupB.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: strings.Join([]string{kvgA, kvgB}, ",")})) +} + +func TestStaticProviderOperatorGroup(t *testing.T) { + // Generate namespaceA + // Generate namespaceB + // Generate namespaceC + // Generate namespaceD + // Create static operatorGroupA in namespaceA that targets namespaceD with providedAPIs annotation containing KindA.version.group + // Create operatorGroupB in namespaceB that targets all namespaces + // Create operatorGroupC in namespaceC that targets namespaceC + // Create csvA in namespaceB that provides KindA.version.group + // Wait for csvA in namespaceB to fail + // Ensure no providedAPI annotations on operatorGroupB + // Ensure providedAPI annotations are unchanged on operatorGroupA + // Create csvA in namespaceC + // Wait for csvA in namespaceC to succeed + // Ensure KindA.version.group providedAPI annotation on operatorGroupC + // Create csvB in namespaceB that provides KindB.version.group + // Wait for csvB to succeed + // Wait for csvB to be copied to namespaceA, namespaceC, and namespaceD + // Wait for KindB.version.group to exist in operatorGroupB's providedAPIs annotation + // Add namespaceD to operatorGroupC's targetNamespaces + // Wait for csvA in namespaceC to FAIL with status "InterOperatorGroupOwnerConflict" + // Wait for KindA.version.group providedAPI annotation to be removed from operatorGroupC's providedAPIs annotation + // Ensure KindA.version.group providedAPI annotation on operatorGroupA + + defer cleaner.NotifyTestComplete(t, true) + + // Create a catalog for csvA, csvB + pkgA := genName("a-") + pkgB := genName("b-") + pkgAStable := pkgA + "-stable" + pkgBStable := pkgB + "-stable" + stableChannel := "stable" + strategyA := newNginxInstallStrategy(pkgAStable, nil, nil) + strategyB := newNginxInstallStrategy(pkgBStable, nil, nil) + crdA := newCRD(genName(pkgA)) + crdB := newCRD(genName(pkgB)) + kvgA := fmt.Sprintf("%s.%s.%s", crdA.Spec.Names.Kind, crdA.Spec.Version, crdA.Spec.Group) + kvgB := fmt.Sprintf("%s.%s.%s", crdB.Spec.Names.Kind, crdB.Spec.Version, crdB.Spec.Group) + csvA := newCSV(pkgAStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crdA}, nil, strategyA) + csvB := newCSV(pkgBStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crdB}, nil, strategyB) + + // Create namespaces + nsA, nsB, nsC, nsD := genName("a-"), genName("b-"), genName("c-"), genName("d-") + c := newKubeClient(t) + crc := newCRClient(t) + for _, ns := range []string{nsA, nsB, nsC, nsD} { + namespace := &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: ns, + }, + } + _, err := c.KubernetesInterface().CoreV1().Namespaces().Create(namespace) + require.NoError(t, err) + defer func(name string) { + require.NoError(t, c.KubernetesInterface().CoreV1().Namespaces().Delete(name, &metav1.DeleteOptions{})) + }(ns) + } + + // Create the initial catalogsources + manifests := []registry.PackageManifest{ + { + PackageName: pkgA, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: pkgAStable}, + }, + DefaultChannelName: stableChannel, + }, + { + PackageName: pkgB, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: pkgBStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create catalog in namespaceB and namespaceC + catalog := genName("catalog-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, catalog, nsB, manifests, []apiextensions.CustomResourceDefinition{crdA, crdB}, []v1alpha1.ClusterServiceVersion{csvA, csvB}) + defer cleanupCatalogSource() + _, err := fetchCatalogSource(t, crc, catalog, nsB, catalogSourceRegistryPodSynced) + require.NoError(t, err) + _, cleanupCatalogSource = createInternalCatalogSource(t, c, crc, catalog, nsC, manifests, []apiextensions.CustomResourceDefinition{crdA, crdB}, []v1alpha1.ClusterServiceVersion{csvA, csvB}) + defer cleanupCatalogSource() + _, err = fetchCatalogSource(t, crc, catalog, nsC, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Create OperatorGroups + groupA := newOperatorGroup(nsA, genName("a-"), map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgA}, nil, []string{nsD}, true) + groupB := newOperatorGroup(nsB, genName("b-"), nil, nil, nil, false) + groupC := newOperatorGroup(nsC, genName("d-"), nil, nil, []string{nsC}, false) + for _, group := range []*v1.OperatorGroup{groupA, groupB, groupC} { + _, err := crc.OperatorsV1().OperatorGroups(group.GetNamespace()).Create(group) + require.NoError(t, err) + defer func(namespace, name string) { + require.NoError(t, crc.OperatorsV1().OperatorGroups(namespace).Delete(name, &metav1.DeleteOptions{})) + }(group.GetNamespace(), group.GetName()) + } + + // Create subscription for csvA in namespaceB + subAName := genName("a-") + cleanupSubA := createSubscriptionForCatalog(t, crc, nsB, subAName, catalog, pkgA, stableChannel, pkgAStable, v1alpha1.ApprovalAutomatic) + defer cleanupSubA() + subA, err := fetchSubscription(t, crc, nsB, subAName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subA) + + // Await csvA's failure + fetchedCSVA, err := awaitCSV(t, crc, nsB, csvA.GetName(), csvFailedChecker) + require.NoError(t, err) + require.Equal(t, v1alpha1.CSVReasonInterOperatorGroupOwnerConflict, fetchedCSVA.Status.Reason) + + // Ensure operatorGroupB doesn't have providedAPI annotation + q := func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsB).Get(groupB.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{})) + + // Ensure operatorGroupA still has KindA.version.group in its providedAPIs annotation + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgA})) + + // Create subscription for csvA in namespaceC + cleanupSubAC := createSubscriptionForCatalog(t, crc, nsC, subAName, catalog, pkgA, stableChannel, pkgAStable, v1alpha1.ApprovalAutomatic) + defer cleanupSubAC() + subAC, err := fetchSubscription(t, crc, nsC, subAName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subAC) + + // Await csvA's success + _, err = awaitCSV(t, crc, nsC, csvA.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Ensure operatorGroupC has KindA.version.group in its providedAPIs annotation + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsC).Get(groupC.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgA})) + + // Ensure operatorGroupA still has KindA.version.group in its providedAPIs annotation + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgA})) + + // Create subscription for csvB in namespaceB + subBName := genName("b-") + cleanupSubB := createSubscriptionForCatalog(t, crc, nsB, subBName, catalog, pkgB, stableChannel, pkgBStable, v1alpha1.ApprovalAutomatic) + defer cleanupSubB() + subB, err := fetchSubscription(t, crc, nsB, subBName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subB) + + // Await csvB's success + _, err = awaitCSV(t, crc, nsB, csvB.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Await copied csvBs + _, err = awaitCSV(t, crc, nsA, csvB.GetName(), csvCopiedChecker) + require.NoError(t, err) + _, err = awaitCSV(t, crc, nsC, csvB.GetName(), csvCopiedChecker) + require.NoError(t, err) + _, err = awaitCSV(t, crc, nsD, csvB.GetName(), csvCopiedChecker) + require.NoError(t, err) + + // Ensure operatorGroupB has KindB.version.group in its providedAPIs annotation + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsB).Get(groupB.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgB})) + + // Ensure operatorGroupA still has KindA.version.group in its providedAPIs annotation + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgA})) + + // Add namespaceD to operatorGroupC's targetNamespaces + groupC, err = crc.OperatorsV1().OperatorGroups(groupC.GetNamespace()).Get(groupC.GetName(), metav1.GetOptions{}) + require.NoError(t, err) + groupC.Spec.TargetNamespaces = []string{nsC, nsD} + _, err = crc.OperatorsV1().OperatorGroups(groupC.GetNamespace()).Update(groupC) + require.NoError(t, err) + + // Wait for csvA in namespaceC to fail with status "InterOperatorGroupOwnerConflict" + fetchedCSVA, err = awaitCSV(t, crc, nsC, csvA.GetName(), csvFailedChecker) + require.NoError(t, err) + require.Equal(t, v1alpha1.CSVReasonInterOperatorGroupOwnerConflict, fetchedCSVA.Status.Reason) + + // Wait for crdA's providedAPIs to be removed from operatorGroupC's providedAPIs annotation + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsC).Get(groupC.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: ""})) + + // Ensure operatorGroupA still has KindA.version.group in its providedAPIs annotation + q = func() (metav1.ObjectMeta, error) { + g, err := crc.OperatorsV1().OperatorGroups(nsA).Get(groupA.GetName(), metav1.GetOptions{}) + return g.ObjectMeta, err + } + require.NoError(t, awaitAnnotations(t, q, map[string]string{v1.OperatorGroupProvidedAPIsAnnotationKey: kvgA})) +} + +// TODO: Test OperatorGroup resizing collisions +// TODO: Test Subscriptions with depedencies and transitive dependencies in intersecting OperatorGroups +// TODO: Test Subscription upgrade paths with + and - providedAPIs +func TestCSVCopyWatchingAllNamespaces(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + c := newKubeClient(t) + crc := newCRClient(t) + csvName := genName("another-csv-") // must be lowercase for DNS-1123 validation + + opGroupNamespace := testNamespace + matchingLabel := map[string]string{"inGroup": opGroupNamespace} + otherNamespaceName := genName(opGroupNamespace + "-") + + t.Log("Creating CRD") + mainCRDPlural := genName("opgroup-") + mainCRD := newCRD(mainCRDPlural) + cleanupCRD, err := createCRD(c, mainCRD) + require.NoError(t, err) + defer cleanupCRD() + + t.Logf("Getting default operator group 'global-operators' installed via operatorgroup-default.yaml %v", opGroupNamespace) + operatorGroup, err := crc.OperatorsV1().OperatorGroups(opGroupNamespace).Get("global-operators", metav1.GetOptions{}) + require.NoError(t, err) + + expectedOperatorGroupStatus := v1.OperatorGroupStatus{ + Namespaces: []string{metav1.NamespaceAll}, + } + + t.Log("Waiting on operator group to have correct status") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, fetchErr := crc.OperatorsV1().OperatorGroups(opGroupNamespace).Get(operatorGroup.Name, metav1.GetOptions{}) + if fetchErr != nil { + return false, fetchErr + } + if len(fetched.Status.Namespaces) > 0 { + require.ElementsMatch(t, expectedOperatorGroupStatus.Namespaces, fetched.Status.Namespaces) + fmt.Println(fetched.Status.Namespaces) + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + t.Log("Creating CSV") + // Generate permissions + serviceAccountName := genName("nginx-sa") + permissions := []install.StrategyDeploymentPermissions{ + { + ServiceAccountName: serviceAccountName, + Rules: []rbacv1.PolicyRule{ + { + Verbs: []string{rbacv1.VerbAll}, + APIGroups: []string{mainCRD.Spec.Group}, + Resources: []string{mainCRDPlural}, + }, + }, + }, + } + + serviceAccount := &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: opGroupNamespace, + Name: serviceAccountName, + }, + } + role := &rbacv1.Role{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: opGroupNamespace, + Name: serviceAccountName + "-role", + }, + Rules: permissions[0].Rules, + } + roleBinding := &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: opGroupNamespace, + Name: serviceAccountName + "-rb", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + Name: serviceAccountName, + Namespace: opGroupNamespace, + }, + }, + RoleRef: rbacv1.RoleRef{ + Kind: "Role", + Name: role.GetName(), + }, + } + _, err = c.CreateServiceAccount(serviceAccount) + require.NoError(t, err) + defer func() { + c.DeleteServiceAccount(serviceAccount.GetNamespace(), serviceAccount.GetName(), metav1.NewDeleteOptions(0)) + }() + createdRole, err := c.CreateRole(role) + require.NoError(t, err) + defer func() { + c.DeleteRole(role.GetNamespace(), role.GetName(), metav1.NewDeleteOptions(0)) + }() + createdRoleBinding, err := c.CreateRoleBinding(roleBinding) + require.NoError(t, err) + defer func() { + c.DeleteRoleBinding(roleBinding.GetNamespace(), roleBinding.GetName(), metav1.NewDeleteOptions(0)) + }() + // Create a new NamedInstallStrategy + deploymentName := genName("operator-deployment") + namedStrategy := newNginxInstallStrategy(deploymentName, permissions, nil) + + aCSV := newCSV(csvName, opGroupNamespace, "", semver.MustParse("0.0.0"), []apiextensions.CustomResourceDefinition{mainCRD}, nil, namedStrategy) + aCSV.Labels = map[string]string{"label": t.Name()} + createdCSV, err := crc.OperatorsV1alpha1().ClusterServiceVersions(opGroupNamespace).Create(&aCSV) + require.NoError(t, err) + + err = ownerutil.AddOwnerLabels(createdRole, createdCSV) + require.NoError(t, err) + _, err = c.UpdateRole(createdRole) + require.NoError(t, err) + + err = ownerutil.AddOwnerLabels(createdRoleBinding, createdCSV) + require.NoError(t, err) + _, err = c.UpdateRoleBinding(createdRoleBinding) + require.NoError(t, err) + + t.Log("wait for CSV to succeed") + _, err = fetchCSV(t, crc, createdCSV.GetName(), opGroupNamespace, csvSucceededChecker) + require.NoError(t, err) + + t.Log("wait for roles to be promoted to clusterroles") + var fetchedRole *rbacv1.ClusterRole + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedRole, err = c.GetClusterRole(role.GetName()) + if err != nil { + if k8serrors.IsNotFound(err) { + return false, nil + } + return false, err + } + return true, nil + }) + require.EqualValues(t, append(role.Rules, rbacv1.PolicyRule{ + Verbs: []string{"get", "list", "watch"}, + APIGroups: []string{""}, + Resources: []string{"namespaces"}, + }), fetchedRole.Rules) + var fetchedRoleBinding *rbacv1.ClusterRoleBinding + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedRoleBinding, err = c.GetClusterRoleBinding(roleBinding.GetName()) + if err != nil { + if k8serrors.IsNotFound(err) { + return false, nil + } + return false, err + } + return true, nil + }) + require.EqualValues(t, roleBinding.Subjects, fetchedRoleBinding.Subjects) + require.EqualValues(t, roleBinding.RoleRef.Name, fetchedRoleBinding.RoleRef.Name) + require.EqualValues(t, "rbac.authorization.k8s.io", fetchedRoleBinding.RoleRef.APIGroup) + require.EqualValues(t, "ClusterRole", fetchedRoleBinding.RoleRef.Kind) + + t.Log("ensure operator was granted namespace list permission") + res, err := c.KubernetesInterface().AuthorizationV1().SubjectAccessReviews().Create(&authorizationv1.SubjectAccessReview{ + Spec: authorizationv1.SubjectAccessReviewSpec{ + User: "system:serviceaccount:" + opGroupNamespace + ":" + serviceAccountName, + ResourceAttributes: &authorizationv1.ResourceAttributes{ + Group: corev1.GroupName, + Version: "v1", + Resource: "namespaces", + Verb: "list", + }, + }, + }) + require.NoError(t, err) + require.True(t, res.Status.Allowed, "got %#v", res.Status) + + t.Log("Waiting for operator namespace csv to have annotations") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedCSV, fetchErr := crc.OperatorsV1alpha1().ClusterServiceVersions(opGroupNamespace).Get(csvName, metav1.GetOptions{}) + if fetchErr != nil { + if errors.IsNotFound(fetchErr) { + return false, nil + } + t.Logf("Error (in %v): %v", testNamespace, fetchErr.Error()) + return false, fetchErr + } + if checkOperatorGroupAnnotations(fetchedCSV, operatorGroup, true, corev1.NamespaceAll) == nil { + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + csvList, err := crc.OperatorsV1alpha1().ClusterServiceVersions(corev1.NamespaceAll).List(metav1.ListOptions{LabelSelector: fmt.Sprintf("label=%s", t.Name())}) + require.NoError(t, err) + t.Logf("Found CSV count of %v", len(csvList.Items)) + + t.Logf("Create other namespace %s", otherNamespaceName) + otherNamespace := corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: otherNamespaceName, + Labels: matchingLabel, + }, + } + _, err = c.KubernetesInterface().CoreV1().Namespaces().Create(&otherNamespace) + require.NoError(t, err) + defer func() { + err = c.KubernetesInterface().CoreV1().Namespaces().Delete(otherNamespaceName, &metav1.DeleteOptions{}) + require.NoError(t, err) + }() + + t.Log("Waiting to ensure copied CSV shows up in other namespace") + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedCSV, fetchErr := crc.OperatorsV1alpha1().ClusterServiceVersions(otherNamespaceName).Get(csvName, metav1.GetOptions{}) + if fetchErr != nil { + if errors.IsNotFound(fetchErr) { + return false, nil + } + t.Logf("Error (in %v): %v", otherNamespaceName, fetchErr.Error()) + return false, fetchErr + } + if checkOperatorGroupAnnotations(fetchedCSV, operatorGroup, false, "") == nil { + return true, nil + } + return false, nil + }) + require.NoError(t, err) + + // verify created CSV is cleaned up after operator group is "contracted" + t.Log("Modifying operator group to no longer watch all namespaces") + currentOperatorGroup, err := crc.OperatorsV1().OperatorGroups(opGroupNamespace).Get(operatorGroup.Name, metav1.GetOptions{}) + require.NoError(t, err) + currentOperatorGroup.Spec.TargetNamespaces = []string{opGroupNamespace} + _, err = crc.OperatorsV1().OperatorGroups(opGroupNamespace).Update(currentOperatorGroup) + require.NoError(t, err) + defer func() { + t.Log("Re-modifying operator group to be watching all namespaces") + currentOperatorGroup, err = crc.OperatorsV1().OperatorGroups(opGroupNamespace).Get(operatorGroup.Name, metav1.GetOptions{}) + require.NoError(t, err) + currentOperatorGroup.Spec = v1.OperatorGroupSpec{} + _, err = crc.OperatorsV1().OperatorGroups(opGroupNamespace).Update(currentOperatorGroup) + require.NoError(t, err) + }() + + err = wait.Poll(pollInterval, 2*pollDuration, func() (bool, error) { + _, fetchErr := crc.OperatorsV1alpha1().ClusterServiceVersions(otherNamespaceName).Get(csvName, metav1.GetOptions{}) + if fetchErr != nil { + if errors.IsNotFound(fetchErr) { + return true, nil + } + t.Logf("Error (in %v): %v", opGroupNamespace, fetchErr.Error()) + return false, fetchErr + } + return false, nil + }) + require.NoError(t, err) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/packagemanifest_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/packagemanifest_e2e_test.go new file mode 100644 index 000000000..de6e659f0 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/packagemanifest_e2e_test.go @@ -0,0 +1,117 @@ +package e2e + +import ( + "testing" + "time" + + "github.com/blang/semver" + "github.com/stretchr/testify/require" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/wait" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry" + packagev1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + pmversioned "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" +) + +type packageManifestCheckFunc func(*packagev1.PackageManifest) bool + +func packageManifestHasStatus(pm *packagev1.PackageManifest) bool { + // as long as it has a package name we consider the status non-empty + if pm == nil || pm.Status.PackageName == "" { + return false + } + + return true +} + +func fetchPackageManifest(t *testing.T, pmc pmversioned.Interface, namespace, name string, check packageManifestCheckFunc) (*packagev1.PackageManifest, error) { + var fetched *packagev1.PackageManifest + var err error + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + t.Logf("Polling...") + fetched, err = pmc.OperatorsV1().PackageManifests(namespace).Get(name, metav1.GetOptions{}) + if err != nil && !errors.IsNotFound(err) { + return true, err + } + return check(fetched), nil + }) + + return fetched, err +} + +func TestPackageManifestLoading(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + // create a simple catalogsource + packageName := genName("nginx") + stableChannel := "stable" + packageStable := packageName + "-stable" + manifests := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: packageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + crdPlural := genName("ins") + crd := newCRD(crdPlural) + catalogSourceName := genName("mock-ocs") + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + csv := newCSV(packageStable, testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + + c := newKubeClient(t) + crc := newCRClient(t) + pmc := newPMClient(t) + + expectedStatus := packagev1.PackageManifestStatus{ + CatalogSource: catalogSourceName, + CatalogSourceNamespace: testNamespace, + PackageName: packageName, + Channels: []packagev1.PackageChannel{ + { + Name: stableChannel, + CurrentCSV: packageStable, + CurrentCSVDesc: packagev1.CreateCSVDescription(&csv), + }, + }, + DefaultChannel: stableChannel, + } + + // Wait for package-server to be ready + err := wait.Poll(pollInterval, 1*time.Minute, func() (bool, error) { + t.Logf("Polling package-server...") + _, err := pmc.OperatorsV1().PackageManifests(testNamespace).List(metav1.ListOptions{}) + if err == nil { + return true, nil + } + return false, nil + }) + require.NoError(t, err, "package-server not available") + + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, catalogSourceName, testNamespace, manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csv}) + require.NoError(t, err) + defer cleanupCatalogSource() + + _, err = fetchCatalogSource(t, crc, catalogSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + pm, err := fetchPackageManifest(t, pmc, testNamespace, packageName, packageManifestHasStatus) + require.NoError(t, err, "error getting package manifest") + require.NotNil(t, pm) + require.Equal(t, packageName, pm.GetName()) + require.Equal(t, expectedStatus, pm.Status) + + // Get a PackageManifestList and ensure it has the correct items + pmList, err := pmc.OperatorsV1().PackageManifests(testNamespace).List(metav1.ListOptions{}) + require.NoError(t, err, "could not access package manifests list meta") + require.NotNil(t, pmList.ListMeta, "package manifest list metadata empty") + require.NotNil(t, pmList.Items) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/setup_bare_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/setup_bare_test.go new file mode 100644 index 000000000..0e7cf6db9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/setup_bare_test.go @@ -0,0 +1,149 @@ +// +build bare + +package e2e + +import ( + "context" + "flag" + "io" + "io/ioutil" + "os" + "strings" + "testing" + "time" + + "github.com/sirupsen/logrus" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + utilclock "k8s.io/apimachinery/pkg/util/clock" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/catalog" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/signals" +) + +var ( + kubeConfigPath = flag.String( + "kubeconfig", "", "path to the kubeconfig file") + + watchedNamespaces = flag.String( + "watchedNamespaces", "", "comma separated list of namespaces for alm operator to watch. "+ + "If not set, or set to the empty string (e.g. `-watchedNamespaces=\"\"`), "+ + "olm operator will watch all namespaces in the cluster.") + + namespace = flag.String( + "namespace", "", "namespace where tests will run") + + olmNamespace = flag.String( + "olmNamespace", "", "namespace where olm is running") + + communityOperators = flag.String( + "communityOperators", + "quay.io/operator-framework/upstream-community-operators@sha256:098457dc5e0b6ca9599bd0e7a67809f8eca397907ca4d93597380511db478fec", + "reference to upstream-community-operators image") + + testNamespace = "" + operatorNamespace = "" + communityOperatorsImage = "" +) + +func TestMain(m *testing.M) { + if err := flag.Set("logtostderr", "true"); err != nil { + panic(err) + } + flag.Parse() + + testNamespace = *namespace + if testNamespace == "" { + testNamespaceBytes, err := ioutil.ReadFile("e2e.namespace") + if err != nil || testNamespaceBytes == nil { + panic("no namespace set") + } + testNamespace = string(testNamespaceBytes) + } + operatorNamespace = *olmNamespace + communityOperatorsImage = *communityOperators + + cleaner = newNamespaceCleaner(testNamespace) + namespaces := strings.Split(*watchedNamespaces, ",") + + // Get exit signal context + ctx, cancel := context.WithCancel(signals.Context()) + defer cancel() + + // operator dependencies + crClient, err := client.NewClient(*kubeConfigPath) + if err != nil { + logrus.WithError(err).Fatalf("error configuring client") + } + + olmLog, err := os.Create("test/log/e2e-olm.log") + if err != nil { + panic(err) + } + defer olmLog.Close() + olmlogger := logrus.New() + olmlogger.SetLevel(logrus.DebugLevel) + mw := io.MultiWriter(os.Stderr, olmLog) + olmlogger.SetOutput(mw) + olmlogger.SetFormatter(&logrus.TextFormatter{ + ForceColors: true, + DisableTimestamp: true, + }) + olmOpClient := operatorclient.NewClientFromConfig(*kubeConfigPath, olmlogger) + + catLog, err := os.Create("test/log/e2e-catalog.log") + if err != nil { + panic(err) + } + defer catLog.Close() + catlogger := logrus.New() + catlogger.SetLevel(logrus.DebugLevel) + cmw := io.MultiWriter(os.Stderr, catLog) + catlogger.SetOutput(cmw) + catlogger.SetFormatter(&logrus.TextFormatter{ + ForceColors: true, + DisableTimestamp: true, + }) + + // start operators + olmOperator, err := olm.NewOperator( + ctx, + olm.WithLogger(olmlogger), + olm.WithWatchedNamespaces(namespaces...), + olm.WithResyncPeriod(time.Minute), + olm.WithExternalClient(crClient), + olm.WithOperatorClient(olmOpClient), + ) + if err != nil { + logrus.WithError(err).Fatalf("error configuring olm") + } + olmOperator.Run(ctx) + catalogOperator, err := catalog.NewOperator(ctx, *kubeConfigPath, utilclock.RealClock{}, catlogger, time.Minute, "quay.io/operatorframework/configmap-operator-registry:latest", *namespace, namespaces...) + if err != nil { + logrus.WithError(err).Fatalf("error configuring catalog") + } + catalogOperator.Run(ctx) + <-olmOperator.Ready() + <-catalogOperator.Ready() + + c, err := client.NewClient(*kubeConfigPath) + if err != nil { + panic(err) + } + + _, err = c.OperatorsV1().OperatorGroups(testNamespace).Create(&v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "opgroup", + Namespace: testNamespace, + }, + }) + if err != nil { + panic(err) + } + + // run tests + os.Exit(m.Run()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/setup_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/setup_test.go new file mode 100644 index 000000000..ccd46c2e9 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/setup_test.go @@ -0,0 +1,70 @@ +// +build !bare + +package e2e + +import ( + "flag" + "os" + "testing" + + v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client" +) + +var ( + kubeConfigPath = flag.String( + "kubeconfig", "", "path to the kubeconfig file") + + namespace = flag.String( + "namespace", "", "namespace where tests will run") + + olmNamespace = flag.String( + "olmNamespace", "", "namespace where olm is running") + + communityOperators = flag.String( + "communityOperators", + "quay.io/operator-framework/upstream-community-operators@sha256:098457dc5e0b6ca9599bd0e7a67809f8eca397907ca4d93597380511db478fec", + "reference to upstream-community-operators image") + + testNamespace = "" + operatorNamespace = "" + communityOperatorsImage = "" +) + +func TestMain(m *testing.M) { + if err := flag.Set("logtostderr", "true"); err != nil { + panic(err) + } + flag.Parse() + + testNamespace = *namespace + operatorNamespace = *olmNamespace + communityOperatorsImage = *communityOperators + + cleaner = newNamespaceCleaner(testNamespace) + c, err := client.NewClient(*kubeConfigPath) + if err != nil { + panic(err) + } + + groups, err := c.OperatorsV1().OperatorGroups(testNamespace).List(metav1.ListOptions{}) + if err != nil { + panic(err) + } + if len(groups.Items) == 0 { + _, err = c.OperatorsV1().OperatorGroups(testNamespace).Create(&v1.OperatorGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: "opgroup", + Namespace: testNamespace, + }, + }) + if err != nil { + panic(err) + } + } + + // run tests + os.Exit(m.Run()) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/subscription_e2e_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/subscription_e2e_test.go new file mode 100644 index 000000000..a1cb6b24c --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/subscription_e2e_test.go @@ -0,0 +1,1144 @@ +package e2e + +import ( + "encoding/json" + "fmt" + "strings" + "sync" + "testing" + "time" + + "github.com/blang/semver" + "github.com/ghodss/yaml" + "github.com/stretchr/testify/require" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/wait" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/install" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry/resolver" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/comparison" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/version" +) + +var doubleInstance = int32(2) + +const ( + catalogSourceName = "mock-ocs" + catalogConfigMapName = "mock-ocs" + testSubscriptionName = "mysubscription" + testPackageName = "myapp" + + stableChannel = "stable" + betaChannel = "beta" + alphaChannel = "alpha" + + outdated = "myapp-outdated" + stable = "myapp-stable" + alpha = "myapp-alpha" + beta = "myapp-beta" +) + +var ( + dummyManifest = []registry.PackageManifest{{ + PackageName: testPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: stable}, + {Name: betaChannel, CurrentCSVName: beta}, + {Name: alphaChannel, CurrentCSVName: alpha}, + }, + DefaultChannelName: stableChannel, + }} + csvType = metav1.TypeMeta{ + Kind: v1alpha1.ClusterServiceVersionKind, + APIVersion: v1alpha1.GroupVersion, + } + + strategy = install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep-"), + Spec: newNginxDeployment(genName("nginx-")), + }, + }, + } + strategyRaw, _ = json.Marshal(strategy) + installStrategy = v1alpha1.NamedInstallStrategy{ + StrategyName: install.InstallStrategyNameDeployment, + StrategySpecRaw: strategyRaw, + } + outdatedCSV = v1alpha1.ClusterServiceVersion{ + TypeMeta: csvType, + ObjectMeta: metav1.ObjectMeta{ + Name: outdated, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: "", + Version: version.OperatorVersion{semver.MustParse("0.1.0")}, + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: installStrategy, + }, + } + stableCSV = v1alpha1.ClusterServiceVersion{ + TypeMeta: csvType, + ObjectMeta: metav1.ObjectMeta{ + Name: stable, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: outdated, + Version: version.OperatorVersion{semver.MustParse("0.2.0")}, + MinKubeVersion: "0.0.0", + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: installStrategy, + }, + } + betaCSV = v1alpha1.ClusterServiceVersion{ + TypeMeta: csvType, + ObjectMeta: metav1.ObjectMeta{ + Name: beta, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: stable, + Version: version.OperatorVersion{semver.MustParse("0.1.1")}, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: installStrategy, + }, + } + alphaCSV = v1alpha1.ClusterServiceVersion{ + TypeMeta: csvType, + ObjectMeta: metav1.ObjectMeta{ + Name: alpha, + }, + Spec: v1alpha1.ClusterServiceVersionSpec{ + Replaces: beta, + Version: version.OperatorVersion{semver.MustParse("0.3.0")}, + InstallModes: []v1alpha1.InstallMode{ + { + Type: v1alpha1.InstallModeTypeOwnNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeSingleNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeMultiNamespace, + Supported: true, + }, + { + Type: v1alpha1.InstallModeTypeAllNamespaces, + Supported: true, + }, + }, + InstallStrategy: installStrategy, + }, + } + csvList = []v1alpha1.ClusterServiceVersion{outdatedCSV, stableCSV, betaCSV, alphaCSV} + + strategyNew = install.StrategyDetailsDeployment{ + DeploymentSpecs: []install.StrategyDeploymentSpec{ + { + Name: genName("dep-"), + Spec: appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{"app": "nginx"}, + }, + Replicas: &singleInstance, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{"app": "nginx"}, + }, + Spec: corev1.PodSpec{Containers: []corev1.Container{ + { + Name: genName("nginx"), + Image: "bitnami/nginx:latest", + Ports: []corev1.ContainerPort{{ContainerPort: 80}}, + ImagePullPolicy: corev1.PullIfNotPresent, + }, + }}, + }, + }, + }, + }, + } + + dummyCatalogConfigMap = &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: catalogConfigMapName, + }, + Data: map[string]string{}, + } + + dummyCatalogSource = v1alpha1.CatalogSource{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.CatalogSourceKind, + APIVersion: v1alpha1.CatalogSourceCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: catalogSourceName, + }, + Spec: v1alpha1.CatalogSourceSpec{ + SourceType: "internal", + ConfigMap: catalogConfigMapName, + }, + } +) + +func init() { + strategyNewRaw, err := json.Marshal(strategyNew) + if err != nil { + panic(err) + } + for i := 0; i < len(csvList); i++ { + csvList[i].Spec.InstallStrategy.StrategySpecRaw = strategyNewRaw + } + + manifestsRaw, err := yaml.Marshal(dummyManifest) + if err != nil { + panic(err) + } + dummyCatalogConfigMap.Data[registry.ConfigMapPackageName] = string(manifestsRaw) + csvsRaw, err := yaml.Marshal(csvList) + if err != nil { + panic(err) + } + dummyCatalogConfigMap.Data[registry.ConfigMapCSVName] = string(csvsRaw) + dummyCatalogConfigMap.Data[registry.ConfigMapCRDName] = "" +} + +func initCatalog(t *testing.T, c operatorclient.ClientInterface, crc versioned.Interface) error { + // Create configmap containing catalog + dummyCatalogConfigMap.SetNamespace(testNamespace) + if _, err := c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Create(dummyCatalogConfigMap); err != nil { + if k8serrors.IsAlreadyExists(err) { + return fmt.Errorf("E2E bug detected: %v", err) + } + return err + } + + // Create catalog source custom resource pointing to ConfigMap + dummyCatalogSource.SetNamespace(testNamespace) + if _, err := crc.OperatorsV1alpha1().CatalogSources(testNamespace).Create(&dummyCatalogSource); err != nil { + if k8serrors.IsAlreadyExists(err) { + return fmt.Errorf("E2E bug detected: %v", err) + } + return err + } + + // Wait for the catalog source to be created + fetched, err := fetchCatalogSource(t, crc, dummyCatalogSource.GetName(), dummyCatalogSource.GetNamespace(), catalogSourceRegistryPodSynced) + require.NoError(t, err) + require.NotNil(t, fetched) + + return nil +} + +type subscriptionStateChecker func(subscription *v1alpha1.Subscription) bool + +func subscriptionStateUpgradeAvailableChecker(subscription *v1alpha1.Subscription) bool { + return subscription.Status.State == v1alpha1.SubscriptionStateUpgradeAvailable +} + +func subscriptionStateUpgradePendingChecker(subscription *v1alpha1.Subscription) bool { + return subscription.Status.State == v1alpha1.SubscriptionStateUpgradePending +} + +func subscriptionStateAtLatestChecker(subscription *v1alpha1.Subscription) bool { + return subscription.Status.State == v1alpha1.SubscriptionStateAtLatest +} + +func subscriptionHasInstallPlanChecker(subscription *v1alpha1.Subscription) bool { + return subscription.Status.Install != nil +} + +func subscriptionStateNoneChecker(subscription *v1alpha1.Subscription) bool { + return subscription.Status.State == v1alpha1.SubscriptionStateNone +} + +func subscriptionStateAny(subscription *v1alpha1.Subscription) bool { + return subscriptionStateNoneChecker(subscription) || + subscriptionStateAtLatestChecker(subscription) || + subscriptionStateUpgradePendingChecker(subscription) || + subscriptionStateUpgradeAvailableChecker(subscription) +} + +func subscriptionHasCurrentCSV(currentCSV string) subscriptionStateChecker { + return func(subscription *v1alpha1.Subscription) bool { + return subscription.Status.CurrentCSV == currentCSV + } +} + +func subscriptionHasCondition(condType v1alpha1.SubscriptionConditionType, status corev1.ConditionStatus, reason, message string) subscriptionStateChecker { + return func(subscription *v1alpha1.Subscription) bool { + cond := subscription.Status.GetCondition(condType) + if cond.Status == status && cond.Reason == reason && cond.Message == message { + fmt.Printf("subscription condition met %v\n", cond) + return true + } + + fmt.Printf("subscription condition not met: %v\n", cond) + return false + } +} + +func fetchSubscription(t *testing.T, crc versioned.Interface, namespace, name string, checker subscriptionStateChecker) (*v1alpha1.Subscription, error) { + var fetchedSubscription *v1alpha1.Subscription + var err error + + log := func(s string) { + t.Logf("%s: %s", time.Now().Format("15:04:05.9999"), s) + } + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedSubscription, err = crc.OperatorsV1alpha1().Subscriptions(namespace).Get(name, metav1.GetOptions{}) + if err != nil || fetchedSubscription == nil { + return false, err + } + log(fmt.Sprintf("%s (%s): %s", fetchedSubscription.Status.State, fetchedSubscription.Status.CurrentCSV, fetchedSubscription.Status.InstallPlanRef)) + return checker(fetchedSubscription), nil + }) + if err != nil { + log(fmt.Sprintf("never got correct status: %#v", fetchedSubscription.Status)) + log(fmt.Sprintf("subscription spec: %#v", fetchedSubscription.Spec)) + } + return fetchedSubscription, err +} + +func buildSubscriptionCleanupFunc(t *testing.T, crc versioned.Interface, subscription *v1alpha1.Subscription) cleanupFunc { + return func() { + // Check for an installplan + if installPlanRef := subscription.Status.Install; installPlanRef != nil { + // Get installplan and create/execute cleanup function + installPlan, err := crc.OperatorsV1alpha1().InstallPlans(subscription.GetNamespace()).Get(installPlanRef.Name, metav1.GetOptions{}) + if err == nil { + buildInstallPlanCleanupFunc(crc, subscription.GetNamespace(), installPlan)() + } else { + t.Logf("Could not get installplan %s while building subscription %s's cleanup function", installPlan.GetName(), subscription.GetName()) + } + } + + // Delete the subscription + err := crc.OperatorsV1alpha1().Subscriptions(subscription.GetNamespace()).Delete(subscription.GetName(), &metav1.DeleteOptions{}) + require.NoError(t, err) + } +} + +func createSubscription(t *testing.T, crc versioned.Interface, namespace, name, packageName, channel string, approval v1alpha1.Approval) cleanupFunc { + subscription := &v1alpha1.Subscription{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: catalogSourceName, + CatalogSourceNamespace: namespace, + Package: packageName, + Channel: channel, + InstallPlanApproval: approval, + }, + } + + subscription, err := crc.OperatorsV1alpha1().Subscriptions(namespace).Create(subscription) + require.NoError(t, err) + return buildSubscriptionCleanupFunc(t, crc, subscription) +} + +func createSubscriptionForCatalog(t *testing.T, crc versioned.Interface, namespace, name, catalog, packageName, channel, startingCSV string, approval v1alpha1.Approval) cleanupFunc { + subscription := &v1alpha1.Subscription{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.SubscriptionKind, + APIVersion: v1alpha1.SubscriptionCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + }, + Spec: &v1alpha1.SubscriptionSpec{ + CatalogSource: catalog, + CatalogSourceNamespace: namespace, + Package: packageName, + Channel: channel, + StartingCSV: startingCSV, + InstallPlanApproval: approval, + }, + } + + subscription, err := crc.OperatorsV1alpha1().Subscriptions(namespace).Create(subscription) + require.NoError(t, err) + return buildSubscriptionCleanupFunc(t, crc, subscription) +} + +// I. Creating a new subscription +// A. If package is not installed, creating a subscription should install latest version +func TestCreateNewSubscriptionNotInstalled(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + require.NoError(t, initCatalog(t, c, crc)) + + cleanup := createSubscription(t, crc, testNamespace, testSubscriptionName, testPackageName, betaChannel, v1alpha1.ApprovalAutomatic) + defer cleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, testSubscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, testNamespace, buildCSVConditionChecker(v1alpha1.CSVPhaseSucceeded)) + require.NoError(t, err) + + // Fetch subscription again to check for unnecessary control loops + sameSubscription, err := fetchSubscription(t, crc, testNamespace, testSubscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + compareResources(t, subscription, sameSubscription) +} + +// I. Creating a new subscription +// B. If package is already installed, creating a subscription should upgrade it to the latest +// version +func TestCreateNewSubscriptionExistingCSV(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + require.NoError(t, initCatalog(t, c, crc)) + + // Will be cleaned up by the upgrade process + _, err := createCSV(t, c, crc, stableCSV, testNamespace, false, false) + require.NoError(t, err) + + subscriptionCleanup := createSubscription(t, crc, testNamespace, testSubscriptionName, testPackageName, alphaChannel, v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, testSubscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, testNamespace, buildCSVConditionChecker(v1alpha1.CSVPhaseSucceeded)) + require.NoError(t, err) + + // check for unnecessary control loops + sameSubscription, err := fetchSubscription(t, crc, testNamespace, testSubscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) + compareResources(t, subscription, sameSubscription) +} + +func TestSubscriptionSkipRange(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + crdPlural := genName("ins") + crdName := crdPlural + ".cluster.com" + crd := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + + mainPackageName := genName("nginx-") + mainPackageStable := fmt.Sprintf("%s-stable", mainPackageName) + updatedPackageStable := fmt.Sprintf("%s-updated", mainPackageName) + stableChannel := "stable" + mainNamedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + mainCSV := newCSV(mainPackageStable, testNamespace, "", semver.MustParse("0.1.0-1556661347"), []apiextensions.CustomResourceDefinition{crd}, nil, mainNamedStrategy) + updatedCSV := newCSV(updatedPackageStable, testNamespace, "", semver.MustParse("0.1.0-1556661832"), []apiextensions.CustomResourceDefinition{crd}, nil, mainNamedStrategy) + updatedCSV.SetAnnotations(map[string]string{resolver.SkipPackageAnnotationKey: ">=0.1.0-1556661347 <0.1.0-1556661832"}) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + + mainCatalogName := genName("mock-ocs-main-") + + // Create separate manifests for each CatalogSource + mainManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: mainPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + updatedManifests := []registry.PackageManifest{ + { + PackageName: mainPackageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: updatedPackageStable}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create catalog source + _, cleanupMainCatalogSource := createInternalCatalogSource(t, c, crc, mainCatalogName, testNamespace, mainManifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{mainCSV}) + defer cleanupMainCatalogSource() + // Attempt to get the catalog source before creating subscription + _, err := fetchCatalogSource(t, crc, mainCatalogName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Create a subscription + subscriptionName := genName("sub-nginx-") + subscriptionCleanup := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, mainCatalogName, mainPackageName, stableChannel, "", v1alpha1.ApprovalAutomatic) + defer subscriptionCleanup() + + // Wait for csv to install + firstCSV, err := awaitCSV(t, crc, testNamespace, mainCSV.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Update catalog with a new csv in the channel with a skip range + updateInternalCatalog(t, c, crc, mainCatalogName, testNamespace, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{updatedCSV}, updatedManifests) + + // Wait for csv to update + finalCSV, err := awaitCSV(t, crc, testNamespace, updatedCSV.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Ensure we set the replacement field based on the registry data + require.Equal(t, firstCSV.GetName(), finalCSV.Spec.Replaces) +} + +// If installPlanApproval is set to manual, the installplans created should be created with approval: manual +func TestCreateNewSubscriptionManualApproval(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + require.NoError(t, initCatalog(t, c, crc)) + + subscriptionCleanup := createSubscription(t, crc, testNamespace, "manual-subscription", testPackageName, stableChannel, v1alpha1.ApprovalManual) + defer subscriptionCleanup() + + subscription, err := fetchSubscription(t, crc, testNamespace, "manual-subscription", subscriptionStateUpgradePendingChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlan, err := fetchInstallPlan(t, crc, subscription.Status.Install.Name, buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseRequiresApproval)) + require.NoError(t, err) + require.NotNil(t, installPlan) + + require.Equal(t, v1alpha1.ApprovalManual, installPlan.Spec.Approval) + require.Equal(t, v1alpha1.InstallPlanPhaseRequiresApproval, installPlan.Status.Phase) + + installPlan.Spec.Approved = true + _, err = crc.OperatorsV1alpha1().InstallPlans(testNamespace).Update(installPlan) + require.NoError(t, err) + + subscription, err = fetchSubscription(t, crc, testNamespace, "manual-subscription", subscriptionStateAtLatestChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + _, err = fetchCSV(t, crc, subscription.Status.CurrentCSV, testNamespace, buildCSVConditionChecker(v1alpha1.CSVPhaseSucceeded)) + require.NoError(t, err) +} + +func TestSusbcriptionWithStartingCSV(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + crdPlural := genName("ins") + crdName := crdPlural + ".cluster.com" + + crd := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + + // Create CSV + packageName := genName("nginx-") + stableChannel := "stable" + + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + csvA := newCSV("nginx-a", testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + csvB := newCSV("nginx-b", testNamespace, "nginx-a", semver.MustParse("0.2.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + + // Create PackageManifests + manifests := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: csvB.GetName()}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the CatalogSource + c := newKubeClient(t) + crc := newCRClient(t) + catalogSourceName := genName("mock-nginx-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, catalogSourceName, testNamespace, manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csvA, csvB}) + defer cleanupCatalogSource() + + // Attempt to get the catalog source before creating install plan + _, err := fetchCatalogSource(t, crc, catalogSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + subscriptionName := genName("sub-nginx-") + cleanupSubscription := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, catalogSourceName, packageName, stableChannel, csvA.GetName(), v1alpha1.ApprovalManual) + defer cleanupSubscription() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + installPlanName := subscription.Status.Install.Name + + // Wait for InstallPlan to be status: Complete before checking resource presence + requiresApprovalChecker := buildInstallPlanPhaseCheckFunc(v1alpha1.InstallPlanPhaseRequiresApproval) + fetchedInstallPlan, err := fetchInstallPlan(t, crc, installPlanName, requiresApprovalChecker) + require.NoError(t, err) + + // Ensure that only 1 installplan was created + ips, err := crc.OperatorsV1alpha1().InstallPlans(testNamespace).List(metav1.ListOptions{}) + require.NoError(t, err) + require.Len(t, ips.Items, 1) + + // Ensure that csvA and its crd are found in the plan + csvFound := false + crdFound := false + for _, s := range fetchedInstallPlan.Status.Plan { + require.Equal(t, csvA.GetName(), s.Resolving, "unexpected resolution found") + require.Equal(t, v1alpha1.StepStatusUnknown, s.Status, "status should be unknown") + require.Equal(t, catalogSourceName, s.Resource.CatalogSource, "incorrect catalogsource on step resource") + switch kind := s.Resource.Kind; kind { + case v1alpha1.ClusterServiceVersionKind: + require.Equal(t, csvA.GetName(), s.Resource.Name, "unexpected csv found") + csvFound = true + case "CustomResourceDefinition": + require.Equal(t, crdName, s.Resource.Name, "unexpected crd found") + crdFound = true + default: + t.Fatalf("unexpected resource kind found in installplan: %s", kind) + } + } + require.True(t, csvFound, "expected csv not found in installplan") + require.True(t, crdFound, "expected crd not found in installplan") + + // Ensure that csvB is not found in the plan + csvFound = false + for _, s := range fetchedInstallPlan.Status.Plan { + require.Equal(t, csvA.GetName(), s.Resolving, "unexpected resolution found") + require.Equal(t, v1alpha1.StepStatusUnknown, s.Status, "status should be unknown") + require.Equal(t, catalogSourceName, s.Resource.CatalogSource, "incorrect catalogsource on step resource") + switch kind := s.Resource.Kind; kind { + case v1alpha1.ClusterServiceVersionKind: + if s.Resource.Name == csvB.GetName() { + csvFound = true + } + } + } + require.False(t, csvFound, "expected csv not found in installplan") + + // Approve the installplan and wait for csvA to be installed + fetchedInstallPlan.Spec.Approved = true + _, err = crc.OperatorsV1alpha1().InstallPlans(testNamespace).Update(fetchedInstallPlan) + require.NoError(t, err) + + _, err = awaitCSV(t, crc, testNamespace, csvA.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Wait for the subscription to begin upgrading to csvB + subscription, err = fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionStateUpgradePendingChecker) + require.NoError(t, err) + require.NotEqual(t, fetchedInstallPlan.GetName(), subscription.Status.Install.Name, "expected new installplan for upgraded csv") + + upgradeInstallPlan, err := fetchInstallPlan(t, crc, subscription.Status.Install.Name, requiresApprovalChecker) + require.NoError(t, err) + + // Approve the upgrade installplan and wait for + upgradeInstallPlan.Spec.Approved = true + _, err = crc.OperatorsV1alpha1().InstallPlans(testNamespace).Update(upgradeInstallPlan) + require.NoError(t, err) + + _, err = awaitCSV(t, crc, testNamespace, csvB.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Ensure that 2 installplans were created + ips, err = crc.OperatorsV1alpha1().InstallPlans(testNamespace).List(metav1.ListOptions{}) + require.NoError(t, err) + require.Len(t, ips.Items, 2) +} + +func TestSubscriptionUpdatesMultipleIntermediates(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + crdPlural := genName("ins") + crdName := crdPlural + ".cluster.com" + + crd := apiextensions.CustomResourceDefinition{ + ObjectMeta: metav1.ObjectMeta{ + Name: crdName, + }, + Spec: apiextensions.CustomResourceDefinitionSpec{ + Group: "cluster.com", + Version: "v1alpha1", + Names: apiextensions.CustomResourceDefinitionNames{ + Plural: crdPlural, + Singular: crdPlural, + Kind: crdPlural, + ListKind: "list" + crdPlural, + }, + Scope: "Namespaced", + }, + } + + // Create CSV + packageName := genName("nginx-") + stableChannel := "stable" + + namedStrategy := newNginxInstallStrategy(genName("dep-"), nil, nil) + csvA := newCSV("nginx-a", testNamespace, "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + csvB := newCSV("nginx-b", testNamespace, "nginx-a", semver.MustParse("0.2.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + csvC := newCSV("nginx-c", testNamespace, "nginx-b", semver.MustParse("0.3.0"), []apiextensions.CustomResourceDefinition{crd}, nil, namedStrategy) + + // Create PackageManifests + manifests := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: csvA.GetName()}, + }, + DefaultChannelName: stableChannel, + }, + } + + // Create the CatalogSource with just one version + c := newKubeClient(t) + crc := newCRClient(t) + catalogSourceName := genName("mock-nginx-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, catalogSourceName, testNamespace, manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csvA}) + defer cleanupCatalogSource() + + // Attempt to get the catalog source before creating install plan + _, err := fetchCatalogSource(t, crc, catalogSourceName, testNamespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + subscriptionName := genName("sub-nginx-") + cleanupSubscription := createSubscriptionForCatalog(t, crc, testNamespace, subscriptionName, catalogSourceName, packageName, stableChannel, csvA.GetName(), v1alpha1.ApprovalAutomatic) + defer cleanupSubscription() + + subscription, err := fetchSubscription(t, crc, testNamespace, subscriptionName, subscriptionHasInstallPlanChecker) + require.NoError(t, err) + require.NotNil(t, subscription) + + // Wait for csvA to be installed + _, err = awaitCSV(t, crc, testNamespace, csvA.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Set up async watches that will fail the test if csvB doesn't get created in between csvA and csvC + var wg sync.WaitGroup + go func(t *testing.T) { + wg.Add(1) + defer wg.Done() + _, err := awaitCSV(t, crc, testNamespace, csvB.GetName(), csvReplacingChecker) + require.NoError(t, err) + }(t) + // Update the catalog to include multiple updates + packages := []registry.PackageManifest{ + { + PackageName: packageName, + Channels: []registry.PackageChannel{ + {Name: stableChannel, CurrentCSVName: csvC.GetName()}, + }, + DefaultChannelName: stableChannel, + }, + } + + updateInternalCatalog(t, c, crc, catalogSourceName, testNamespace, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csvA, csvB, csvC}, packages) + + // wait for checks on intermediate csvs to succeed + wg.Wait() + + // Wait for csvC to be installed + _, err = awaitCSV(t, crc, testNamespace, csvC.GetName(), csvSucceededChecker) + require.NoError(t, err) + + // Should eventually GC the CSVs + err = waitForCSVToDelete(t, crc, csvA.Name) + require.NoError(t, err) + err = waitForCSVToDelete(t, crc, csvB.Name) + require.NoError(t, err) + + // TODO: check installplans, subscription status, etc +} + +// TestSubscriptionStatusMissingTargetCatalogSource ensures that a Subscription has the appropriate status condition when +// its target catalog is missing. +// +// Steps: +// 1. Generate an initial CatalogSource in the target namespace +// 2. Generate Subscription, "sub", targetting non-existent CatalogSource, "missing" +// 3. Wait for sub status to show SubscriptionCatalogSourcesUnhealthy with status True, reason CatalogSourcesUpdated, and appropriate missing message +// 4. Update sub's spec to target the "mysubscription" +// 5. Wait for sub's status to show SubscriptionCatalogSourcesUnhealthy with status False, reason AllCatalogSourcesHealthy, and reason "all available catalogsources are healthy" +// 6. Wait for sub to succeed +func TestSubscriptionStatusMissingTargetCatalogSource(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + defer func() { + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(testNamespace).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{})) + }() + require.NoError(t, initCatalog(t, c, crc)) + + missingName := "missing" + cleanup := createSubscriptionForCatalog(t, crc, testNamespace, testSubscriptionName, missingName, testPackageName, betaChannel, "", v1alpha1.ApprovalAutomatic) + defer cleanup() + + sub, err := fetchSubscription(t, crc, testNamespace, testSubscriptionName, subscriptionHasCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy, corev1.ConditionTrue, v1alpha1.UnhealthyCatalogSourceFound, fmt.Sprintf("targeted catalogsource %s/%s missing", testNamespace, missingName))) + require.NoError(t, err) + require.NotNil(t, sub) + + // Update sub to target an existing CatalogSource + sub.Spec.CatalogSource = catalogSourceName + _, err = crc.OperatorsV1alpha1().Subscriptions(testNamespace).Update(sub) + require.NoError(t, err) + + // Wait for SubscriptionCatalogSourcesUnhealthy to be false + _, err = fetchSubscription(t, crc, testNamespace, testSubscriptionName, subscriptionHasCondition(v1alpha1.SubscriptionCatalogSourcesUnhealthy, corev1.ConditionFalse, v1alpha1.AllCatalogSourcesHealthy, "all available catalogsources are healthy")) + require.NoError(t, err) + + // Wait for success + _, err = fetchSubscription(t, crc, testNamespace, testSubscriptionName, subscriptionStateAtLatestChecker) + require.NoError(t, err) +} + +// TestSubscriptionInstallPlanStatus ensures that a Subscription has the appropriate status conditions for possible referenced +// InstallPlan states. +// +// Steps: +// 1. Create namespace, ns +// 2. Create CatalogSource, cs, in ns +// 3. Create OperatorGroup, og, in ns selecting its own namespace +// 4. Create Subscription to a package of cs in ns, sub +// 5. Wait for the package from sub to install successfully with no remaining InstallPlan status conditions +// 6. Store conditions for later comparision +// 7. Get the InstallPlan +// 8. Set the InstallPlan's approval mode to Manual +// 9. Set the InstallPlan's phase to None +// 10. Wait for sub to have status condition SubscriptionInstallPlanPending true and reason InstallPlanNotYetReconciled +// 11. Get the latest IntallPlan and set the phase to InstallPlanPhaseRequiresApproval +// 12. Wait for sub to have status condition SubscriptionInstallPlanPending true and reason RequiresApproval +// 13. Get the latest InstallPlan and set the phase to InstallPlanPhaseInstalling +// 14. Wait for sub to have status condition SubscriptionInstallPlanPending true and reason Installing +// 15. Get the latest InstallPlan and set the phase to InstallPlanPhaseFailed and remove all status conditions +// 16. Wait for sub to have status condition SubscriptionInstallPlanFailed true and reason InstallPlanFailed +// 17. Get the latest InstallPlan and set status condition of type Installed to false with reason InstallComponentFailed +// 18. Wait for sub to have status condition SubscriptionInstallPlanFailed true and reason InstallComponentFailed +// 19. Delete the referenced InstallPlan +// 20. Wait for sub to have status condition SubscriptionInstallPlanMissing true +// 21. Ensure original non-InstallPlan status conditions remain after InstallPlan transitions +func TestSubscriptionInstallPlanStatus(t *testing.T) { + defer cleaner.NotifyTestComplete(t, true) + + c := newKubeClient(t) + crc := newCRClient(t) + + // Create namespace ns + ns := &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: genName("ns-"), + }, + } + _, err := c.KubernetesInterface().CoreV1().Namespaces().Create(ns) + require.NoError(t, err) + defer func() { + require.NoError(t, c.KubernetesInterface().CoreV1().Namespaces().Delete(ns.GetName(), &metav1.DeleteOptions{})) + }() + + // Create CatalogSource, cs, in ns + pkgName := genName("pkg-") + channelName := genName("channel-") + strategy := newNginxInstallStrategy(pkgName, nil, nil) + crd := newCRD(pkgName) + csv := newCSV(pkgName, ns.GetName(), "", semver.MustParse("0.1.0"), []apiextensions.CustomResourceDefinition{crd}, nil, strategy) + manifests := []registry.PackageManifest{ + { + PackageName: pkgName, + Channels: []registry.PackageChannel{ + {Name: channelName, CurrentCSVName: csv.GetName()}, + }, + DefaultChannelName: channelName, + }, + } + catalogName := genName("catalog-") + _, cleanupCatalogSource := createInternalCatalogSource(t, c, crc, catalogName, ns.GetName(), manifests, []apiextensions.CustomResourceDefinition{crd}, []v1alpha1.ClusterServiceVersion{csv}) + defer cleanupCatalogSource() + _, err = fetchCatalogSource(t, crc, catalogName, ns.GetName(), catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Create OperatorGroup, og, in ns selecting its own namespace + og := newOperatorGroup(ns.GetName(), genName("og-"), nil, nil, []string{ns.GetName()}, false) + _, err = crc.OperatorsV1().OperatorGroups(og.GetNamespace()).Create(og) + require.NoError(t, err) + defer func() { + require.NoError(t, crc.OperatorsV1().OperatorGroups(og.GetNamespace()).Delete(og.GetName(), &metav1.DeleteOptions{})) + }() + + // Create Subscription to a package of cs in ns, sub + subName := genName("sub-") + defer createSubscriptionForCatalog(t, crc, ns.GetName(), subName, catalogName, pkgName, channelName, pkgName, v1alpha1.ApprovalAutomatic)() + + // Wait for the package from sub to install successfully with no remaining InstallPlan status conditions + sub, err := fetchSubscription(t, crc, ns.GetName(), subName, func(s *v1alpha1.Subscription) bool { + for _, cond := range s.Status.Conditions { + switch cond.Type { + case v1alpha1.SubscriptionInstallPlanMissing, v1alpha1.SubscriptionInstallPlanPending, v1alpha1.SubscriptionInstallPlanFailed: + return false + } + } + return subscriptionStateAtLatestChecker(s) + }) + require.NoError(t, err) + require.NotNil(t, sub) + + // Store conditions for later comparision + conds := sub.Status.Conditions + + // Get the InstallPlan + ref := sub.Status.InstallPlanRef + require.NotNil(t, ref) + plan, err := crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).Get(ref.Name, metav1.GetOptions{}) + require.NoError(t, err) + + // Set the InstallPlan's approval mode to Manual + plan.Spec.Approval = v1alpha1.ApprovalManual + plan.Spec.Approved = false + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).Update(plan) + require.NoError(t, err) + + // Set the InstallPlan's phase to None + plan.Status.Phase = v1alpha1.InstallPlanPhaseNone + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).UpdateStatus(plan) + require.NoError(t, err) + + // Wait for sub to have status condition SubscriptionInstallPlanPending true and reason InstallPlanNotYetReconciled + sub, err = fetchSubscription(t, crc, ns.GetName(), subName, func(s *v1alpha1.Subscription) bool { + cond := s.Status.GetCondition(v1alpha1.SubscriptionInstallPlanPending) + return cond.Status == corev1.ConditionTrue && cond.Reason == v1alpha1.InstallPlanNotYetReconciled + }) + require.NoError(t, err) + + // Get the latest InstallPlan and set the phase to InstallPlanPhaseRequiresApproval + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).Get(ref.Name, metav1.GetOptions{}) + require.NoError(t, err) + plan.Status.Phase = v1alpha1.InstallPlanPhaseRequiresApproval + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).UpdateStatus(plan) + require.NoError(t, err) + + // Wait for sub to have status condition SubscriptionInstallPlanPending true and reason RequiresApproval + sub, err = fetchSubscription(t, crc, ns.GetName(), subName, func(s *v1alpha1.Subscription) bool { + cond := s.Status.GetCondition(v1alpha1.SubscriptionInstallPlanPending) + return cond.Status == corev1.ConditionTrue && cond.Reason == string(v1alpha1.InstallPlanPhaseRequiresApproval) + }) + require.NoError(t, err) + + // Get the latest InstallPlan and set the phase to InstallPlanPhaseInstalling + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).Get(ref.Name, metav1.GetOptions{}) + require.NoError(t, err) + plan.Status.Phase = v1alpha1.InstallPlanPhaseInstalling + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).UpdateStatus(plan) + require.NoError(t, err) + + // Wait for sub to have status condition SubscriptionInstallPlanPending true and reason Installing + sub, err = fetchSubscription(t, crc, ns.GetName(), subName, func(s *v1alpha1.Subscription) bool { + cond := s.Status.GetCondition(v1alpha1.SubscriptionInstallPlanPending) + return cond.Status == corev1.ConditionTrue && cond.Reason == string(v1alpha1.InstallPlanPhaseInstalling) + }) + require.NoError(t, err) + + // Get the latest InstallPlan and set the phase to InstallPlanPhaseFailed and remove all status conditions + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).Get(ref.Name, metav1.GetOptions{}) + require.NoError(t, err) + plan.Status.Phase = v1alpha1.InstallPlanPhaseFailed + plan.Status.Conditions = nil + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).UpdateStatus(plan) + require.NoError(t, err) + + // Wait for sub to have status condition SubscriptionInstallPlanFailed true and reason InstallPlanFailed + sub, err = fetchSubscription(t, crc, ns.GetName(), subName, func(s *v1alpha1.Subscription) bool { + cond := s.Status.GetCondition(v1alpha1.SubscriptionInstallPlanFailed) + return cond.Status == corev1.ConditionTrue && cond.Reason == v1alpha1.InstallPlanFailed + }) + require.NoError(t, err) + + // Get the latest InstallPlan and set status condition of type Installed to false with reason InstallComponentFailed + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).Get(ref.Name, metav1.GetOptions{}) + require.NoError(t, err) + plan.Status.Phase = v1alpha1.InstallPlanPhaseFailed + failedCond := plan.Status.GetCondition(v1alpha1.InstallPlanInstalled) + failedCond.Status = corev1.ConditionFalse + failedCond.Reason = v1alpha1.InstallPlanReasonComponentFailed + plan.Status.SetCondition(failedCond) + plan, err = crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).UpdateStatus(plan) + require.NoError(t, err) + + // Wait for sub to have status condition SubscriptionInstallPlanFailed true and reason InstallComponentFailed + sub, err = fetchSubscription(t, crc, ns.GetName(), subName, func(s *v1alpha1.Subscription) bool { + cond := s.Status.GetCondition(v1alpha1.SubscriptionInstallPlanFailed) + return cond.Status == corev1.ConditionTrue && cond.Reason == string(v1alpha1.InstallPlanReasonComponentFailed) + }) + require.NoError(t, err) + + // Delete the referenced InstallPlan + require.NoError(t, crc.OperatorsV1alpha1().InstallPlans(ref.Namespace).Delete(ref.Name, &metav1.DeleteOptions{})) + + // Wait for sub to have status condition SubscriptionInstallPlanMissing true + sub, err = fetchSubscription(t, crc, ns.GetName(), subName, func(s *v1alpha1.Subscription) bool { + return s.Status.GetCondition(v1alpha1.SubscriptionInstallPlanMissing).Status == corev1.ConditionTrue + }) + require.NoError(t, err) + require.NotNil(t, sub) + + // Ensure original non-InstallPlan status conditions remain after InstallPlan transitions + hashEqual := comparison.NewHashEqualitor() + for _, cond := range conds { + switch condType := cond.Type; condType { + case v1alpha1.SubscriptionInstallPlanPending, v1alpha1.SubscriptionInstallPlanFailed: + require.FailNowf(t, "failed", "subscription contains unexpected installplan condition: %v", cond) + case v1alpha1.SubscriptionInstallPlanMissing: + require.Equal(t, v1alpha1.ReferencedInstallPlanNotFound, cond.Reason) + default: + require.True(t, hashEqual(cond, sub.Status.GetCondition(condType)), "non-installplan status condition changed") + } + } +} + +func updateInternalCatalog(t *testing.T, c operatorclient.ClientInterface, crc versioned.Interface, catalogSourceName, namespace string, crds []apiextensions.CustomResourceDefinition, csvs []v1alpha1.ClusterServiceVersion, packages []registry.PackageManifest) { + fetchedInitialCatalog, err := fetchCatalogSource(t, crc, catalogSourceName, namespace, catalogSourceRegistryPodSynced) + require.NoError(t, err) + + // Get initial configmap + configMap, err := c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Get(fetchedInitialCatalog.Spec.ConfigMap, metav1.GetOptions{}) + require.NoError(t, err) + + // Update package to point to new csv + manifestsRaw, err := yaml.Marshal(packages) + require.NoError(t, err) + configMap.Data[registry.ConfigMapPackageName] = string(manifestsRaw) + + // Update raw CRDs + var crdsRaw []byte + crdStrings := []string{} + for _, crd := range crds { + crdStrings = append(crdStrings, serializeCRD(t, crd)) + } + crdsRaw, err = yaml.Marshal(crdStrings) + require.NoError(t, err) + configMap.Data[registry.ConfigMapCRDName] = strings.Replace(string(crdsRaw), "- |\n ", "- ", -1) + + // Update raw CSVs + csvsRaw, err := yaml.Marshal(csvs) + require.NoError(t, err) + configMap.Data[registry.ConfigMapCSVName] = string(csvsRaw) + + // Update configmap + _, err = c.KubernetesInterface().CoreV1().ConfigMaps(testNamespace).Update(configMap) + require.NoError(t, err) + + // wait for catalog to update + _, err = fetchCatalogSource(t, crc, catalogSourceName, testNamespace, func(catalog *v1alpha1.CatalogSource) bool { + if catalog.Status.LastSync != fetchedInitialCatalog.Status.LastSync && catalog.Status.ConfigMapResource.ResourceVersion != fetchedInitialCatalog.Status.ConfigMapResource.ResourceVersion { + fmt.Println("catalog updated") + return true + } + fmt.Println("waiting for catalog pod to be available") + return false + }) + require.NoError(t, err) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/tap.jq b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/tap.jq new file mode 100644 index 000000000..3b28de02b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/tap.jq @@ -0,0 +1,19 @@ +if .Test !=null then + . +else + empty +end + +| + +if .Action == "fail" then + "not ok # \(.Test)" +elif .Action == "pass" then + "ok # \(.Test)" +elif .Action == "skip" then + "ok # skip \(.Test)" +elif .Action == "output" then + "# \(.Output)" | rtrimstr("\n") +else + empty +end diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/util_test.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/util_test.go new file mode 100644 index 000000000..ce4eed604 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/e2e/util_test.go @@ -0,0 +1,531 @@ +package e2e + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "strings" + "testing" + "time" + + "github.com/ghodss/yaml" + "github.com/operator-framework/operator-registry/pkg/api/grpc_health_v1" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/require" + "google.golang.org/grpc" + corev1 "k8s.io/api/core/v1" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" + "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + extScheme "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme" + "k8s.io/apimachinery/pkg/api/equality" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + k8sjson "k8s.io/apimachinery/pkg/runtime/serializer/json" + "k8s.io/apimachinery/pkg/util/diff" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/apiserver/pkg/storage/names" + k8sscheme "k8s.io/client-go/kubernetes/scheme" + + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client" + "github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned" + "github.com/operator-framework/operator-lifecycle-manager/pkg/controller/registry" + "github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient" + pmclient "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client" + pmversioned "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/client/clientset/versioned" +) + +const ( + pollInterval = 1 * time.Second + pollDuration = 5 * time.Minute + + olmConfigMap = "olm-operators" + // sync name with scripts/install_local.sh + packageServerCSV = "packageserver.v1.0.0" +) + +var ( + cleaner *namespaceCleaner + genName = names.SimpleNameGenerator.GenerateName + + persistentCatalogNames = []string{olmConfigMap} + nonPersistentCatalogsFieldSelector = createFieldNotEqualSelector("metadata.name", persistentCatalogNames...) + persistentConfigMapNames = []string{olmConfigMap} + nonPersistentConfigMapsFieldSelector = createFieldNotEqualSelector("metadata.name", persistentConfigMapNames...) + persistentCSVNames = []string{packageServerCSV} + nonPersistentCSVFieldSelector = createFieldNotEqualSelector("metadata.name", persistentCSVNames...) +) + +type namespaceCleaner struct { + namespace string + skipCleanupOLM bool +} + +func newNamespaceCleaner(namespace string) *namespaceCleaner { + return &namespaceCleaner{ + namespace: namespace, + skipCleanupOLM: false, + } +} + +// notifyOnFailure checks if a test has failed or cleanup is true before cleaning a namespace +func (c *namespaceCleaner) NotifyTestComplete(t *testing.T, cleanup bool) { + if t.Failed() { + c.skipCleanupOLM = true + } + + if c.skipCleanupOLM || !cleanup { + t.Log("skipping cleanup") + return + } + + cleanupOLM(t, c.namespace) +} + +// newKubeClient configures a client to talk to the cluster defined by KUBECONFIG +func newKubeClient(t *testing.T) operatorclient.ClientInterface { + if kubeConfigPath == nil { + t.Log("using in-cluster config") + } + // TODO: impersonate ALM serviceaccount + // TODO: thread logger from test + return operatorclient.NewClientFromConfig(*kubeConfigPath, logrus.New()) +} + +func newCRClient(t *testing.T) versioned.Interface { + if kubeConfigPath == nil { + t.Log("using in-cluster config") + } + // TODO: impersonate ALM serviceaccount + crclient, err := client.NewClient(*kubeConfigPath) + require.NoError(t, err) + return crclient +} + +func newPMClient(t *testing.T) pmversioned.Interface { + if kubeConfigPath == nil { + t.Log("using in-cluster config") + } + // TODO: impersonate ALM serviceaccount + pmc, err := pmclient.NewClient(*kubeConfigPath) + require.NoError(t, err) + return pmc +} + +// awaitPods waits for a set of pods to exist in the cluster +func awaitPods(t *testing.T, c operatorclient.ClientInterface, namespace, selector string, checkPods podsCheckFunc) (*corev1.PodList, error) { + var fetchedPodList *corev1.PodList + var err error + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetchedPodList, err = c.KubernetesInterface().CoreV1().Pods(namespace).List(metav1.ListOptions{ + LabelSelector: selector, + }) + + if err != nil { + return false, err + } + + t.Logf("Waiting for pods matching selector %s to match given conditions", selector) + + return checkPods(fetchedPodList), nil + }) + + require.NoError(t, err) + return fetchedPodList, err +} + +// podsCheckFunc describes a function that true if the given PodList meets some criteria; false otherwise. +type podsCheckFunc func(pods *corev1.PodList) bool + +// unionPodsCheck returns a podsCheckFunc that represents the union of the given podsCheckFuncs. +func unionPodsCheck(checks ...podsCheckFunc) podsCheckFunc { + return func(pods *corev1.PodList) bool { + for _, check := range checks { + if !check(pods) { + return false + } + } + + return true + } +} + +// podCount returns a podsCheckFunc that returns true if a PodList is of length count; false otherwise. +func podCount(count int) podsCheckFunc { + return func(pods *corev1.PodList) bool { + return len(pods.Items) == count + } +} + +// podsReady returns true if all of the pods in the given PodList have a ready condition with ConditionStatus "True"; false otherwise. +func podsReady(pods *corev1.PodList) bool { + for _, pod := range pods.Items { + if !podReady(&pod) { + return false + } + } + + return true +} + +// podCheckFunc describes a function that returns true if the given Pod meets some criteria; false otherwise. +type podCheckFunc func(pod *corev1.Pod) bool + +// hasPodIP returns true if the given Pod has a PodIP. +func hasPodIP(pod *corev1.Pod) bool { + return pod.Status.PodIP != "" +} + +// podReady returns true if the given Pod has a ready condition with ConditionStatus "True"; false otherwise. +func podReady(pod *corev1.Pod) bool { + var status corev1.ConditionStatus + for _, condition := range pod.Status.Conditions { + if condition.Type != corev1.PodReady { + // Ignore all condition other than PodReady + continue + } + + // Found PodReady condition + status = condition.Status + break + } + + return status == corev1.ConditionTrue +} + +func awaitPod(t *testing.T, c operatorclient.ClientInterface, namespace, name string, checkPod podCheckFunc) *corev1.Pod { + var pod *corev1.Pod + err := wait.Poll(pollInterval, pollDuration, func() (bool, error) { + p, err := c.KubernetesInterface().CoreV1().Pods(namespace).Get(name, metav1.GetOptions{}) + if err != nil { + return false, err + } + pod = p + return checkPod(pod), nil + }) + require.NoError(t, err) + + return pod +} + +func awaitAnnotations(t *testing.T, query func() (metav1.ObjectMeta, error), expected map[string]string) error { + var err error + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + t.Logf("Waiting for annotations to match %v", expected) + obj, err := query() + if err != nil && !errors.IsNotFound(err) { + return false, err + } + t.Logf("current annotations: %v", obj.GetAnnotations()) + + if len(obj.GetAnnotations()) != len(expected) { + return false, nil + } + + for key, value := range expected { + if v, ok := obj.GetAnnotations()[key]; !ok || v != value { + return false, nil + } + } + + t.Logf("Annotations match") + return true, nil + }) + + return err +} + +// compareResources compares resource equality then prints a diff for easier debugging +func compareResources(t *testing.T, expected, actual interface{}) { + if eq := equality.Semantic.DeepEqual(expected, actual); !eq { + t.Fatalf("Resource does not match expected value: %s", + diff.ObjectDiff(expected, actual)) + } +} + +type checkResourceFunc func() error + +func waitForDelete(checkResource checkResourceFunc) error { + var err error + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + err := checkResource() + if errors.IsNotFound(err) { + return true, nil + } + if err != nil { + return false, err + } + return false, nil + }) + + return err +} + +func waitForEmptyList(checkList func() (int, error)) error { + var err error + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + count, err := checkList() + if err != nil { + return false, err + } + if count == 0 { + return true, nil + } + return false, nil + }) + + return err +} + +type catalogSourceCheckFunc func(*v1alpha1.CatalogSource) bool + +// This check is disabled for most test runs, but can be enabled for verifying pod health if the e2e tests are running +// in the same kubernetes cluster as the registry pods (currently this only happens with e2e-local-docker) +var checkPodHealth = false + +func registryPodHealthy(address string) bool { + if !checkPodHealth { + return true + } + + conn, err := grpc.Dial(address, grpc.WithInsecure()) + if err != nil { + fmt.Printf("error connecting: %s\n", err.Error()) + return false + } + health := grpc_health_v1.NewHealthClient(conn) + res, err := health.Check(context.TODO(), &grpc_health_v1.HealthCheckRequest{Service: "Registry"}) + if err != nil { + fmt.Printf("error connecting: %s\n", err.Error()) + return false + } + if res.Status != grpc_health_v1.HealthCheckResponse_SERVING { + fmt.Printf("not healthy: %s\n", res.Status.String()) + return false + } + return true +} + +func catalogSourceRegistryPodSynced(catalog *v1alpha1.CatalogSource) bool { + if !catalog.Status.LastSync.IsZero() && catalog.Status.RegistryServiceStatus != nil { + fmt.Printf("catalog %s pod with address %s\n", catalog.GetName(), catalog.Status.RegistryServiceStatus.Address()) + return registryPodHealthy(catalog.Status.RegistryServiceStatus.Address()) + } + fmt.Println("waiting for catalog pod to be available") + return false +} + +func fetchCatalogSource(t *testing.T, crc versioned.Interface, name, namespace string, check catalogSourceCheckFunc) (*v1alpha1.CatalogSource, error) { + var fetched *v1alpha1.CatalogSource + var err error + + err = wait.Poll(pollInterval, pollDuration, func() (bool, error) { + fetched, err = crc.OperatorsV1alpha1().CatalogSources(namespace).Get(name, metav1.GetOptions{}) + if err != nil || fetched == nil { + fmt.Println(err) + return false, err + } + return check(fetched), nil + }) + + return fetched, err +} + +func createFieldNotEqualSelector(field string, names ...string) string { + var builder strings.Builder + for i, name := range names { + builder.WriteString(field) + builder.WriteString("!=") + builder.WriteString(name) + if i < len(names)-1 { + builder.WriteString(",") + } + } + + return builder.String() +} + +func cleanupOLM(t *testing.T, namespace string) { + var immediate int64 = 0 + crc := newCRClient(t) + c := newKubeClient(t) + + // Cleanup non persistent OLM CRs + t.Log("cleaning up any remaining non persistent resources...") + deleteOptions := &metav1.DeleteOptions{GracePeriodSeconds: &immediate} + listOptions := metav1.ListOptions{} + require.NoError(t, crc.OperatorsV1alpha1().ClusterServiceVersions(namespace).DeleteCollection(deleteOptions, metav1.ListOptions{FieldSelector: nonPersistentCSVFieldSelector})) + require.NoError(t, crc.OperatorsV1alpha1().InstallPlans(namespace).DeleteCollection(deleteOptions, listOptions)) + require.NoError(t, crc.OperatorsV1alpha1().Subscriptions(namespace).DeleteCollection(deleteOptions, listOptions)) + require.NoError(t, crc.OperatorsV1alpha1().CatalogSources(namespace).DeleteCollection(deleteOptions, metav1.ListOptions{FieldSelector: nonPersistentCatalogsFieldSelector})) + + // error: the server does not allow this method on the requested resource + // Cleanup non persistent configmaps + require.NoError(t, c.KubernetesInterface().CoreV1().Pods(namespace).DeleteCollection(deleteOptions, metav1.ListOptions{})) + + var err error + err = waitForEmptyList(func() (int, error) { + res, err := crc.OperatorsV1alpha1().ClusterServiceVersions(namespace).List(metav1.ListOptions{FieldSelector: nonPersistentCSVFieldSelector}) + t.Logf("%d %s remaining", len(res.Items), "csvs") + return len(res.Items), err + }) + require.NoError(t, err) + + err = waitForEmptyList(func() (int, error) { + res, err := crc.OperatorsV1alpha1().InstallPlans(namespace).List(metav1.ListOptions{}) + t.Logf("%d %s remaining", len(res.Items), "installplans") + return len(res.Items), err + }) + require.NoError(t, err) + + err = waitForEmptyList(func() (int, error) { + res, err := crc.OperatorsV1alpha1().Subscriptions(namespace).List(metav1.ListOptions{}) + t.Logf("%d %s remaining", len(res.Items), "subs") + return len(res.Items), err + }) + require.NoError(t, err) + + err = waitForEmptyList(func() (int, error) { + res, err := crc.OperatorsV1alpha1().CatalogSources(namespace).List(metav1.ListOptions{FieldSelector: nonPersistentCatalogsFieldSelector}) + t.Logf("%d %s remaining", len(res.Items), "catalogs") + return len(res.Items), err + }) + require.NoError(t, err) +} + +func buildCatalogSourceCleanupFunc(t *testing.T, crc versioned.Interface, namespace string, catalogSource *v1alpha1.CatalogSource) cleanupFunc { + return func() { + t.Logf("Deleting catalog source %s...", catalogSource.GetName()) + require.NoError(t, crc.OperatorsV1alpha1().CatalogSources(namespace).Delete(catalogSource.GetName(), &metav1.DeleteOptions{})) + } +} + +func buildConfigMapCleanupFunc(t *testing.T, c operatorclient.ClientInterface, namespace string, configMap *corev1.ConfigMap) cleanupFunc { + return func() { + t.Logf("Deleting config map %s...", configMap.GetName()) + require.NoError(t, c.KubernetesInterface().CoreV1().ConfigMaps(namespace).Delete(configMap.GetName(), &metav1.DeleteOptions{})) + } +} + +func buildServiceAccountCleanupFunc(t *testing.T, c operatorclient.ClientInterface, namespace string, serviceAccount *corev1.ServiceAccount) cleanupFunc { + return func() { + t.Logf("Deleting service account %s...", serviceAccount.GetName()) + require.NoError(t, c.KubernetesInterface().CoreV1().ServiceAccounts(namespace).Delete(serviceAccount.GetName(), &metav1.DeleteOptions{})) + } +} + +func createInternalCatalogSource(t *testing.T, c operatorclient.ClientInterface, crc versioned.Interface, name, namespace string, manifests []registry.PackageManifest, crds []apiextensions.CustomResourceDefinition, csvs []v1alpha1.ClusterServiceVersion) (*v1alpha1.CatalogSource, cleanupFunc) { + configMap, configMapCleanup := createConfigMapForCatalogData(t, c, name, namespace, manifests, crds, csvs) + + // Create an internal CatalogSource custom resource pointing to the ConfigMap + catalogSource := &v1alpha1.CatalogSource{ + TypeMeta: metav1.TypeMeta{ + Kind: v1alpha1.CatalogSourceKind, + APIVersion: v1alpha1.CatalogSourceCRDAPIVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + Spec: v1alpha1.CatalogSourceSpec{ + SourceType: "internal", + ConfigMap: configMap.GetName(), + }, + } + catalogSource.SetNamespace(namespace) + + t.Logf("Creating catalog source %s in namespace %s...", name, namespace) + catalogSource, err := crc.OperatorsV1alpha1().CatalogSources(namespace).Create(catalogSource) + if err != nil && !errors.IsAlreadyExists(err) { + require.NoError(t, err) + } + t.Logf("Catalog source %s created", name) + + cleanupInternalCatalogSource := func() { + configMapCleanup() + buildCatalogSourceCleanupFunc(t, crc, namespace, catalogSource)() + } + return catalogSource, cleanupInternalCatalogSource +} + +func createConfigMapForCatalogData(t *testing.T, c operatorclient.ClientInterface, name, namespace string, manifests []registry.PackageManifest, crds []apiextensions.CustomResourceDefinition, csvs []v1alpha1.ClusterServiceVersion) (*corev1.ConfigMap, cleanupFunc) { + // Create a config map containing the PackageManifests and CSVs + configMapName := fmt.Sprintf("%s-configmap", name) + catalogConfigMap := &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: configMapName, + Namespace: namespace, + }, + Data: map[string]string{}, + } + catalogConfigMap.SetNamespace(namespace) + + // Add raw manifests + if manifests != nil { + manifestsRaw, err := yaml.Marshal(manifests) + require.NoError(t, err) + catalogConfigMap.Data[registry.ConfigMapPackageName] = string(manifestsRaw) + } + + // Add raw CRDs + var crdsRaw []byte + if crds != nil { + crdStrings := []string{} + for _, crd := range crds { + crdStrings = append(crdStrings, serializeCRD(t, crd)) + } + var err error + crdsRaw, err = yaml.Marshal(crdStrings) + require.NoError(t, err) + } + catalogConfigMap.Data[registry.ConfigMapCRDName] = strings.Replace(string(crdsRaw), "- |\n ", "- ", -1) + + // Add raw CSVs + if csvs != nil { + csvsRaw, err := yaml.Marshal(csvs) + require.NoError(t, err) + catalogConfigMap.Data[registry.ConfigMapCSVName] = string(csvsRaw) + } + + createdConfigMap, err := c.KubernetesInterface().CoreV1().ConfigMaps(namespace).Create(catalogConfigMap) + if err != nil && !errors.IsAlreadyExists(err) { + require.NoError(t, err) + } + return createdConfigMap, buildConfigMapCleanupFunc(t, c, namespace, createdConfigMap) +} + +func serializeCRD(t *testing.T, crd apiextensions.CustomResourceDefinition) string { + scheme := runtime.NewScheme() + extScheme.AddToScheme(scheme) + k8sscheme.AddToScheme(scheme) + err := v1beta1.AddToScheme(scheme) + require.NoError(t, err) + + out := &v1beta1.CustomResourceDefinition{} + err = scheme.Convert(&crd, out, nil) + require.NoError(t, err) + out.TypeMeta = metav1.TypeMeta{ + Kind: "CustomResourceDefinition", + APIVersion: "apiextensions.k8s.io/v1beta1", + } + + // set up object serializer + serializer := k8sjson.NewYAMLSerializer(k8sjson.DefaultMetaFactory, scheme, scheme) + + // create an object manifest + var manifest bytes.Buffer + err = serializer.Encode(out, &manifest) + require.NoError(t, err) + return manifest.String() +} + +func serializeObject(obj interface{}) string { + bytes, err := json.Marshal(obj) + if err != nil { + return "" + } + return string(bytes) +} diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/test/log/.gitkeep b/vendor/github.com/operator-framework/operator-lifecycle-manager/test/log/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/tools.go b/vendor/github.com/operator-framework/operator-lifecycle-manager/tools.go new file mode 100644 index 000000000..b678e2950 --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/tools.go @@ -0,0 +1,19 @@ +// +build tools + +package tools + +import ( + _ "github.com/golang/mock/mockgen" + _ "github.com/maxbrunsfeld/counterfeiter/v6" + _ "k8s.io/code-generator/cmd/client-gen" + _ "k8s.io/code-generator/cmd/conversion-gen/" + _ "k8s.io/code-generator/cmd/deepcopy-gen" + _ "k8s.io/code-generator/cmd/defaulter-gen" + _ "k8s.io/code-generator/cmd/go-to-protobuf" + _ "k8s.io/code-generator/cmd/import-boss" + _ "k8s.io/code-generator/cmd/informer-gen" + _ "k8s.io/code-generator/cmd/lister-gen" + _ "k8s.io/code-generator/cmd/openapi-gen" + _ "k8s.io/code-generator/cmd/set-gen" + _ "k8s.io/kube-openapi/cmd/openapi-gen" +) diff --git a/vendor/github.com/operator-framework/operator-lifecycle-manager/upstream.Dockerfile b/vendor/github.com/operator-framework/operator-lifecycle-manager/upstream.Dockerfile new file mode 100644 index 000000000..995dbab1b --- /dev/null +++ b/vendor/github.com/operator-framework/operator-lifecycle-manager/upstream.Dockerfile @@ -0,0 +1,29 @@ +FROM golang:1.12-alpine as builder +LABEL stage=builder +WORKDIR /build + +RUN apk update && apk add bash make git mercurial jq + +# copy just enough of the git repo to parse HEAD, used to record version in OLM binaries +COPY .git/HEAD .git/HEAD +COPY .git/refs/heads/. .git/refs/heads +RUN mkdir -p .git/objects +COPY Makefile Makefile +COPY OLM_VERSION OLM_VERSION +COPY pkg pkg +COPY vendor vendor +COPY go.mod go.mod +COPY go.sum go.sum +COPY cmd cmd +COPY test test +RUN make build + +FROM alpine:latest +LABEL stage=olm +WORKDIR / +COPY --from=builder /build/bin/olm /bin/olm +COPY --from=builder /build/bin/catalog /bin/catalog +COPY --from=builder /build/bin/package-server /bin/package-server +EXPOSE 8080 +EXPOSE 5443 +CMD ["/bin/olm"] \ No newline at end of file diff --git a/vendor/google.golang.org/appengine/capability/capability.go b/vendor/google.golang.org/appengine/capability/capability.go index 3a60bd55f..35604d4a4 100644 --- a/vendor/google.golang.org/appengine/capability/capability.go +++ b/vendor/google.golang.org/appengine/capability/capability.go @@ -29,6 +29,11 @@ import ( // If the underlying RPC fails (if the package is unknown, for example), // false is returned and information is written to the application log. func Enabled(ctx context.Context, api, capability string) bool { + // For non datastore*/write requests always return ENABLED + if !(api == "datastore_v3" && capability == "write") { + return true + } + req := &pb.IsEnabledRequest{ Package: &api, Capability: []string{capability}, @@ -38,15 +43,5 @@ func Enabled(ctx context.Context, api, capability string) bool { log.Warningf(ctx, "capability.Enabled: RPC failed: %v", err) return false } - switch *res.SummaryStatus { - case pb.IsEnabledResponse_ENABLED, - pb.IsEnabledResponse_SCHEDULED_FUTURE, - pb.IsEnabledResponse_SCHEDULED_NOW: - return true - case pb.IsEnabledResponse_UNKNOWN: - log.Errorf(ctx, "capability.Enabled: unknown API capability %s/%s", api, capability) - return false - default: - return false - } + return *res.SummaryStatus == pb.IsEnabledResponse_ENABLED } diff --git a/vendor/k8s.io/gengo/args/args.go b/vendor/k8s.io/gengo/args/args.go index 2f8680d1e..7401098c5 100644 --- a/vendor/k8s.io/gengo/args/args.go +++ b/vendor/k8s.io/gengo/args/args.go @@ -74,6 +74,9 @@ type GeneratorArgs struct { // If true, only verify, don't write anything. VerifyOnly bool + // If true, include *_test.go files + IncludeTestFiles bool + // GeneratedBuildTag is the tag used to identify code generated by execution // of this type. Each generator should use a different tag, and different // groups of generators (external API that depends on Kube generations) should @@ -127,6 +130,10 @@ func (g *GeneratorArgs) LoadGoBoilerplate() ([]byte, error) { // directories. func (g *GeneratorArgs) NewBuilder() (*parser.Builder, error) { b := parser.New() + + // flag for including *_test.go + b.IncludeTestFiles = g.IncludeTestFiles + // Ignore all auto-generated files. b.AddBuildTags(g.GeneratedBuildTag) @@ -184,6 +191,9 @@ func (g *GeneratorArgs) Execute(nameSystems namer.NameSystems, defaultSystem str return fmt.Errorf("Failed making a parser: %v", err) } + // pass through the flag on whether to include *_test.go files + b.IncludeTestFiles = g.IncludeTestFiles + c, err := generator.NewContext(b, nameSystems, defaultSystem) if err != nil { return fmt.Errorf("Failed making a context: %v", err) diff --git a/vendor/k8s.io/gengo/examples/set-gen/generators/sets.go b/vendor/k8s.io/gengo/examples/set-gen/generators/sets.go index d0698d33c..8ddce7e3a 100644 --- a/vendor/k8s.io/gengo/examples/set-gen/generators/sets.go +++ b/vendor/k8s.io/gengo/examples/set-gen/generators/sets.go @@ -205,17 +205,19 @@ func $.type|public$KeySet(theMap interface{}) $.type|public$ { } // Insert adds items to the set. -func (s $.type|public$) Insert(items ...$.type|raw$) { +func (s $.type|public$) Insert(items ...$.type|raw$) $.type|public$ { for _, item := range items { s[item] = Empty{} } + return s } // Delete removes all items from the set. -func (s $.type|public$) Delete(items ...$.type|raw$) { +func (s $.type|public$) Delete(items ...$.type|raw$) $.type|public$ { for _, item := range items { delete(s, item) } + return s } // Has returns true if and only if item is contained in the set. diff --git a/vendor/k8s.io/gengo/examples/set-gen/sets/byte.go b/vendor/k8s.io/gengo/examples/set-gen/sets/byte.go index 766f4501e..9bfa85d43 100644 --- a/vendor/k8s.io/gengo/examples/set-gen/sets/byte.go +++ b/vendor/k8s.io/gengo/examples/set-gen/sets/byte.go @@ -46,17 +46,19 @@ func ByteKeySet(theMap interface{}) Byte { } // Insert adds items to the set. -func (s Byte) Insert(items ...byte) { +func (s Byte) Insert(items ...byte) Byte { for _, item := range items { s[item] = Empty{} } + return s } // Delete removes all items from the set. -func (s Byte) Delete(items ...byte) { +func (s Byte) Delete(items ...byte) Byte { for _, item := range items { delete(s, item) } + return s } // Has returns true if and only if item is contained in the set. diff --git a/vendor/k8s.io/gengo/examples/set-gen/sets/int.go b/vendor/k8s.io/gengo/examples/set-gen/sets/int.go index a0a513cd9..88bd70967 100644 --- a/vendor/k8s.io/gengo/examples/set-gen/sets/int.go +++ b/vendor/k8s.io/gengo/examples/set-gen/sets/int.go @@ -46,17 +46,19 @@ func IntKeySet(theMap interface{}) Int { } // Insert adds items to the set. -func (s Int) Insert(items ...int) { +func (s Int) Insert(items ...int) Int { for _, item := range items { s[item] = Empty{} } + return s } // Delete removes all items from the set. -func (s Int) Delete(items ...int) { +func (s Int) Delete(items ...int) Int { for _, item := range items { delete(s, item) } + return s } // Has returns true if and only if item is contained in the set. diff --git a/vendor/k8s.io/gengo/examples/set-gen/sets/int64.go b/vendor/k8s.io/gengo/examples/set-gen/sets/int64.go index 9ca9af0c5..b375a1b06 100644 --- a/vendor/k8s.io/gengo/examples/set-gen/sets/int64.go +++ b/vendor/k8s.io/gengo/examples/set-gen/sets/int64.go @@ -46,17 +46,19 @@ func Int64KeySet(theMap interface{}) Int64 { } // Insert adds items to the set. -func (s Int64) Insert(items ...int64) { +func (s Int64) Insert(items ...int64) Int64 { for _, item := range items { s[item] = Empty{} } + return s } // Delete removes all items from the set. -func (s Int64) Delete(items ...int64) { +func (s Int64) Delete(items ...int64) Int64 { for _, item := range items { delete(s, item) } + return s } // Has returns true if and only if item is contained in the set. diff --git a/vendor/k8s.io/gengo/examples/set-gen/sets/string.go b/vendor/k8s.io/gengo/examples/set-gen/sets/string.go index ba00ad7df..e6f37db88 100644 --- a/vendor/k8s.io/gengo/examples/set-gen/sets/string.go +++ b/vendor/k8s.io/gengo/examples/set-gen/sets/string.go @@ -46,17 +46,19 @@ func StringKeySet(theMap interface{}) String { } // Insert adds items to the set. -func (s String) Insert(items ...string) { +func (s String) Insert(items ...string) String { for _, item := range items { s[item] = Empty{} } + return s } // Delete removes all items from the set. -func (s String) Delete(items ...string) { +func (s String) Delete(items ...string) String { for _, item := range items { delete(s, item) } + return s } // Has returns true if and only if item is contained in the set. diff --git a/vendor/k8s.io/gengo/generator/import_tracker.go b/vendor/k8s.io/gengo/generator/import_tracker.go index 5d058410a..5d87de4ff 100644 --- a/vendor/k8s.io/gengo/generator/import_tracker.go +++ b/vendor/k8s.io/gengo/generator/import_tracker.go @@ -17,6 +17,7 @@ limitations under the License. package generator import ( + "go/token" "strings" "k8s.io/klog" @@ -58,6 +59,11 @@ func golangTrackerLocalName(tracker namer.ImportTracker, t types.Name) string { // This name collides with some other package continue } + + // If the import name is a Go keyword, prefix with an underscore. + if token.Lookup(name).IsKeyword() { + name = "_" + name + } return name } panic("can't find import for " + path) diff --git a/vendor/k8s.io/gengo/generator/import_tracker_test.go b/vendor/k8s.io/gengo/generator/import_tracker_test.go new file mode 100644 index 000000000..d9a881971 --- /dev/null +++ b/vendor/k8s.io/gengo/generator/import_tracker_test.go @@ -0,0 +1,75 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package generator + +import ( + "reflect" + "testing" + + "k8s.io/gengo/types" +) + +func TestNewImportTracker(t *testing.T) { + tests := []struct { + name string + inputTypes []*types.Type + expectedImports []string + }{ + { + name: "empty", + inputTypes: []*types.Type{}, + expectedImports: []string{}, + }, + { + name: "builtin", + inputTypes: []*types.Type{ + {Name: types.Name{Package: "net/http"}}, + }, + expectedImports: []string{ + `http "net/http"`, + }, + }, + { + name: "sorting", + inputTypes: []*types.Type{ + {Name: types.Name{Package: "foo/bar/pkg2"}}, + {Name: types.Name{Package: "foo/bar/pkg1"}}, + }, + expectedImports: []string{ + `pkg1 "foo/bar/pkg1"`, + `pkg2 "foo/bar/pkg2"`, + }, + }, + { + name: "reserved-keyword", + inputTypes: []*types.Type{ + {Name: types.Name{Package: "my/reserved/pkg/struct"}}, + }, + expectedImports: []string{ + `_struct "my/reserved/pkg/struct"`, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + actualImports := NewImportTracker(tt.inputTypes...).ImportLines() + if !reflect.DeepEqual(actualImports, tt.expectedImports) { + t.Errorf("ImportLines(%v) = %v, want %v", tt.inputTypes, actualImports, tt.expectedImports) + } + }) + } +} diff --git a/vendor/k8s.io/gengo/parser/parse.go b/vendor/k8s.io/gengo/parser/parse.go index 1c6c55019..6a3d53b25 100644 --- a/vendor/k8s.io/gengo/parser/parse.go +++ b/vendor/k8s.io/gengo/parser/parse.go @@ -43,6 +43,9 @@ type importPathString string type Builder struct { context *build.Context + // If true, include *_test.go + IncludeTestFiles bool + // Map of package names to more canonical information about the package. // This might hold the same value for multiple names, e.g. if someone // referenced ./pkg/name or in the case of vendoring, which canonicalizes @@ -304,11 +307,17 @@ func (b *Builder) addDir(dir string, userRequested bool) error { b.absPaths[pkgPath] = buildPkg.Dir } - for _, n := range buildPkg.GoFiles { - if !strings.HasSuffix(n, ".go") { + files := []string{} + files = append(files, buildPkg.GoFiles...) + if b.IncludeTestFiles { + files = append(files, buildPkg.TestGoFiles...) + } + + for _, file := range files { + if !strings.HasSuffix(file, ".go") { continue } - absPath := filepath.Join(buildPkg.Dir, n) + absPath := filepath.Join(buildPkg.Dir, file) data, err := ioutil.ReadFile(absPath) if err != nil { return fmt.Errorf("while loading %q: %v", absPath, err) diff --git a/vendor/k8s.io/gengo/parser/parse_test.go b/vendor/k8s.io/gengo/parser/parse_test.go index dbf21d151..5ce3c6a4b 100644 --- a/vendor/k8s.io/gengo/parser/parse_test.go +++ b/vendor/k8s.io/gengo/parser/parse_test.go @@ -42,15 +42,50 @@ func TestRecursive(t *testing.T) { t.Fatalf("Fail finding types: %v", err) } foundB := false + foundC := false for _, p := range b.FindPackages() { t.Logf("Package: %v", p) if p == "k8s.io/gengo/testdata/a/b" { foundB = true } + if p == "k8s.io/gengo/testdata/a/c" { + foundC = true + } } if !foundB { t.Errorf("Expected to find packages a and b") } + if foundC { + t.Error("Did not expect to find package c") + } +} + +func TestRecursiveWithTestGoFiles(t *testing.T) { + d := args.Default() + d.IncludeTestFiles = true + d.InputDirs = []string{"k8s.io/gengo/testdata/a/..."} + b, err := d.NewBuilder() + if err != nil { + t.Fatalf("Fail making builder: %v", err) + } + _, err = b.FindTypes() + if err != nil { + t.Fatalf("Fail finding types: %v", err) + } + foundB := false + foundC := false + for _, p := range b.FindPackages() { + t.Logf("Package: %v", p) + if p == "k8s.io/gengo/testdata/a/b" { + foundB = true + } + if p == "k8s.io/gengo/testdata/a/c" { + foundC = true + } + } + if !foundC || !foundB { + t.Errorf("Expected to find packages a, b and c") + } } type file struct { diff --git a/vendor/k8s.io/gengo/testdata/a/c/c_test.go b/vendor/k8s.io/gengo/testdata/a/c/c_test.go new file mode 100644 index 000000000..de80c8c9d --- /dev/null +++ b/vendor/k8s.io/gengo/testdata/a/c/c_test.go @@ -0,0 +1,17 @@ +/* +Copyright YEAR The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package c diff --git a/vendor/sigs.k8s.io/testing_frameworks/integration/addr/manager_test.go b/vendor/sigs.k8s.io/testing_frameworks/integration/addr/manager_test.go index 974467d8d..6cdf27dd0 100644 --- a/vendor/sigs.k8s.io/testing_frameworks/integration/addr/manager_test.go +++ b/vendor/sigs.k8s.io/testing_frameworks/integration/addr/manager_test.go @@ -3,8 +3,8 @@ package addr_test import ( "sigs.k8s.io/testing_frameworks/integration/addr" - "fmt" "net" + "strconv" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -15,10 +15,10 @@ var _ = Describe("SuggestAddress", func() { port, host, err := addr.Suggest() Expect(err).NotTo(HaveOccurred()) - Expect(host).To(Equal("127.0.0.1")) + Expect(host).To(Or(Equal("127.0.0.1"), Equal("::1"))) Expect(port).NotTo(Equal(0)) - addr, err := net.ResolveTCPAddr("tcp", fmt.Sprintf("%s:%d", host, port)) + addr, err := net.ResolveTCPAddr("tcp", net.JoinHostPort(host, strconv.Itoa(port))) Expect(err).NotTo(HaveOccurred()) l, err := net.ListenTCP("tcp", addr) defer func() { diff --git a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd.go b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd.go index 4c948cfd1..1fb093ade 100644 --- a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd.go +++ b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd.go @@ -1,6 +1,8 @@ package internal -import "net/url" +import ( + "net/url" +) var EtcdDefaultArgs = []string{ "--listen-peer-urls=http://localhost:0", @@ -28,9 +30,9 @@ func isSecureScheme(scheme string) bool { func GetEtcdStartMessage(listenUrl url.URL) string { if isSecureScheme(listenUrl.Scheme) { // https://github.com/coreos/etcd/blob/a7f1fbe00ec216fcb3a1919397a103b41dca8413/embed/serve.go#L167 - return "serving client requests on " + listenUrl.Hostname() + return "serving client requests on " } // https://github.com/coreos/etcd/blob/a7f1fbe00ec216fcb3a1919397a103b41dca8413/embed/serve.go#L124 - return "serving insecure client requests on " + listenUrl.Hostname() + return "serving insecure client requests on " } diff --git a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd_test.go b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd_test.go index 449b1ac6c..cc0ed42a4 100644 --- a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd_test.go +++ b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/etcd_test.go @@ -33,7 +33,7 @@ var _ = Describe("GetEtcdStartMessage()", func() { Host: "some.insecure.host:1234", } message := GetEtcdStartMessage(url) - Expect(message).To(Equal("serving insecure client requests on some.insecure.host")) + Expect(message).To(Equal("serving insecure client requests on ")) }) }) Context("when using a tls URL", func() { @@ -43,7 +43,7 @@ var _ = Describe("GetEtcdStartMessage()", func() { Host: "some.secure.host:8443", } message := GetEtcdStartMessage(url) - Expect(message).To(Equal("serving client requests on some.secure.host")) + Expect(message).To(Equal("serving client requests on ")) }) }) }) diff --git a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process.go b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process.go index 9e536f3cb..f6817976f 100644 --- a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process.go +++ b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process.go @@ -4,11 +4,13 @@ import ( "fmt" "io" "io/ioutil" + "net" "net/http" "net/url" "os" "os/exec" "path" + "strconv" "time" "github.com/onsi/gomega/gbytes" @@ -75,7 +77,7 @@ func DoDefaulting( } defaults.URL = url.URL{ Scheme: "http", - Host: fmt.Sprintf("%s:%d", host, port), + Host: net.JoinHostPort(host, strconv.Itoa(port)), } } else { defaults.URL = *listenUrl diff --git a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process_test.go b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process_test.go index b28140211..a182c5b51 100644 --- a/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process_test.go +++ b/vendor/sigs.k8s.io/testing_frameworks/integration/internal/process_test.go @@ -2,12 +2,13 @@ package internal_test import ( "bytes" - "fmt" "io/ioutil" + "net" "net/http" "net/url" "os" "os/exec" + "strconv" "time" . "github.com/onsi/ginkgo" @@ -97,7 +98,7 @@ var _ = Describe("Start method", func() { processState.URL = url.URL{ Scheme: "http", - Host: fmt.Sprintf("%s:%d", host, port), + Host: net.JoinHostPort(host, strconv.Itoa(port)), } err = processState.Start(nil, nil)